2019-03-09から1日間の記事一覧
1. strcmp bypass http://wargame.kr:8080/strcmp/ ソースコード(PHP) ... $password = sha1(md5(rand().file_get_contents("/var/lib/dummy_file")).rand()); if (isset($_GET['view-source'])) { show_source(__FILE__); exit(); }else if(isset($_POST['p…
php md5($a,true) bypass: fuzz1: 129581926211651571912466741651878684928 SQL Injection ↑ fuzz2: ffifdyop ↑ SQL Injection php md5(v1)==md5(v2) bypass: v1: 240610708 v2: QNKCDZO stackoverflow.com