first commit
This commit is contained in:
72
webroot/login.php
Normal file
72
webroot/login.php
Normal file
@ -0,0 +1,72 @@
|
||||
<?php
|
||||
|
||||
if (isset($_POST['login']) && $_POST['login'] == 'Login') {
|
||||
if ( isset($_POST['username']) && !empty($_POST['username']) ) {
|
||||
if ( isset($_POST['password']) && !empty($_POST['password']) ) {
|
||||
|
||||
$bdd = new mysqli("localhost", "cyber-zetatech-inc", "wY7nhg7xnzmCcJbfz3Gf89qyU5cvpr", "ctf-zetatech-inc");
|
||||
if ($bdd->connect_errno) {
|
||||
//echo "Echec lors de la connexion à MySQL : (" . $bdd->connect_errno . ") " . $bdd->connect_error;
|
||||
|
||||
$state->return = 'error';
|
||||
$state->string = 'Connection error';
|
||||
$state_json = json_encode($state);
|
||||
echo $state_json;
|
||||
}
|
||||
|
||||
$real_user = "puppet-master";
|
||||
|
||||
$user = $_POST['username'];
|
||||
$pass = hash("sha256", $_POST['password']);
|
||||
$sql = "SELECT user,password FROM access WHERE user='".$user."' AND password='".$pass."'";
|
||||
//$sql = "SELECT user,password FROM access WHERE user='admin' OR 1=1 LIMIT 1 OFFSET 1";// AND password='".$pass."'";;
|
||||
|
||||
// curl -X POST http://localhost/netrunner/login.php -d "password=admiefn&login=Login&username=admin' OR 1 LIMIT 1 OFFSET 1 #"
|
||||
|
||||
//echo "\n";
|
||||
//echo $sql;
|
||||
//echo "\n\n";
|
||||
|
||||
$res = mysqli_query($bdd, $sql);
|
||||
|
||||
$num_row = mysqli_num_rows($res);
|
||||
$row=mysqli_fetch_assoc($res);
|
||||
//print_r($row);
|
||||
|
||||
if ($_POST['username'] === "admin") {
|
||||
$state->return = 'false';
|
||||
$state->string = 'admin is desactivated. Use your login.';
|
||||
|
||||
} elseif ( $num_row == 1 && $row['user'] === $real_user) {
|
||||
$state->return = 'true';
|
||||
$html_login = "<b>Welcome to your admin board <em>".$row['user']."</em></b> <br> <br>
|
||||
An error occurred while connecting to your implant <br> [Zetatech Neural Processor MK.II].
|
||||
<br> <br>
|
||||
Please approach a Zetatech center for an analysis.
|
||||
<br> <br>
|
||||
IMTLD{w3b_1nT3rf4ceS_4r3_3v1L}";
|
||||
$state->string = $html_login;
|
||||
|
||||
} else {
|
||||
$state->return = 'false';
|
||||
$state->string = 'Access Denied';
|
||||
}
|
||||
} else {
|
||||
$state->return = 'password';
|
||||
$state->string = 'Password Missing';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$state->return = 'username';
|
||||
$state->string = 'Username Missing';
|
||||
}
|
||||
|
||||
$state_json = json_encode($state);
|
||||
echo $state_json;
|
||||
|
||||
} else { // DEBUG
|
||||
$state->return = 'form';
|
||||
$state->string = 'Submit form';
|
||||
$state_json = json_encode($state);
|
||||
echo $state_json;
|
||||
}
|
||||
Reference in New Issue
Block a user