Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
blind inject
import string
import requests
s = requests.Session()
def judge(text):
return True
def get(url):
return s.get(url)
def post(url, data):
return s.post(url, data=data)
def test(payload):
url = ""
data = {
}
return post(url, data)
def blind_inject(s):
r = ''
while True:
left = 0
right = 128
while left <= right:
mid = (left + right) // 2
c = chr(mid)
if c == "'" or c == "#":
mid += 1
c = chr(mid)
payload = s.format(len(r)+1, c)
#print(payload)
if judge(test(payload).text):
left = mid + 1
else:
right = mid - 1
if left == 0 or left == 32:
break
else:
print(left)
r += chr(left)
print(r)
return r
def main():
blind_inject("")
if __name__ == '__main__':
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment