Join을 누르면 Access_Denied 창이 뜨고, Login을 눌렀을 때는 아이디와 패스워드를 입력하는 폼이 나온다.
이것저것 입력해봤지만, Wrong password만 출력되고 다른 반응이 없다.
login하기전에 join을 해야될 것같아 /mem/join.php로 들어가봤다.
bye창이 뜨고, 소스코드를 보니 이상한 문자들로 되어있었다 !
console창에 입력해 코드를 실행시켜보았다.
l='a';ll='b';lll='c';llll='d';lllll='e';llllll='f';lllllll='g';llllllll='h';lllllllll='i';llllllllll='j';lllllllllll='k';llllllllllll='l';lllllllllllll='m';llllllllllllll='n';lllllllllllllll='o';llllllllllllllll='p';lllllllllllllllll='q';llllllllllllllllll='r';lllllllllllllllllll='s';llllllllllllllllllll='t';lllllllllllllllllllll='u';llllllllllllllllllllll='v';lllllllllllllllllllllll='w';llllllllllllllllllllllll='x';lllllllllllllllllllllllll='y';llllllllllllllllllllllllll='z';I='1';II='2';III='3';IIII='4';IIIII='5';IIIIII='6';IIIIIII='7';IIIIIIII='8';IIIIIIIII='9';IIIIIIIIII='0';li='.';ii='<';iii='>';lIllIllIllIllIllIllIllIllIllIl=lllllllllllllll+llllllllllll+llll+llllllllllllllllllllllllll+lllllllllllllll+lllllllllllll+ll+lllllllll+lllll;
lIIIIIIIIIIIIIIIIIIl=llll+lllllllllllllll+lll+lllllllllllllllllllll+lllllllllllll+lllll+llllllllllllll+llllllllllllllllllll+li+lll+lllllllllllllll+lllllllllllllll+lllllllllll+lllllllll+lllll;
document.write('<font size=2 color=white>Join</font><p>');document.write('.<p>.<p>.<p>.<p>.<p>');document.write('<form method=post action='+llllllllll+lllllllllllllll+lllllllll+llllllllllllll+li+llllllllllllllll+llllllll+llllllllllllllll
+'>');document.write('<table border=1><tr><td><font color=gray>id</font></td><td><input type=text name='+lllllllll+llll+' maxlength=20></td></tr>');document.write('<tr><td><font color=gray>pass</font></td><td><input type=text name='+llllllllllllllll+lllllllllllllllllllllll+'></td></tr>');document.write('<tr align=center><td colspan=2><input type=submit></td></tr></form></table>');-> console창에 입력한 코드
id와 pass를 입력하는 폼이 떴다 o(*'▽'*)/☆゚’ !
id : admin / pass : admin 을 입력해보니
이미 있다구... (•ε•;)
다른 아이디로 가입하고, 로그인했더니 admin으로 로그인하란다..,
그래서 admin 대신 id : (공백)(공백)admin / pass : 1234 로 가입했다.
이제 다시 mem/login.php로 돌아가서 id : (공백)(공백)admin / pass : 1234 를 입력해주면 성공 !!꒰( ˵¯͒ꇴ¯͒˵ )꒱
'WEB > webhacking.kr (old)' 카테고리의 다른 글
| webhacking.kr 46번 (0) | 2020.04.05 |
|---|---|
| webhacking.kr 7번 (0) | 2020.04.05 |
| webhacking.kr 33번 (0) | 2020.04.04 |
| webhacking.kr 57번 (0) | 2020.03.29 |
| webhacking.kr 45번 (0) | 2020.03.22 |