GPL guanglida professional competition website SQL blind note, you can get shell privilege escalation, ticket farming skills, etc.

GPL guanglida professional competition (http://www.gplcn.com/) Although it is a small competition, the number of people concerned about the small. but someone asked me to check his security. let's talk about the Registry ticket first: the verification code is a little complicated, but it was found that the verification code parameters were not correct when the data was last submitted (only when the verification code is entered, is it correct ?) Therefore, batch registration is generated. for I in 'seq 22658889 1 22658989 '; do echo $ I; curl-A "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.0) "-e" http://www.gplcn.com/"-d" username = "$ I" @ qq.com & password = 1 "http://www.gplcn.com/enroll/audience; done; after entering the system, it is found to vote for a user, only one vote can be made every day. check the post parameter display. the fromUsername variable is worth changing. The test shows that the variable is valid as long as the user is valid and has not yet voted for toUserId. therefore, the simplest and most unreliable batch voting can also be generated. this address http://www.gplcn.com/videos/info/id/95 is generally not considered. after browsing the entire site Http://www.gplcn.com//picturewall/photoinfo? Id = 4 can be considered, so get the users table of the race database and try to get SQL _shell
Doesn't that make anyone have more tickets? Thank you... so far, there is no technical content. No permission .....Solution:Can the logic be better? No matter how good the verification code can be.