문제정보 ㆍ 로그인 서비스입니다. ㆍ SQL INJECTION 취약점을 통해 플래그를 획득하세요.
플래그는 flag.txt, FLAG 변수에 있습니다. 주요 소스코드(app.py) userid = request.form.get('userid') userpassword = request.form.get('userpassword') res = query_db(f'select * from users where userid="{userid}" and userpassword="{userpassword}"') if res: userid = res[0] if userid == 'admin': return f'hello {userid} flag is {FLAG}' return f'alert("hello {userid}");history.go(-1);' return 'alert("wrong");history.go(-1);' ㆍ3번째 줄과 ...
![[Dreamhack] simple_sqli](https://mblogthumb-phinf.pstatic.net/MjAyMTA3MTNfMTQ2/MDAxNjI2MTAyODQzOTM3.IVJyzuV_j_8OFMMYT768n7TAQVH-jwSKcSBPBTZzTYYg.Se_xjI9RVYptikPS0V3y1StXghFQwgGD6lys9QW1dXkg.PNG.ster098/image.png?type=w2)
#
Dreamhack
#
simpiesqli
#
sqlinjection
#
SQL인젝션
원문 링크 : [Dreamhack] simple_sqli
