반응형 분류 전체보기151 load of sql injection darkknight include "../config.php"; login_chk(); dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[no])) exit("No Hack ~_~"); if(preg_match('/\'/i', $_GET[pw])) exit("HeHe"); if(preg_match('/\'|substr|ascii|=/i', $_GET[no])) exit("HeHe"); $query = "select id from prob_darkknight where id='guest' and pw='{$_GET[pw]}' and no={$_GET[no]}"; echo "query : {$query}"; $result = @mysql_fetch_ar.. 2016. 9. 14. load of sql inejction golem include "../config.php"; login_chk(); dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/or|and|substr\(|=/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_golem where id='guest' and pw='{$_GET[pw]}'"; echo "query : {$query}"; $result = @mysql_fetch_array(mysql_query($query)); if($result['id']) echo "Hello {$result[id]}"; .. 2016. 9. 14. load of sql injection skeleton include "../config.php"; login_chk(); dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); $query = "select id from prob_skeleton where id='guest' and pw='{$_GET[pw]}' and 1=0"; echo "query : {$query}"; $result = @mysql_fetch_array(mysql_query($query)); if($result['id'] == 'admin') solve("skeleton"); highlight_file(__FILE__); ?>소스코드 분석음... 딱히 어려운 부분이 없.. 2016. 9. 13. load of sql injection vampire include "../config.php"; login_chk(); dbconnect(); if(preg_match('/\'/i', $_GET[id])) exit("No Hack ~_~"); $_GET[id] = str_replace("admin","",$_GET[id]); $query = "select id from prob_vampire where id='{$_GET[id]}'"; echo "query : {$query}"; $result = @mysql_fetch_array(mysql_query($query)); if($result['id'] == 'admin') solve("vampire"); highlight_file(__FILE__); ?>소스코드 분석음... .. 2016. 9. 13. 이전 1 ··· 33 34 35 36 37 38 다음