Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <!-- This stuff in the header has nothing to do with the level -->
- <link rel="stylesheet" type="text/css" href="http://natas.labs.overthewire.org/css/level.css">
- <link rel="stylesheet" href="http://natas.labs.overthewire.org/css/jquery-ui.css" />
- <link rel="stylesheet" href="http://natas.labs.overthewire.org/css/wechall.css" />
- <script src="http://natas.labs.overthewire.org/js/jquery-1.9.1.js"></script>
- <script src="http://natas.labs.overthewire.org/js/jquery-ui.js"></script>
- <script src=http://natas.labs.overthewire.org/js/wechall-data.js></script><script src="http://natas.labs.overthewire.org/js/wechall.js"></script>
- <script>var wechallinfo = { "level": "natas14", "pass": "<censored>" };</script></head>
- <body>
- <h1>natas14</h1>
- <div id="content">
- <?
- if(array_key_exists("username", $_REQUEST)) {
- $link = mysql_connect('localhost', 'natas14', '<censored>');
- mysql_select_db('natas14', $link);
- $query = "SELECT * from users where username=\"".$_REQUEST["username"]."\" and password=\"".$_REQUEST["password"]."\"";
- if(array_key_exists("debug", $_GET)) {
- echo "Executing query: $query<br>";
- }
- if(mysql_num_rows(mysql_query($query, $link)) > 0) {
- echo "Successful login! The password for natas15 is <censored><br>";
- } else {
- echo "Access denied!<br>";
- }
- mysql_close($link);
- } else {
- ?>
- <form action="index.php" method="POST">
- Username: <input name="username"><br>
- Password: <input name="password"><br>
- <input type="submit" value="Login" />
- </form>
- <? } ?>
- <div id="viewsource"><a href="index-source.html">View sourcecode</a></div>
- </div>
- </body>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement