Perl is a bitch sometimes
Level 8
So Bill Gates was tired of VisualBasic and now did some Perl, too bad; this script has a security flaw that allows everyone access to the company records! Fix the flaw for him!
#!/usr/bin/perl
chomp(my $User = `/usr/bin/whoami`);
print "Checking your access level...\n";
if ($User == 'BillGates')
{
print "Authorized! Here are the company records:\n" . `cat /home/BillGates/CompanyRecords.db`;
die("Closing...\n");
}
die("You're not authorized!\n");
|___________________|check
Solution:
- In Perl, you should be aware of the using of the operators.
Reference: http://perldoc.perl.org/perlop.html#Equality-Operators
Binary "==" returns true if the left argument is numerically equal to the right argument.
Binary "eq" returns true if the left argument is stringwise equal to the right argument. - Since 'BillGates' is a string, you should choose 'eq' to do string comparison.
- Input "if ($User eq 'BillGates')" and check.
- It's done.