<h3>挑战VIP会员的第一天<h3/>
<?php
error_reporting(0);
highlight_file(__FILE__);
include('flag.php');
class ctfShowUser
{
public $username='xxxxxx';
public $password='xxxxxx';
public $isVip=false;
public function checkVip()
{
return $this->isVip;
}
public function login($u,$p)
{
if($this->username===$u&&$this->password===$p)
{
$this->isVip=true;
}
return $this->isVip;
}
public function vipOneKeyGetFlag()
{
if($this->isVip)
{
global $flag;
echo "your flag is ".$flag;
}
else
{
echo "no vip, no flag";
}
}
}
$username=$_GET['username'];
$password=$_GET['password'];
if(isset($username) && isset($password))
{
$user = new ctfShowUser();
if($user->login($username,$password))
{
if($user->checkVip())
{
$user->vipOneKeyGetFlag();
}
}
else
{
echo "no vip,no flag";
}
}
主要进行代码审计,理解类的以及函数的调用。
?username=xxxxxx&password=xxxxxx
打赏我,让我更有动力~
© 2016 - 2024 掌控者 All Rights Reserved.
十二梦
发表于 2021-11-19
这是哪里的CTF呀,有链接不
评论列表
加载数据中...