-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathindex.html
4 lines (4 loc) · 9.47 KB
/
index.html
1
2
3
4
<code><span style="color: #000000">
<span style="color: #0000BB"><?php<br /><br /></span><span style="color: #FF8000">// Web02 Challenge "Russian Doll"<br /><br /></span><span style="color: #007700">include(</span><span style="color: #DD0000">'flag.php'</span><span style="color: #007700">);<br /><br /></span><span style="color: #0000BB">error_reporting</span><span style="color: #007700">(</span><span style="color: #0000BB">0</span><span style="color: #007700">);<br /><br />if(!isset(</span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'text'</span><span style="color: #007700">])){<br /> </span><span style="color: #0000BB">highlight_file</span><span style="color: #007700">(</span><span style="color: #0000BB">__FILE__</span><span style="color: #007700">);<br /> die();<br />}<br /><br /><br /></span><span style="color: #FF8000">// Stage 1<br /></span><span style="color: #0000BB">$text </span><span style="color: #007700">= </span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'text'</span><span style="color: #007700">];<br />if(@</span><span style="color: #0000BB">file_get_contents</span><span style="color: #007700">(</span><span style="color: #0000BB">$text</span><span style="color: #007700">)!==</span><span style="color: #DD0000">"Привет хакер"</span><span style="color: #007700">){<br /> die(</span><span style="color: #DD0000">"You must speak my language a different way!"</span><span style="color: #007700">);<br />}<br /><br />echo </span><span style="color: #DD0000">"Stage 1 is complete! You unlocked the key: " </span><span style="color: #007700">. </span><span style="color: #0000BB">$secretkey </span><span style="color: #007700">. </span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br /><br /></span><span style="color: #FF8000">// Stage 2<br /></span><span style="color: #0000BB">$key1 </span><span style="color: #007700">= </span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'key1'</span><span style="color: #007700">];<br /></span><span style="color: #0000BB">$keyId </span><span style="color: #007700">= </span><span style="color: #0000BB">1337</span><span style="color: #007700">;<br /><br />if (</span><span style="color: #0000BB">intval</span><span style="color: #007700">(</span><span style="color: #0000BB">$key1</span><span style="color: #007700">) !== </span><span style="color: #0000BB">$keyId </span><span style="color: #007700">|| </span><span style="color: #0000BB">$key1 </span><span style="color: #007700">=== </span><span style="color: #0000BB">$keyId</span><span style="color: #007700">) {<br /> die(</span><span style="color: #DD0000">"хаха, это строго не сработает"</span><span style="color: #007700">);<br />}<br /><br />echo </span><span style="color: #DD0000">"Stage 2 is complete! Keep Going!\n"</span><span style="color: #007700">;<br /><br /></span><span style="color: #FF8000">////////////////////////////////<br />// CTF 313 MID CON EDIT!<br />////////////////////////////////<br />// Stage 3<br />//$token = time();<br />//$tokenDeath = $token + 24*60*60;<br /><br />// CTF 313 EDIT<br />//if (($tokenDeath - time()) <= 0) {<br />// if(substr(hash("sha256", $keyId + $token . $secretkey), 5, 25) == $hash) {<br />// $keyId = $_GET['keyId'];<br />// }<br />//} else {<br />// die("Ваш токен мертв, как и эта попытка");<br />//}<br /><br />// Stage 3<br /></span><span style="color: #0000BB">$hash </span><span style="color: #007700">= </span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'hash'</span><span style="color: #007700">];<br /></span><span style="color: #0000BB">$token </span><span style="color: #007700">= </span><span style="color: #0000BB">intval</span><span style="color: #007700">(</span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'token'</span><span style="color: #007700">]);<br /><br />if(</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">hash</span><span style="color: #007700">(</span><span style="color: #DD0000">"sha256"</span><span style="color: #007700">, </span><span style="color: #0000BB">$keyId </span><span style="color: #007700">+ </span><span style="color: #0000BB">$token </span><span style="color: #007700">. </span><span style="color: #0000BB">$secretkey</span><span style="color: #007700">), </span><span style="color: #0000BB">5</span><span style="color: #007700">, </span><span style="color: #0000BB">25</span><span style="color: #007700">) == </span><span style="color: #0000BB">$hash</span><span style="color: #007700">) {<br /> </span><span style="color: #0000BB">$keyId </span><span style="color: #007700">= </span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'keyId'</span><span style="color: #007700">];<br />} else {<br /> die(</span><span style="color: #DD0000">"Ваш токен мертв, как и эта попытка"</span><span style="color: #007700">);<br />}<br /><br />echo </span><span style="color: #DD0000">"Stage 3 is complete! You defeated death, for now...\n"</span><span style="color: #007700">;<br /><br /><br /></span><span style="color: #FF8000">// Final Stage<br /></span><span style="color: #0000BB">$key2 </span><span style="color: #007700">= </span><span style="color: #0000BB">69</span><span style="color: #007700">;<br />if(</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$keyId</span><span style="color: #007700">, </span><span style="color: #0000BB">$key2</span><span style="color: #007700">) !== </span><span style="color: #0000BB">sha1</span><span style="color: #007700">(</span><span style="color: #0000BB">$keyId</span><span style="color: #007700">)){<br /> die(</span><span style="color: #DD0000">"ты не можешь сдаться сейчас!"</span><span style="color: #007700">);<br />}<br /><br /></span><span style="color: #FF8000">// Final Stage<br /></span><span style="color: #007700">echo </span><span style="color: #DD0000">"Final stage is complete Where da flag homie? 💩\n"</span><span style="color: #007700">;<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /></span><span style="color: #0000BB">header</span><span style="color: #007700">(</span><span style="color: #DD0000">"Content-Type: " </span><span style="color: #007700">. </span><span style="color: #0000BB">$flag</span><span style="color: #007700">);<br /></span>
</span>
</code>