old-01 -- Change Cookie
URL: https://webhacking.kr/challenge/web-01/?view-source=1
<?php
include "../../config.php";
if ($_GET["view-source"] == 1) {
view_source();
}
if (!$_COOKIE["user_lv"]) {
SetCookie("user_lv", "1", time() + 86400 * 30, "/challenge/web-01/");
echo "<meta http-equiv=refresh content=0>";
}
?>
<html>
<head>
<title>Challenge 1</title>
</head>
<body bgcolor=black>
<center>
<br><br><br><br><br>
<font color=white>
---------------------<br>
<?php
if (!is_numeric($_COOKIE["user_lv"])) {
$_COOKIE["user_lv"] = 1;
}
if ($_COOKIE["user_lv"] >= 4) {
$_COOKIE["user_lv"] = 1;
}
if ($_COOKIE["user_lv"] > 3) {
solve(1);
}
echo "<br>level : {$_COOKIE["user_lv"]}";
?>
<br>
<a href=./?view-source=1>view-source</a>
</body>
</html>Change the cookie to be greater then 3, but not 4 and pwned.
Last updated