Last active
February 20, 2018 02:57
-
-
Save onokatio/90eac2fe6d2cca195721cadcdb3b454c to your computer and use it in GitHub Desktop.
SECCON2017国内決勝大会 Write-up ref: https://qiita.com/onokatio/items/95ba13f7d4facd09be6c
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl -Ss http://umeda.koth.seccon/login|tr '<>' '\n\n' > a ; rg "csrf_name" a|sed -E 's/.*(name=)(.*)(value)/\1/'|sed -E 's/name=="//'|sed -E 's/"//' > csrf_name ; rg "csrf_value" a|sed -E 's/.*(name=)(.*)(value)/\1/'|sed -E 's/name=="//'|sed -E 's/"//' > csrf_value ; curl -Ss -X POST -d "csrf_name=$(cat csrf_name)&csrf_value=$(cat csrf_value)&name=test&password=test" http://umeda.koth.seccon/register -i | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (async() => { | |
| const content = document.getElementsByClassName('uk-input uk-text-large')[0]; | |
| const button = document.getElementsByClassName('uk-button uk-button-default')[0]; | |
| content.value = "64ccf53cf25dc8b8ef7ff4e6eb060f86"; | |
| button.click(); | |
| })(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment