daffainfo
/
ctf-writeup
mirror of https://github.com/daffainfo/ctf-writeup.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ctf-writeup/0xL4ugh CTF 2023/Bruh 2/index2.php

43 lines
1.0 KiB
PHP
Raw Blame History

<?php
$servername = "127.0.0.1";
$username = "ctf";
$dbname = "login";
$password = "ctf123";
// Create connection
$conn = new mysqli($servername, $username, $password,$dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(!empty($_GET['username']) && !empty($_GET['password']))
{
$username=mysqli_real_escape_string($conn,$_GET['username']);
$password=mysqli_real_escape_string($conn,$_GET['password']);
if (preg_match("/admin/i",$username) && $_SERVER['REMOTE_ADDR']!=="127.0.0.1")
{
die("Admins login are allowed locally only");
}
else
{
$res=$conn->query("select * from users where username='$username' and password='$password'"); # admin admin
if($res->num_rows > 0)
{
$user=$res->fetch_assoc();
echo ($user['username']==="admin")?"0xL4ugh{test_flag}":"sorry u r not admin";
}
else
{
echo "Error : Wrong Creds";
}
}
}
else
{
echo "Please Fill All Fields";
}
?>
Reference in New Issue View Git Blame Copy Permalink