$temp = $_GET['password']; is_numeric($temp)?die("no numeric"):NULL; if($temp>1336){ echo $flag;
is_numeric
The same array can be used to bypass, 00% cut, add other characters
http://123.206.87.240:9009/22.php?password[]=1
http://123.206.87.240:9009/22.php?password=9999a
http://123.206.87.240:9009/22.php?password=9999%00
flag{bugku_null_numeric}