old-05

old-05

old-05

로그인 버튼과 회원가입 버튼이 나타난다.

로그인 버튼을 누르면

로그인 화면이 나타난다.

회원가입 버튼을 누르면

접근할 수 없다고 한다.

먼저 로그인 화면에서 ' or 1=1-- 을 입력해보면 아무 일도 일어나지 않는다.

Webhacking.kr의 아이디로 로그인해봐도 아무 일이 일어나지 않는다.

아마 'admin'으로 로그인하라는 것 같지만, 아무런 정보가 없다.

로그인 화면의 URL을 살펴보면 "/mem/login.php"이다. 여기서 "login.php"를 지우면

위와 같은 페이지가 나타나게 된다.

이를 디렉터리 인덱싱이라 한다.

디렉터리 인덱싱(Directory indexing) 취약점은 웹 서버의 잘못된 설정으로 웹 서버 디렉터리의 파일들이 노출되는 취약점으로, 디렉터리 리스팅 취약점이라고도 하며 과거 국정원 8대 홈페이지 취약점으로 선정된 적이 있다.

아무튼 'login.php' 외에 'join.php'가 보인다.

'join.php'로 접속하면 아무것도 없다.

페이지 소스 코드를 살펴보면

Challenge 5 l='a';ll='b';lll='c';llll='d';lllll='e';llllll='f';lllllll='g';llllllll='h';lllllllll='i';llllllllll='j';lllllllllll='k';llllllllllll='l';lllllllllllll='m';llllllllllllll='n';lllllllllllllll='o';llllllllllllllll='p';lllllllllllllllll='q';llllllllllllllllll='r';lllllllllllllllllll='s';llllllllllllllllllll='t';lllllllllllllllllllll='u';llllllllllllllllllllll='v';lllllllllllllllllllllll='w';llllllllllllllllllllllll='x';lllllllllllllllllllllllll='y';llllllllllllllllllllllllll='z';I='1';II='2';III='3';IIII='4';IIIII='5';IIIIII='6';IIIIIII='7';IIIIIIII='8';IIIIIIIII='9';IIIIIIIIII='0';li='.';ii='<';iii='>';lIllIllIllIllIllIllIllIllIllIl=lllllllllllllll+llllllllllll+llll+llllllllllllllllllllllllll+lllllllllllllll+lllllllllllll+ll+lllllllll+lllll; lIIIIIIIIIIIIIIIIIIl=llll+lllllllllllllll+lll+lllllllllllllllllllll+lllllllllllll+lllll+llllllllllllll+llllllllllllllllllll+li+lll+lllllllllllllll+lllllllllllllll+lllllllllll+lllllllll+lllll;if(eval(lIIIIIIIIIIIIIIIIIIl).indexOf(lIllIllIllIllIllIllIllIllIllIl)==-1) {alert('bye');throw "stop";}if(eval(llll+lllllllllllllll+lll+lllllllllllllllllllll+lllllllllllll+lllll+llllllllllllll+llllllllllllllllllll+li+'U'+'R'+'L').indexOf(lllllllllllll+lllllllllllllll+llll+lllll+'='+I)==-1){alert('access_denied');throw "stop";}else{document.write('Join

');document.write('.

.

.

.

.

');document.write('