jiangsir/ceshi2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

上传文件至 src

Browse Source
This commit is contained in:
jiangsir 2024-09-10 21:17:59 +08:00
parent e1078fa5f2
commit c75cfa07c9
2 changed files with 75 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
src/index.php Normal file
View File

@ -0,0 +1,47 @@
<html>
<body>
<head>
<meta charset="UTF-8">
<title>登录</title>
</head>
<p>这里æ˜?管ç<EFBFBD>†å˜ç™»å½•å…¥å<EFBFBD>?</p>
<form method="POST" action="">
Username: <input type="text" name="username"> <br>
Password: <input type="password" name="password"> <br>
<button type="submit">Submit</button>
</form>
<!-- /source.txt -->
</body>
</html <?php
$flag = "FLAGFLAGFLAG";
$secret = "sGucne9iD0"; // 10 characters long
if(!isset($_POST["username"]) || !isset($_POST["password"])){
exit();
}
$username = $_POST["username"];
$password = $_POST["password"];
if (!empty($_COOKIE["check"])) {
if (urldecode($username) === "admin" && urldecode($password) != "admin") {
if ($_COOKIE["check"] === md5($secret . urldecode($username . $password))) {
echo "Login successful.\n";
die ("The flag is ". $flag);
}
else {
die ("Wrong Cookies. Get out!");
}
}
else {
die ("Admins only");
}
}
setcookie("ahash", md5($secret . urldecode("admin" . "admin")), time() + (60 * 60 * 24 * 7));

28
src/source.txt Normal file
View File

@ -0,0 +1,28 @@
<?php
$secret = "XXXXXXXXXX";
if(!isset($_POST["username"]) || !isset($_POST["password"])){
exit();
}
$username = $_POST["username"];
$password = $_POST["password"];
if (!empty($_COOKIE["check"])) {
if (urldecode($username) === "admin" && urldecode($password) != "admin") {
if ($_COOKIE["check"] === md5($secret . urldecode($username . $password))) {
echo "Login successful.\n";
die ("The flag is ". $flag);
}
else {
die ("Wrong Cookies. Get out!");
}
}
else {
die ("Admins only");
}
}
setcookie("ahash", md5($secret . urldecode("admin" . "admin")), time() + (60 * 60 * 24 * 7));
?>