I have a problem sending data via http post Go to the Blinded by the light challenge
Global Rank: 3356
Totalscore: 6118
Posts: 6
Thanks: 2
UpVotes: 2
Registered: 11y 266d
Last Seen: 53d 7h
The User is Offline
I have a problem sending data via http post
May 17, 2014 - 15:55:27 (10y 179d)
May 17, 2014 - 15:55:27 (10y 179d)
Following python code(2.7.5) is expected to show "Welcome back, user." But it shows "Your password is wrong," (This code does not contain the solution related to this challenge)
import re
import urllib
import urllib2
url = 'http://www.wechall.net/challenge/blind_light/index.php'
headers = { 'Cookie' : 'WC=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'}
values = {'inject' : "' or 1=1#"}
data = urllib.urlencode(values)
req = urllib2.Request(url, data, headers)
response = urllib2.urlopen(req)
html = response.read()
print html
if re.findall("Welcome back, user.",html):
print "success",
else:
print "fail",
I tested this code with my testing website, and it worked well. But in wechall.net it didn't work as expected. Just sending one apostrophe or %27 through this code didn't show 'Database error'. What's the problem?
import urllib
import urllib2
url = 'http://www.wechall.net/challenge/blind_light/index.php'
headers = { 'Cookie' : 'WC=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'}
values = {'inject' : "' or 1=1#"}
data = urllib.urlencode(values)
req = urllib2.Request(url, data, headers)
response = urllib2.urlopen(req)
html = response.read()
print html
if re.findall("Welcome back, user.",html):
print "success",
else:
print "fail",
I tested this code with my testing website, and it worked well. But in wechall.net it didn't work as expected. Just sending one apostrophe or %27 through this code didn't show 'Database error'. What's the problem?
Global Rank: 31
Totalscore: 316785
Posts: 22
Thanks: 34
UpVotes: 31
Registered: 15y 267d
Last Seen: 3y 97d
The User is Offline
RE: I have a problem sending data via http post
May 17, 2014 - 15:58:55 (10y 179d)
May 17, 2014 - 15:58:55 (10y 179d)
Maybe you need to add "Content-Type: application/x-www-form-urlencoded" header field?
Global Rank: 3356
Totalscore: 6118
Posts: 6
Thanks: 2
UpVotes: 2
Registered: 11y 266d
Last Seen: 53d 7h
The User is Offline
RE: I have a problem sending data via http post
May 17, 2014 - 16:05:25 (10y 179d)
May 17, 2014 - 16:05:25 (10y 179d)
I tried, but it didn't work.
Global Rank: 3356
Totalscore: 6118
Posts: 6
Thanks: 2
UpVotes: 2
Registered: 11y 266d
Last Seen: 53d 7h
The User is Offline
RE: I have a problem sending data via http post
May 17, 2014 - 16:50:51 (10y 179d)
May 17, 2014 - 16:50:51 (10y 179d)
I solved the problem, I should have sent 2 data, {'inject' : "Inject", 'injection' : "~~query~~"}
Redknee, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 6739 times.
1 people are watching the thread at the moment.
This thread has been viewed 6739 times.