Lord of SQLInjection 7) exit("too long string"); $no = is_numeric($_GET['no']) ? $_GET['no'] : 1; $query = "select id from prob_red_dragon where id=…

Lord of SQLInjection

Lord of SQLInjection

Lord of SQLInjection <tr><th>id</th><th>email</th></tr>

Lord of SQLInjection SQLInjectionの学習的サイト。 Writeupもハングルのものならたくさんあり、SQLiの学習がはかどる。 題名 分野（白塗り） 解説 gremlin 条件に対する初歩的インジェクション gremlin [LORD OF SQLINJECTION] - はまやんはまやんはまやん…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/col|if|case|when|sleep|benchmark/i', $_GET[pw])) exit("HeHe"); $query = "selec…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/sleep|benchmark/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_ir…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); $query = "select id from prob_dragon where id='guest'# and pw='{$_GET[pw]}'"; echo "<hr>query : <strong>{$</strong></hr>…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/regex|like/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_xavis w…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)|#|-/i', $_GET[pw])) exit("No Hack ~_~"); if(strlen($_GET[pw])>6) exit("No Hack ~_~"); $query = "select id from prob_nightmare where…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); $_GET['id'] = strrev(addslashes($_GET['id'])); $_GET['pw'] = strrev(addslashes($_GET['pw'])); if(preg_match('/prob|_|\.|\(\)/i', $_GET[id])) exit("No Hack ~_~"); …

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[id])) exit("No Hack ~_~"); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/\'/',$_GET…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/\'/i', $_GET[pw])) exit("No Hack ~_~"); $query = "select id from prob_assassin where pw like '{$_GET[pw]}'"; echo "<hr>query : <strong>{$query}</strong><hr><br>"; $result = @m</hr></hr>…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(strlen($_GET[shit])>1) exit("No Hack ~_~"); if(preg_match('/ |\n|\r|\t/i', $_GET[shit])) exit("HeHe"); $query = "select 1234 from{$_GET[shit]}prob_giant where …

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[no])) exit("No Hack ~_~"); if(preg_match('/\'/i', $_GET[pw])) exit("HeHe"); if(preg_match('/\'|substr|ascii|=|or|and| |li…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[no])) exit("No Hack ~_~"); if(preg_match('/\'/i', $_GET[pw])) exit("HeHe"); if(preg_match('/\'|substr|ascii|=/i', $_GET[n…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/or|and|substr\(|=/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); $query = "select id from prob_skeleton where id='guest' and pw='{$_GET[pw]}' and 1=0"; echo "<hr>q</hr>…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/\'/i', $_GET[id])) exit("No Hack ~_~"); $_GET[id] = strtolower($_GET[id]); $_GET[id] = str_replace("admin","",$_GET[id]); $query = "select id from…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/\'/i', $_GET[id])) exit("No Hack ~_~"); if(preg_match("/admin/", $_GET[id])) exit("HeHe"); $query = "select id from prob_troll where id='{$_GET[id…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/or|and/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_orge where …

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/or|and/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_darkelf whe…

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/ /i', $_GET[pw])) exit("No whitespace ~_~"); $query = "select id from prob_wol…

Lord of SQLInjection query : <strong>{$query}</strong><hr><br>"; $result = @mysqli_fet…</hr>

Lord of SQLInjection …

Lord of SQLInjection

Lord of SQLInjection

https://atcoder.jp/contests/agc047/tasks/agc047_c 前提知識 FFT/NTT 原子根 解説 https://atcoder.jp/contests/agc047/submissions/15795698 隠してはあるが、最初の1手が分かれば一気に（高度）典型化する。 主客転倒 全ての組み合わせに対して、とある…

https://atcoder.jp/contests/agc047/tasks/agc047_b 前提知識 Trie （想定解） ローリングハッシュ （hamayanhamayan解法） 解説 https://atcoder.jp/contests/agc047/submissions/15795474 複数文字列なので、最初にTrieが思い浮かんだが、よくよく考える…

https://atcoder.jp/contests/agc047/tasks/agc047_a 解説 https://atcoder.jp/contests/agc047/submissions/15792907 実数の積をそのまま受け取って積が整数である問題であるが、 実数の形のまま計算して、積が整数であるかを判定するのは誤差的にだいぶ怖…