Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Plaintext cookie : name=guest;admin=0;password=guest;userid=1337
- <?php
- require('key.php');
- function source()
- {
- echo "<pre>";
- highlight_string(file_get_contents(__FILE__));
- echo "</pre>";
- }
- function quit()
- {
- source();
- die();
- }
- function encrypt($input) {
- $res = openssl_encrypt($input, "AES-128-ECB", KEY, OPENSSL_RAW_DATA);
- return $res;
- }
- function decrypt($input) {
- $res = openssl_decrypt($input, "AES-128-ECB", KEY, OPENSSL_RAW_DATA);
- return $res;
- }
- if(!isset($_COOKIE['key'])) {
- $username=(isset($_GET['username'])) ? $_GET['username'] : "guest";
- $password=(isset($_GET['password'])) ? $_GET['password'] : "guest";
- if(preg_match("/admin=1/i", $username) || preg_match("/admin=1/i", $password) ) quit();
- $cookieenc = encrypt("name=$username;admin=0;password=$password;userid=1337");
- setcookie('key', base64_encode($cookieenc));
- $_COOKIE['key'] = base64_encode($cookieenc);
- }
- if(strpos(decrypt(base64_decode($_COOKIE['key'])), 'admin=1') !== false)
- {
- echo "<img src='https://media.giphy.com/media/H6CDICYUiPAwE/giphy.gif' /><br>";
- echo "Bravo, tu peux valider avec le flag suivant : ".FLAG ;
- die();
- }
- else
- {
- echo "Plaintext cookie : ".decrypt(base64_decode($_COOKIE['key']))."<br>";
- quit();
- }
- source();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
