I hereby claim:
- I am geoffchisnall on github.
- I am mooncakeza (https://keybase.io/mooncakeza) on keybase.
- I have a public key ASBHBLNJcq-UtGC-E-djXbA0IG2HdtLfhHmpZUdjNq6VWgo
To claim this, I am signing this object:
#!/usr/bin/python3 | |
#https://portswigger.net/web-security/sql-injection/blind/lab-conditional-errors | |
#FInd the length of the password and bruteforce it. | |
import requests,string | |
url = 'https://0a23003f0404ba6dc15226a500cf0001.web-security-academy.net/' | |
s = requests.Session() | |
r = s.get(url) |
#!/usr/bin/python3 | |
#https://portswigger.net/web-security/sql-injection/blind/lab-conditional-responses | |
#Script to get the password length and then get the password. | |
import requests,string | |
url = 'https://0a7a006b04e00d86c087908900db009f.web-security-academy.net' | |
s = requests.Session() | |
r = s.get(url) |
#!/usr/bin/python3 | |
#Little bruteforce that checks the Content-Length for difference. | |
import requests | |
char_list = ["!","{","}","_","a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z","0","1","2","3","4","5","6","7","8","9","A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z","@","#","$","%","^","&",",",'(',')',"-",':',';','.'] | |
password = '' | |
TARGET_URL = 'http://127.0.0.1:8080' |
I hereby claim:
To claim this, I am signing this object: