<?php
highlight_file ( 'flag.php' );
$_GET [ 'id' ] = urldecode ( $_GET [ 'id' ]);
$flag = 'flag{xxxxxxxxxxxxxxxxxx}' ;
if (isset( $_GET [ 'uname' ]) and isset( $_POST [ 'passwd' ])) {
if ( $_GET [ 'uname' ] == $_POST [ 'passwd' ])
print 'passwd can not be uname.' ;
else if ( sha1 ( $_GET [ 'uname' ]) === sha1 ( $_POST [ 'passwd' ])&( $_GET [ 'id' ]== 'margin' ))
die( 'Flag: ' . $flag );
else
print 'sorry!' ;
}
highlight_file ( 'flag.php' );
$_GET [ 'id' ] = urldecode ( $_GET [ 'id' ]);
$flag = 'flag{xxxxxxxxxxxxxxxxxx}' ;
if (isset( $_GET [ 'uname' ]) and isset( $_POST [ 'passwd' ])) {
if ( $_GET [ 'uname' ] == $_POST [ 'passwd' ])
print 'passwd can not be uname.' ;
else if ( sha1 ( $_GET [ 'uname' ]) === sha1 ( $_POST [ 'passwd' ])&( $_GET [ 'id' ]== 'margin' ))
die( 'Flag: ' . $flag );
else
print 'sorry!' ;
}
?>
来 进入这道题我们先一波分析猛如虎,通过阅读php代码,我们发现只要使uname的sha1和值与passwd的sha1的值相等即可,但是同时他们两个的值又不能相等
eeeeeemmmmm。。。这似乎是很熟悉的套路了吧 只要构造数组就可以了 所以
然后我们就得到flag了
如有疑问请联系qq:834368404