rosieblue
๋ณดํ˜ธ๋˜์–ด ์žˆ๋Š” ๊ธ€์ž…๋‹ˆ๋‹ค. ๋‚ด์šฉ์„ ๋ณด์‹œ๋ ค๋ฉด ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ์ž…๋ ฅํ•ด์ฃผ์„ธ์š”.
article thumbnail
[๋“œ๋ฆผํ•ต(Dreamhack) random-test
๐Ÿ” Security/Web 2023. 9. 26. 19:07

์ด๋Ÿฐ์‹์œผ๋กœ ์‚ฌ๋ฌผํ•จ์ด๋ž‘ ์ž๋ฌผ์‡  ๋น„๋ฒˆ์„ ๋งž์ถฐ์•ผํ•˜๋Š” ๋ฌธ์ œ์ด๋‹ค ์‚ฌ๋ฌผํ•จ ๋ฒˆํ˜ธ๋Š” ์•ŒํŒŒ๋ฒณ ์†Œ๋ฌธ์ž ํ˜น์€ ์ˆซ์ž๋ฅผ ํฌํ•จํ•˜๋Š” 4์ž๋ฆฌ ๋žœ๋ค ๋ฌธ์ž์—ด์ด๊ณ , ๋น„๋ฐ€๋ฒˆํ˜ธ๋Š” 100 ์ด์ƒ 200 ์ดํ•˜์˜ ๋žœ๋ค ์ •์ˆ˜๋ผ๊ณ  ํ•œ๋‹ค #!/usr/bin/python3 from flask import Flask, request, render_template import string import random app = Flask(__name__) try: FLAG = open("./flag.txt", "r").read() # flag is here! except: FLAG = "[**FLAG**]" rand_str = "" alphanumeric = string.ascii_lowercase + string.digits #์†Œ๋ฌธ์ž or ์ˆซ์ž for i in..

article thumbnail
[๋“œ๋ฆผํ•ต(Dreamhack)] file-download-1
๐Ÿ” Security/Web 2023. 9. 26. 17:34

์Šคํฌ๋ฆฝํŠธ ํŒŒ์ผ์„ ์ž…๋ ฅ์„ ํ–ˆ๋”๋‹ˆ ์‹คํ–‰์ด ๋˜์ง€ ์•Š์•˜๋‹ค. ์ด์™€ ๊ฐ™์€ ํƒœ๊ทธ๋Š” ์šฐํšŒํ•˜๊ณ  ์žˆ๋‚˜๋ณด๋‹ค ์ด๋Ÿฐ์‹์œผ๋กœ path traversal์„ ์‹œ๋„ํ•ด๋ณด์•˜๋Š”๋ฐ ์•ˆ๋˜์—ˆ๋‹ค ์ฝ”๋“œ๊ฐ€ ์–ด๋–ป๊ฒŒ ์ด๋ฃจ์–ด์ ธ์žˆ๋Š”์ง€ ์ด์ œ ๋œฏ์–ด๋ณด๋„๋ก ํ•˜๊ฒ ๋‹ค #!/usr/bin/env python3 import os import shutil from flask import Flask, request, render_template, redirect from flag import FLAG APP = Flask(__name__) UPLOAD_DIR = 'uploads' @APP.route('/') def index(): files = os.listdir(UPLOAD_DIR) return render_template('index.html', files=files) @..

article thumbnail
[๋“œ๋ฆผํ•ต(Dreamhack)] xss-1
๐Ÿ” Security/Web 2023. 9. 22. 22:22

@app.route("/flag", methods=["GET", "POST"]) def flag(): if request.method == "GET": return render_template("flag.html") elif request.method == "POST": param = request.form.get("param") form์—์„œ param์„ param์œผ๋กœ ์ €์žฅ if not check_xss(param, {"name": "flag", "value": FLAG.strip()}): return '' return '' ์—ฌ๊ธฐ์„œ check_xss(param, {"name": "flag", "value": FLAG.strip()}) ํ˜ธ์ถœ param์€ ์šฐ๋ฆฌ๊ฐ€ flag์—์„œ form์œผ๋กœ ์ž…๋ ฅํ•œ ์ธ์ž. @ap..

article thumbnail
[BurpSuite] Cluster Bomb Attack
๐Ÿ” Security/Web 2023. 3. 6. 15:55

์˜ค๋Š˜์€ ๋ฒ„ํ”„์Šค์œ„ํŠธ์˜ cluster bomb ๊ธฐ๋Šฅ์„ ๋Œ€์ถฉ ์š”์•ฝํ•œ ๊ธ€์ด๋‹ค. ์ฃผ์ €๋ฆฌ ๋งŽ์Œใ…Žใ…Ž ใ…  Burp Suite์˜ Intruder๋ฅผ ์ด์šฉํ•ด Blind SQL Injection์„ ์ง„ํ–‰ํ•˜๋˜ ๋„์ค‘ ๋ณ€์ˆ˜ 2๊ฐœ์— ๋Œ€ํ•ด ๊ฐ๊ธฐ ๋‹ค๋ฅธ ๊ทœ์น™์„ ์ ์šฉํ•ด์ฃผ์–ด์•ผํ•˜๋Š” ์ผ์ด ์žˆ์—ˆ๋‹ค. ๋‚˜๋Š” ๋ฐ”๋ณด๊ฐ™์ด......... Cluster Bomb์ด๋ผ๋Š” ๋ฉ‹์ง„ ์•„์ด๊ฐ€ ์žˆ๋Š” ์ค„๋„ ๋ชจ๋ฅด๊ณ  ...... ์ˆ˜๋™์œผ๋กœ ๊ณต๊ฒฉ์„ ์ง„ํ–‰ํ–ˆ๋‹ค....... ์œ„ ๊ธ€์— ๋”ฐ๋ฅด๋ฉด "This attack iterates through a different payload set for each defined position. The Cluster Bomb Attack is useful where an attack requires unrelated or unknown input t..