/** * Instance of the plugin * * @since 1.0.0 * @static * @staticvar array $instance * @return Instance */ public static function instance() { if (!isset(self::$instance) && !self::$instance instanceof CTF) { self::$instance = new CTF(); self::$instance->define_constants(); add_action('plugins_loaded', array(self::$instance, 'load_textdomain')); self::$instance->includes(); self::$instance->init = new CTF_Init(); } return self::$instance; }
} else { $output = showRegister("User already exists"); } } } else { $output = showRegister("Name can't be empty"); } } break; default: break; } } $challenge = new Challenge(); $array = $BASE_ARRAY; $array['title'] = "CTF Login"; if (isset($_SESSION[Challenge::PLAYER])) { $array['ranking'] = $challenge->getRank(); $array['login'] = '******'; } else { $array['ranking'] = "You have to login to have a rank"; $array['login'] = '******'; } echo CTF::header($array); echo '<div id="content">'; echo '<div id="multi-logo">'; echo "<div id=\"login\">"; echo join('', $output); echo "</div></div></div>"; echo CTF::footer();
<?php require_once '../config/config.inc.php'; $challenge = new Challenge(); $array = $BASE_ARRAY; $array['title'] = "OWASP Capture the Flag"; $loginpage = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME']; $loginpage = str_replace("index", "login", $loginpage); if (isset($_SESSION[Challenge::PLAYER])) { $array['ranking'] = $challenge->getRank(); $array['login'] = '******' . $loginpage . '?action=logout">Logout</a>'; } else { $array['ranking'] = "You have to login to show your rank"; $array['login'] = '******' . $loginpage . '">Login</a>'; } $challenge->header($array); ?> <div id="content"> <div id="big-logo"> <div id="challenges"> <?php $challenge->buildChallenges(); ?> </div> </div> </div> <?php CTF::footer();
<?php require_once '../config/config.inc.php'; $challenge = new Challenge(); $array = $BASE_ARRAY; $array['otherpage'] = '<a class="white" href="/mailbox.php">Mailbox</a>'; $challenge->header($array); CTF::showAllMail($challenge->getUser()); ?> </div></div> <div id="main-footer"> <table width="100%"> <tr> <td>This site is partly made possible by me :)</td> <td align="right">OWASP - CTF 2010</td> </tr> <tr> <td>Thanks to my wife, <a href="http://www.securityskills.nl" class="white">securityskills.nl</a> and other sites of which I copied stuff :)</td> </tr> </table> </div> <!-- mail starts here --> <div id="overlay" style="display:none;"></div> <div id="mail" style="display:none;"> <div class="closing"><a href="javascript:closeMail()">X</a></div> <div id="mailmessage"> </div> </div> </body> </html>
<?php /* * solution: add header X_FORWARDED_FOR: 192.168.102.123 */ require_once '../../../../config/config.inc.php'; $challenge = new Challenge(); $challenge->startChallenge(); $pwd = $challenge->getDictionaryWord(); $token = $challenge->getToken(); $tmp = substr($token, strlen($token) - 8); $ip = hexdec(substr($tmp, 0, 2)) . "." . hexdec(substr($tmp, 2, 2)) . "." . hexdec(substr($tmp, 4, 2)) . "." . hexdec(substr($tmp, 6, 2)); echo "<br/><br/><h3>Login information.</h3><br/>"; if (util::getIP() != $ip) { CTF::error("Not allowed. Access only allowed from ipaddress <i><b>{$ip}</b></i>."); } else { $challenge->mark(); CTF::showAchieved(); } $challenge->stopChallenge();
/* * sha1 => http://sha1.web-max.ca/ */ require_once '../../../../config/config.inc.php'; $challenge = new Challenge(); $challenge->startChallenge(); $pwd = $challenge->getDictionaryWord(); $token = $challenge->getToken(); if (isset($_POST['submit'])) { $uid = util::getPost('username'); $pwd = util::getPost('password'); if ($uid == "admin" && $pwd == $token) { $challenge->mark(); CTF::showAchieved(); } else { CTF::error("Username/password is not correct"); } } ?> Inlognaam = "admin"<br/><br/> Wachtwoord = "<?php echo sha1($token); ?> "<br/><br/> <form autocomplete="off" method="post"> <table> <tr><td>Username</td><td>:</td><td><input type="text" name="username" /></td></tr> <tr><td>Password</td><td>:</td><td><input type="password" name="password" /></td></tr> <tr><td colspan=2/><td><input type="submit" class="button" name="submit" value="Submit" /> <?php $challenge->nextButton();
function footer($array = array()) { CTF::footer($array); }
<?php require_once '../../../../config/config.inc.php'; $challenge = new Challenge(); $challenge->startChallenge(); $pwd = $challenge->getDictionaryWord(); $token = $challenge->getToken(); if (isset($_POST['submit'])) { $code = util::getPost('password'); if ($code == $pwd) { $challenge->mark(); CTF::showAchieved(); } else { CTF::error("Code is not correct"); } } $passphrase = "The password for this exercise is {$pwd}"; ?> <center><?php echo Encode::brailleEncode($passphrase); ?> </center><hr/> <form autocomplete="off" method="post"> <input type="hidden" name="action" value="login" /> <table> <tr><td>Code</td><td>:</td><td><input type="text" name="password" /></td></tr> <tr><td colspan=2/><td><input type="submit" class="button" name="submit" value="Submit" /></td></tr> </table> </form> <?php
static function error($message) { CTF::message($message, "error"); }
if ($db->testTable("SELECT * FROM players LIMIT 0,1", $createSQL)) { $db->query("INSERT INTO players(name,password) VALUES('admin','{$token}')"); } if (isset($_GET['submit'])) { $uid = htmlspecialchars(strip_tags($_GET['username'])); $passwd = htmlspecialchars(strip_tags($_GET['password'])); $sql = "SELECT password FROM players where name='admin'"; $result = $db->query($sql); $tbl = $result->fetch(); $pwd = $tbl['password']; if ($uid == "admin" && $passwd == $pwd) { $challenge->mark(); CTF::showAchieved(); $db->query("DROP database " . 'webchallengedb' . $challenge->getUser()); } else { CTF::error("To bad, please try again. Query: " . str_replace("-", "-", htmlentities($db->lastquery, ENT_QUOTES)) . " "); } } ?> You have to log in as admin. <br/><br/> <?php echo $error; ?> <form autocomplete="off"> <table> <tr><td>Username</td><td>:</td><td><input type="text" name="username" /></td></tr> <tr><td>Password</td><td>:</td><td><input type="password" name="password" /></td></tr> <tr><td colspan=2/><td><input type="submit" class="button" name="submit" value="Submit"/> <?php $challenge->nextButton(); ?>