bugku_PHP代码审计—md5加密相等绕过
<?php
$md51 = md5('QNKCDZO');
$a = @$_GET['a'];
$md52 = @md5($a);
if(isset($a)){
if ($a != 'QNKCDZO' && $md51 == $md52) {
echo "flag{*}";
} else {
echo "false!!!";
}}
else{echo "please input a";}
?>
双等号比较绕过:
QNKCDZO
240610708
s878926199a
s155964671a
s214587387a
s214587387a
payload:?a=s214587387a