Sucky Sysadmin
Level 6
This site in run by a new sysadmin who does not know much about web configuration
The script is located at http://moo.com/moo.php
Attempt to make the script think you are authed by entering the correct URI.
Here is the script (me.php):
<?php
$user = $_GET['user'];
$pass = $_GET['pass'];
if (isAuthed($user,$pass))
{
$passed=TRUE;
}
if ($passed==TRUE)
{
echo 'you win';
}
?>
<form action="me.php" method="get">
<input type="text" name="user" />
<input type="password" name="pass" />
</form>
<?php
function isAuthed($a,$b)
{
return FALSE;
}
?>
|___________________|check
Solution:
- Check the script above, since the function isAuthed always return FALSE, if you input any values of user and pass, you will never get passed.
- So, you need to neglect the authentication function and get through the program directly.
- Input ' http://moo.com/me.php?passed=1 ' and check.
- It's done.