Tag:爆破

Tag (爆破)'s result:

dvwa1.9之brute force

Low: 源码: <?php if( isset( $_GET[ ‘Login’ ] ) ) { // Get username $user = $_GET[ ‘username’ ]; // Get password $pass = $_GET[ ‘password’ ]; $pass = md5( $pass ); // Check the database $query = “SELECT * FROM `users` WHERE user = ‘$user’ AND password = ‘$pass’;”; $result = mysql_query( $query ) or die( ‘<pre>’ . mysql_error() . ‘</pre>’ ); if( $result && mysql_num_rows( $result ) == 1 ) { // Get users details $avatar = mysql_result( $result, 0, “avatar” ); // Login successful echo “<p>Welcome to the password protected area {$user}</p>”; echo “<img src=\”{$avatar}\” />”; } else { // Login failed echo “<pre><br />Username and/or password incorrect.</pre>”; } mysql_close(); } ?> 没有任何防爆破机制,还有SQL注入漏洞 直接burpsuite爆破密码   Medium: 源码: <?php if( isset( $_GET[ ‘Login’ ] ) ) { // Sanitise username input $user = $_GET[ ‘username’ ]; $user = mysql_real_escape_string( $user ); // Sanitise password input $pass = $_GET[ ‘password’ ]; $pass = mysql_real_escape_string( $pass ); $pass = md5( $pass ); // Check the database $query = “SELECT *……

hackinglab.cn系列->脚本关.逗比验证码系列

逗比验证码第一期: 思路:经测算验证码输入一次后可以填写多次密码而不用重新填验证码,直接爆破 上神器:   逗比验证码第二期: 思路:验证码只能用一次了,但是可以先请求一次得到pwd error,然后验证码去掉(不填),再去请求,发现可以得到pwd error而不是vcode error,又到爆破   逗比验证码第三期: 这个感觉没有变动啊,还是和第二期一样就可以了,好像没session啥事……