목록전체 글 (7)
ash3r & dmawhwhd
Web 1. Calc. from flask import Flask, render_template, render_template_string, request import re app = Flask (__name__) @app.route('/') def calc(): expression = request.args.get('expression') filters = ["'","\"","_","[","]",",","`","sys","os","flag","%","class","config","self","\\"] request.args = None try: for filter in filters: if filter in expression: raise Exception("filterd") result = rende..
Misc - query-master #!/usr/bin/python3 import random import string import subprocess def randName(): return ''.join([random.choice(string.hexdigits) for i in range(16)]) dbpath = f'/tmp/{randName()}.db' query = input("Query >> ") ban = ['.', 'lo', ';'] for x in ban: if x in query: print("Filtered..") exit() proc = subprocess.Popen(["sqlite3", dbpath, query], stdout=subprocess.PIPE) (out, err) = ..
Profile 🔎Seungjun Kim (ash3r & dmawhwhd)Nationality : South KoreaBirth : 2004Work 👨💻Enki (2022.12.5 ~ 2023.12.18)Zellic (2024.1.3 ~ now)Affiliation 🎓EducationKaist 한국과학기술원sunrin internet high school 선린인터넷고등학교서울여자대학교 정보보호영재교육원CTF TeamSuper GuesserAwards 🏆2022 1st, 사이버 가디언즈 경진대회2022 1st, Whitehat Contest2022 1st, The Hacking Championship Junior2022 1st, JBU CTF2022 3rd, codegate 20222022 3rd..