목록전체 글 (246)

웹찢남

Darkelf-writeup

include "./config.php";   login_chk();   $db = dbconnect();    if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~");   if(preg_match('/or|and/i', $_GET[pw])) exit("HeHe");   $query = "select id from prob_darkelf where id='guest' and pw='{$_GET[pw]}'";   echo "query : {$query}";   $result = @mysqli_fetch_array(mysqli_query($db,$query));   if($result['id']) echo "Hello {$result[id]}"..
WEB_HACKING/los.rubiya.kr 2019. 12. 27. 21:01
Wolfman-writeup

include "./config.php";   login_chk();   $db = dbconnect();   if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~");   if(preg_match('/ /i', $_GET[pw])) exit("No whitespace ~_~");   $query = "select id from prob_wolfman where id='guest' and pw='{$_GET[pw]}'";   echo "query : {$query}";   $result = @mysqli_fetch_array(mysqli_query($db,$query));   if($result['id']) echo "Hello {$resul..
WEB_HACKING/los.rubiya.kr 2019. 12. 27. 21:00
Orc-writeup

include "./config.php";   login_chk();   $db = dbconnect();   if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~");   $query = "select id from prob_orc where id='admin' and pw='{$_GET[pw]}'";   echo "query : {$query}";   $result = @mysqli_fetch_array(mysqli_query($db,$query));   if($result['id']) echo "Hello admin";      $_GET[pw] = addslashes($_GET[pw]);   $query = "select pw from..
WEB_HACKING/los.rubiya.kr 2019. 12. 27. 20:58
Goblin-writeup

include "./config.php";   login_chk();   $db = dbconnect();   if(preg_match('/prob|_|\.|\(\)/i', $_GET[no])) exit("No Hack ~_~");   if(preg_match('/\'|\"|\`/i', $_GET[no])) exit("No Quotes ~_~");   $query = "select id from prob_goblin where id='guest' and no={$_GET[no]}";   echo "query : {$query}";   $result = @mysqli_fetch_array(mysqli_query($db,$query));   if($result['id']) echo "Hello {$resul..
WEB_HACKING/los.rubiya.kr 2019. 12. 27. 20:52
Cobolt-writeup

include "./config.php";   login_chk();  $db = dbconnect();  if(preg_match('/prob|_|\.|\(\)/i', $_GET[id])) exit("No Hack ~_~");   if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~");   $query = "select id from prob_cobolt where id='{$_GET[id]}' and pw=md5('{$_GET[pw]}')";   echo "query : {$query}";   $result = @mysqli_fetch_array(mysqli_query($db,$query));   if($result['id'] == 'a..
WEB_HACKING/los.rubiya.kr 2019. 12. 27. 20:45
gremlin -writeup

include "./config.php";  login_chk();  $db = dbconnect();  if(preg_match('/prob|_|\.|\(\)/i', $_GET[id])) exit("No Hack ~_~"); // do not try to attack another table, database!  if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~");  $query = "select id from prob_gremlin where id='{$_GET[id]}' and pw='{$_GET[pw]}'";  echo "query : {$query}";  $result = @mysqli_fetch_array(mysqli_quer..
WEB_HACKING/los.rubiya.kr 2019. 12. 27. 20:42
Prev 1 ··· 38 39 40 41 Next