D3
OG
Old school D3 from simpler times
All examples
By author
By category
About
evandrix
Full window
Github gist
http://www.hackthis.co.uk/ctf/7
<!DOCTYPE HTML> <html lang = "en"> <head> <title>HackThis!! - Capture the Flag</title> <meta charset = "UTF-8" /> <link href='https://fonts.googleapis.com/css?family=Ubuntu|Orbitron' rel='stylesheet' type='text/css'> <link rel="stylesheet" href="/ctf/css/main.css"> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script> </head> <body> <div class='level_title'> Level 7 </div> <div class='nav'> <a href='/ctf/leaderboard'>Leaderboard</a> | <a href='/ctf/irc'>IRC</a> | <a href='/'>Normal Site</a> | <a href='?logout'>Logout</a> </div> <div class='level_container'> <form autocomplete="off" method="POST"> <input type="text" name="user" data-holder="Username"/><br/> <input type="password" name="pass" data-holder="Password"/><br/> <input type="submit" class="submit" value="Login"/> </form> <a href='#' class='view'>View Details</a> </div> <div class='level_code'> <a href='#' class='close'>[X]</a> <div class='code'> <code><span style="color: #000000"> <span style="color: #0000BB"><?php<br /> </span><span style="color: #FF8000">// ...<br /><br /> </span><span style="color: #007700">if (isset(</span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'user'</span><span style="color: #007700">]) && isset(</span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'pass'</span><span style="color: #007700">])) {<br /> </span><span style="color: #0000BB">$id </span><span style="color: #007700">= </span><span style="color: #0000BB">sqlite_escape_string</span><span style="color: #007700">(</span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'user'</span><span style="color: #007700">]);<br /> </span><span style="color: #0000BB">$pass </span><span style="color: #007700">= </span><span style="color: #0000BB">sqlite_escape_string</span><span style="color: #007700">(</span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'pass'</span><span style="color: #007700">]);<br /><br /> </span><span style="color: #0000BB">$query </span><span style="color: #007700">= </span><span style="color: #DD0000">"SELECT id, username FROM users<br /> WHERE password='</span><span style="color: #007700">{</span><span style="color: #0000BB">$pass</span><span style="color: #007700">}</span><span style="color: #DD0000">' AND id=</span><span style="color: #007700">{</span><span style="color: #0000BB">$id</span><span style="color: #007700">}</span><span style="color: #DD0000"> LIMIT 1"</span><span style="color: #007700">;<br /><br /> if (</span><span style="color: #0000BB">$result </span><span style="color: #007700">= </span><span style="color: #0000BB">$db</span><span style="color: #007700">-></span><span style="color: #0000BB">query</span><span style="color: #007700">(</span><span style="color: #0000BB">$query</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">$user </span><span style="color: #007700">= </span><span style="color: #0000BB">$db</span><span style="color: #007700">-></span><span style="color: #0000BB">fetch</span><span style="color: #007700">();<br /> </span><span style="color: #FF8000">// ...<br /> </span><span style="color: #0000BB">$query </span><span style="color: #007700">= </span><span style="color: #DD0000">"SELECT id, level FROM priv WHERE id = '</span><span style="color: #007700">{</span><span style="color: #0000BB">$id</span><span style="color: #007700">}</span><span style="color: #DD0000">'<br /> AND level > 0 LIMIT 1"</span><span style="color: #007700">;<br /> </span><span style="color: #0000BB">$result2 </span><span style="color: #007700">= </span><span style="color: #0000BB">$db</span><span style="color: #007700">-></span><span style="color: #0000BB">query</span><span style="color: #007700">(</span><span style="color: #0000BB">$query</span><span style="color: #007700">);<br /> if (</span><span style="color: #0000BB">$result2 </span><span style="color: #007700">&& </span><span style="color: #0000BB">$result2</span><span style="color: #007700">-></span><span style="color: #0000BB">numRows</span><span style="color: #007700">() > </span><span style="color: #0000BB">0</span><span style="color: #007700">) {<br /> </span><span style="color: #0000BB">$admin </span><span style="color: #007700">= </span><span style="color: #0000BB">true</span><span style="color: #007700">;<br /> } else {<br /> </span><span style="color: #0000BB">$admin </span><span style="color: #007700">= </span><span style="color: #0000BB">false</span><span style="color: #007700">;<br /> }<br /> </span><span style="color: #FF8000">// ...<br /> </span><span style="color: #007700">} else {<br /> </span><span style="color: #FF8000">// ...<br /> </span><span style="color: #007700">}<br /> }<br /><br /></span><span style="color: #0000BB">?><br /></span> </span> </code> </div> </div> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-34026704-2']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'https://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script src="/ctf/js/main.js"></script> </body> </html>
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js