$solution = blightGetHash(); $attemp = blightAttemp(); if (!strcasecmp($answer, $solution)) { if ($attemp > BLIGHT2_ATTEMPS + 1) { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_attemps', array($attemp, BLIGHT2_ATTEMPS + 1))); } elseif (blightTimeout()) { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_too_slow')); } else { if (blightSolved()) { $chall->onChallengeSolved(GWF_Session::getUserID()); } else { $have = GWF_Session::getOrDefault('BLIGHT2_CONSECUTIVE', '1'); $need = BLIGHT2_CONSEC - $have; echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('msg_consec_success', array($need))); } blightReset(false); } } else { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_wrong', array($attemp))); } } elseif (isset($_POST['inject'])) { blightInit(); $password = Common::getPostString('injection'); $success = blightVuln($password); $attemp = blightAttemp() + 1; if ($success) { echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('msg_logged_in', array($attemp))); } else { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_login', array($attemp))); } blightSetAttempt($attemp);
/** * Init the challenge. * @return void */ function blightInit() { $attemp = blightAttemp(); if ($attemp < 0) { blightReset(); } }
/** * You successfully hacked it one time. * But return false if you need a few more consecutive hacks to solve the chall. * @return true|false */ function blightSolved() { $solvecount = GWF_Session::getOrDefault('BLIGHT3_CONSECUTIVE', 0); $solvecount++; blightReset(false); if ($solvecount >= BLIGHT3_CONSEC) { GWF_Session::remove('BLIGHT3_CONSECUTIVE'); return true; } GWF_Session::set('BLIGHT3_CONSECUTIVE', $solvecount); return false; }
$chall->showHeader(); if (Common::getGetString('reset') === 'me') { blightReset(); echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('msg_reset')); } elseif (isset($_POST['mybutton'])) { blightInit(); $answer = Common::getPostString('thehash'); $solution = blightGetHash(); $attemp = blightAttemp(); if (!strcasecmp($answer, $solution)) { if ($attemp > BLIGHT_ATTEMPS + 1) { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_attempt', array($attemp, BLIGHT_ATTEMPS + 1))); } else { $chall->onChallengeSolved(GWF_Session::getUserID()); } blightReset(); } else { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_wrong', array($attemp))); } } elseif (isset($_POST['inject'])) { blightInit(); $password = Common::getPostString('injection'); $success = blightVuln($password); $attemp = blightAttemp() + 1; if ($success) { echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('msg_logged_in', array($attemp))); } else { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_login', array($attemp))); } blightSetAttempt($attemp); }