API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 7th, 2017
72
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.59 KB | None | 0 0
raw download clone embed print report
  1. <?php require_once 'config.php'; ?>
  2. <!doctype html>
  3. <html lang="en">
  4. <head>
  5. <title>Little Bobby Tables</title>
  6. <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet"
  7. integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
  8. <meta charset="utf8">
  9. <meta name="viewport" content="width=device-width, initial-scale=1">
  10. </head>
  11. <body>
  12. <div class="container" style="max-width: 600px; margin-top: 2em;">
  13. <?php
  14.  
  15. $user = $_REQUEST['user'];
  16. $pwd = $_REQUEST['pwd'];
  17. $token = $_COOKIE["token_web1"];
  18.  
  19. if (empty($token) || !check_token($token)){
  20. ?>
  21. <div class="alert alert-warning"><b>Warning </b>You need to be logged in to the dashboard! If the error persists, try to reactivate the challenge.</div>
  22. <?php
  23. }
  24. $login_ok = FALSE;
  25. if (!empty($user) && !empty($pwd)) {
  26. $decoded_user = base64_decode($user);
  27. // We store the password in plaintext to keep the homework's code short.
  28. // For anything even remotely real, use a proper password storage scheme.
  29. $decoded_pwd = base64_decode($pwd);
  30. if($decoded_user === FALSE || $decoded_pwd === FALSE) {
  31. echo '<div class="alert alert-danger">Please insert your credentials!</div>';
  32. } else {
  33. $query = "SELECT user_id FROM users WHERE username='$decoded_user' and password='$decoded_pwd'";
  34. $result = mysqli_query($vuln_db, $query);
  35. if ($result && (mysqli_num_rows($result)>0) && verify_user($token, $decoded_user)) {
  36. $login_ok = TRUE;
  37. echo "<h1>Hi " . htmlentities($decoded_user) . ", you are logged in!</h1>";
  38. echo "<img style='width: 100%' src='exploits_of_a_mom.png'";
  39. }
  40. else {
  41. echo '<div class="alert alert-danger">Wrong username or password</div>';
  42. }
  43. }
  44. }
  45. if(!$login_ok) {
  46. ?>
  47. <h1 style="text-align: center;">Access Restricted</h1>
  48. <form method="post" id="login_form" class="form-horizontal" style="max-width: 75%; margin: 0 auto;">
  49. <div class="form-group">
  50. <label for="name">Name: </label>
  51. <input type="text" name="user" class="form-control">
  52. </div>
  53. <div class="form-group">
  54. <label for="name">Password: </label>
  55. <input type="password" name="pwd" class="form-control">
  56. </div>
  57. <input type="submit" value="Login" class="btn btn-primary" style="display: block; margin: 0 auto; min-width: 50%">
  58. </form>
  59. <script type="text/javascript" src="formutils.js"></script>
  60. <?php
  61. }
  62. ?>
  63. </div>
  64. </body>
  65. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!