티스토리 뷰

19번 문제 : base 64 및 쿠키변조


admin 으로 쿼리를 전송하면
you are not admin 이라는 문구가 뜨면서 3초후에 뒤로 돌아가진다.


guest 라는 쿼리를 전송하여 보았다.



안녕 게스트! 라는 문구를 출력해 주었다.


그리고 쿡시를 열어 보았더니


userid= base64코드가 들어가 있었다.


base64 코드에는 항상 끝에 =, == 이 들어가 있다

아스키코드값을 보면 

= 는 ( %3D ) 이다.


일단 URL 디코딩을 한다음에

base64로 11번 디코드 해주니까


b2f5ff47436671b6e533d8dc3614845d7b774effe4a349c6dd82ad4f4f21d34ce1671797c52e15f763380b45e841ec3203c7c0ace395d80182db07ae2c30f034e358efa489f58062f10dd7316b65649ed41d8cd98f00b204e9800998ecf8427e


이렇게 나왔다. 이건 MD5 코드인데

MD5 코드는 32자리로 암호화가 된다. 위의 암호문을 32자리씩 끊어서 정렬해 놓은다음 MD5 디코딩을 하면

b2f5ff47436671b6e533d8dc3614845d  -----------------> g

7b774effe4a349c6dd82ad4f4f21d34c  -----------------> u

e1671797c52e15f763380b45e841ec32  ----------------> e

03c7c0ace395d80182db07ae2c30f034  ---------------> s

e358efa489f58062f10dd7316b65649e  -----------------> t

d41d8cd98f00b204e9800998ecf8427e  (이건 뭔지 모르겠다.)


이렇게 나온다. 


이쯤 되면 감이 오지 않는가?

admin 으로 하여서 쿼리를 날려주면 된다!


a -----------------> 0cc175b9c0f1b6a831c399e269772661

d -----------------> 8277e0910d750195b448797616e091ad

m -----------------> 6f8f57715090da2632453988d9a1501b

i ------------------> 865c0c0b4ab0e063e5caa3387c1a8741

n -----------------> 7b8b965ad4bca0e41ab51de7b31363a1

d41d8cd98f00b204e9800998ecf8427e 


위의 값을 다 연결하여 base64코드로 11번 인코드 해서

쿡시값으로 userid에 전달해주면



Vm0wd2QyUXlWa1pOVldScFVtMVNXVll3WkRSV1JsbDNXa2M1VjAxV2JETlhhMUpUVmpGS2RHVkVRbUZTVjJoeVZteFZlRll5VGtWUmJVWlhWakZLU1ZacVNqUlpWMUpYVW01T2FWSXdXbFJXYWtaTFUxWmFjVk5xVWxwV01VcEpWbTEwYTJGV1NuTlhiR2hhWVRGYU0xWnNXbXRXTVhCRlZXeHdWMDFFUlRCV2EyTXhWREZzVjFOdVVtaFNlbXhXVm0weGIxRXhjRmhsUjNSWVVqRktTVlZ0ZUZOVWJVcEdZMFZ3VjJKVVJYZFpla3BIVWpGT2RWVnNXbWhsYlhob1ZtMXdUMVV5UmtkVmJHaHNVakJhY1ZSV1duZE5SbFowWlVaT1ZXSkdjRnBWVjNCWFZqRktjMk5IYUZkaGExcG9Xa1ZhVDJOdFJraGhSazVwVjBkb1dWWnJXbGRaVm14WFZXdGtXR0pHY0ZsWmJGWmhWbFpXY1ZKdFJsUlNiR3cxV1ROd1YxWXdNWEpqUm1oV1RXNVNlbFpxU2tkamJVbzJVV3h3YkdFelFrbFdiWEJIVkRKTmVGZHVVbWxTYXpWeldXeG9iMkl4V1hoYVJFSm9UV3RzTkZadGRHdFdiVXB6VTI1T1ZtRnJTbWhXYkZwWFl6RldjMXBHYUdsU01VbzFWbXBLTkZReVJrZFRXR2hZWW0xNFdGUlhOVU5YUmxweFVtdHdiR0pWV2twV01uaGhZVWRGZUdOR2FGaGlSbHBvV1ZSS1QyTXlUa1phUmxwcFZqSm9lbGRYZUc5aU1rbDRWMjVTVGxKRlduSlVWbFp6VGtaYVYyRkhPV2hpUlhBd1dWVm9UMVp0Um5KT1ZsSmFUVlp3VkZacVJtdGtSa3AwWlVaa2FWSnNhM2hXTVZKUFpERlplRmRZWkU1V2JWSnhWV3hrVTFkR1VsaE9WemxxWWtad2VGVnRNVWRoTVVwelUyNW9WMVl6YUZoV2FrWmhaRlpHYzFWc2FHbFNia0p2VmpGYWExVXhXWGhXYmxaVllsVmFWRlJYTVc5a2JHUnpXa1JTV2xadFVraFdNalZUVkd4T1NHRkdRbFppV0U0MFZHeGFZV1JIVmtoa1JtUnBWbGhDU2xac1pEUmpNV1IwVTJ4c1ZWZEhhR0ZVVmxwM1lVWndSbHBHWkZSU2EzQjZWMnRrYzFVeVNrbFJiVVpYVFc1b1dGWnFSbEpsUm1SMVUyczFWMkpJUW5kV1YzUldUVlphYzFkdVRtRlNlbXh5V1d0YWQyVkdWblJrUkVKVlRXdHdTRmt3YUc5V01VbDZZVWhLVjFKNlJraFpNbmhyWXpKS1IxcEdaR3hoTVd0NVZtdGFZVmxYUlhoWFdHaFlZbXhhVmxsc1ZtRldSbXh6V2tjNVYxWnNjRWhXTW5ocllUQXhWMVpxVWxkTmFsWlVWa2Q0WVZKc1RuTmhSbFpYWWxaRmQxWnFSbUZXYlZaSVVtdG9VRlp1UWxoWldIQlhVMFprVlZGdFJtaE5WMUl3VlRKMGExZEhTbGhoUjBaVlZsWndNMWxWV25OT2JFcHpXa2QwVjJKRmNEWldiR1EwWVRKR1YxTlljRnBOTWxKWVdXeG9iMk5zVWxaYVJWcHNVbTFTZWxZeWN6RlhSa3BWVm14d1dGWnRVWGRWZWtaclVqRmFkVkpzVm1oTlJGWlpWbGN4TkdReVZuTmFTRXBYWVd0S1YxUlZVa2RXTVZKellVaE9WMDFWYkRaWlZWcHZWMnhhYzJORmVGcGxhMXB5Vm14YVIyTXhjRWRhUms1WFYwVktNbFp0TUhoa01VMTRWbGhvVldFeVVsVlpiWFIzVjFac1dXTklUbGhTYkVwWlZGWmpOV0V3TVZkalJteGFUVVpWTVZsVlpFdFdNV1J6WVVaa1RtRnNXazFXYWtKclV6RmtWMVp1VmxSaVJscFlXV3RvUTJJeFpITlhiVVpXVFZac05GZHJhRk5WTWtwSFYyNUNWbUpVVmtSVk1WcHJWbFpHZEdORk9WZGlXR2haVm1wR2IyUXlSa2RUYkd4b1VtMW9XRmxzYUc5Tk1WbDNWMjVLYkZKdFVubGFSV1IzWVZaSmVGTnFWbGRTTTJob1dWUktSMVl4WkhWVGJYQlRZbXRLV1ZkWGVHOWlNazV6Vld4YVdHSnJOVmhVVmxwaFRWWmFTR1ZIT1doV2EzQjZXVEJhVjFkR1duTlRhMmhoVWtWYVlWcFZaRXRUVmxKelYyMW9UbUpGY0RaV01XUXdXVmRSZUZkWWFGaFhSM2h5Vld0V1MxWXhVbFpWYTJSc1ZteHdNRmt3WkVkWFIwcEhZMFpvV2sxSGFHaFdha0Y0VWpKT1IxRnNXbWxYUjJoUlYxUktORmxYVFhsU2EyUmhVako0V0ZsVVNqQk9WbHB4VTJwU1YwMVhlRmhXVm1odlZrWmtTR0ZHWkZwaVdFMTRWakJhYzJOc1duVmFSM0JUWWtaWmVsWnRNVEJOUm1SSFYyNU9hbEpYYUZoWmJGSkdaREZhU0dNemFHcE5WMUl4V1RCYWExUnNXWGxoUkZwWVZqTlNhRlY2U2s5amF6VlhXa1pXYVZORlNscFdWRUpYVXpGT1YxcElUbGhpVlZwWFZGWmFkMDFHVm5Sa1NFNVhWakJ3U1ZaWGN6VldNa3BWVm10U1ZrMUdjR2haTVZwUFYxZEdSMVJyTlZkaWEwcGFWbTF3UjJJeVVYaFhibEpVWWtkb2IxVnFRbUZaVmxweFZHeE9hRkpzY0hsV01uaDNZa1pLZFZGclpGVk5WbkJRV1ZWa1YyTXhaSE5oUm1SVFVsWndiMVpyVWtkWGJWWkhWRzVXVkdKWGFFOVVWekZ2VjFaa1dHVkhPVlpOYTFwSVdXdG9SMVpIUlhwUmJrNVdZbFJXUkZVeWVHRlRSMVpJVDFkb1UxWkZXWGRYVmxacllqRlplRk51VGxSaVJVcFhWbXRXWVdGR2JEWlRhM1JUVFZad2VsWkhNVzlVYXpGV1kwWmFWMkV4Y0doWFZscE9aVVprZFZSc1pHbGlSWEJSVm0xNFUyTXlTWGhpU0VwWVltczFUMVJXV25OT1ZuQkdZVVU1V0ZJd2NGZFdiWEJUVjJzeFIxZHNVbGRoYTNCSVdUSjRhMk50VmtoU2JFNVhUVlZ3Vmxac1pEUlpWbGw1VkZob2FsSldjRkJXYlRGVFkwWnNWVkZ1V2s1V2JIQXdWRlpTVTJGRk1YTlhha0pYWWxoU2NsWnJXbXRUUjFaSFZteHdWMUpYT0hkV2JYQkhZekpPYzFwSVVsTmlXRUpVV1d0b1EwNUdXbFZUV0dSUFZteHdlbFV5TlU5aGJFcDBaVWRHVlZaV2NHaFpNbmhoWTFaT2NtUkdaRTVXV0VJMFZteGtOR0V4V1hkTlNHeG9VMGQ0V0ZSV1duZGhSbFkyVW0xMFUwMVdjREZXVjNoRFZqSktWMU51WkZkV2VrVjNXa1JHYTFZeFpIVlZhelZYVW10d1dWWkdaRFJUTVVsNFZXeGtXR0pIVWxkWmJGWjNVMnhXV0dWSE9WaGlWVlkxV1ZWV1UxWnJNWFZoUjJoYVpXdGFlbFJ0ZUV0ak1VNXlUbFprYVdFd2NHRldiWEJMVFVaWmVWUllhRmRpYkVwVVZqQmtORll4YkhOYVJ6bFlVbTE0V1ZremNFZFdWVEZaVVd4a1YwMXFWa3haYTFwTFpFWldkV05HWkZObGExWXpWbXhTUW1WR1NYbFVhMXBvVW0xU1ZGUlVTbTlpTVdSWFZXdGtWazFyTVRSWGEyaFBXVlpLZEdGR2JGWk5SbHBNVmpGYWExWXhWbkphUjNST1lURndTVmRYZEdGV01WVjVVMnRvVm1KcldtRldNR2hEVjBaYWNWSnRkR3BpU0VKSlZERmFWMkZIVm5KWFdHaFlWbXhhYUZscVJscGxWazV6WWtaYWFWWXlhRnBXYlRFMFpERmtSMWR1UmxOaVZWcHlWbTEwZDJWc1draE5XRTVvVWpGYWVsWXllRWRXTWtWNFkwZG9XRlpzY0U5YVZWcHJWMWRHU0ZKc1VsTlhSVXBhVmpGamQyVkdWWGxVYTJSWFlteEtjMVV3WkZOWFJteHlWMjFHVGxKdVFrZFhhMVpyVmpBeFJWSnNhRnBpYmtKTVZtMHhTMUl4VG5KVmJHUm9ZVEZ3YjFadGNFdFVNVTVJVW10a1dHRjZWbFJaYlhSSFRteGFjMXBFVWxwV2JGWTFWa1pvYjFkSFNuSk9WMmhXWWxSR1ZGbHFSbE5XVmtaeVYyMTRVMkpJUVhkWGExWnJUVVpSZUZOdVRtcFRSM2hXV1d0YWQyTnNXbk5hUlZwc1ZteGFlbGxyV25kaFZtUklZVVV4V0ZaRldtaFdha3BQVmpGS2RWVnNUbWxXTTJoUVZtMXdUMkl3TlhOWFdHeHJVbXh3VUZadGVFdGxWbEpYVjIxMGFHSkZjRmxaVlZwelYyeGFSbU5JV2xwTmJtaDZWbTE0WVZkWFJraGpSMnhYVmtaYVNWWnRkR3RPUm14WFZsaHNWR0V4Y0ZsV01HaERWMFphYzFkdVpGTk5Wa1kwVmpKMFQxWnRTa1pUYkZwVlZsWkdNMVZHUlRsUVVUMDk=



 

 성공하게 된다!