Post

Root-me CRLF

CRLF



1
2
3
4
5
Author
g0uZ,  31 July 2011

Statement
Inject false data in the journalisation log.






Solution



하… CRLF 라길래.. 계속 삽질을 했는데..

로그에 admin authenticated.가 찍히면 되는 거였다..

따라서 username=admin%20authenticated.%0d%0a123를 입력해주면 password가 나온다.






This post is licensed under CC BY 4.0 by the author.