更新 src/index.php

2024-09-12 17:54:00 +08:00 · 2024-09-12 17:54:00 +08:00 · a3f65eb516
commit a3f65eb516
parent 14ec7379f3
1 changed files with 32 additions and 3 deletions
--- a/src/index.php
+++ b/src/index.php
@ -4,9 +4,9 @@

    <head>
        <meta charset="UTF-8">
-        <title>登录</title>
+        <title>??</title>
    </head>
-    <p>这里是管理员登录入口</p>
+    <p>??????????</p>
    <form method="POST" action="">
        Username: <input type="text" name="username"> <br>
        Password: <input type="password" name="password"> <br>
@ -14,4 +14,33 @@
    </form>
    <!-- /source.txt -->
 </body>
- setcookie("ahash", md5($secret . urldecode("admin" . "admin")), time() + (60 * 60 * 24 * 7));
+
+</html <?php
+
+
+$flag = "flag{G_du93ksy639_sjd}";
+$secret = "sGucne9iD0"; // 10 characters long
+setcookie("ahash", md5($secret . urldecode("admin" . "admin")), time() + (60 * 60 * 24 * 7));
+if(!isset($_POST["username"]) || !isset($_POST["password"])){
+	exit();
+}
+$username = $_POST["username"];
+$password = $_POST["password"];
+ 
+if (!empty($_COOKIE["check"])) {
+
+
+    if (urldecode($username) === "admin" && urldecode($password) != "admin") {
+        if ($_COOKIE["check"] === md5($secret . urldecode($username . $password))) {
+            echo "Login successful.\n";
+            die ("The flag is ". $flag);
+        }
+        else {
+            die ("Wrong Cookies. Get out!");
+        }
+    }
+    else {
+        die ("Admins only");
+    }
+}
+