0x01
<?php
error_reporting(0);
$flag = 'flag{test}';
if (isset($_GET['username']) and isset($_GET['password']))
{
if ($_GET['username'] == $_GET['password'])
print 'Your password can not be your username.';
else if (md5($_GET['username']) === md5($_GET['password']))
die('Flag: '.$flag);
else
print 'Invalid password';
}
?>
0x02 代码分析
传入username,password值
username,password值不能相等,并且他们的md5值相等,输出flag
md5加密无法处理数组,所以构造数组传值。
http://123.206.87.240:9009/18.php?username[]=1&password[]=2
