<?php chdir("../../"); require_once "challenge/html_head.php"; html_head("Install No Escape"); if (!GWF_User::isAdminS()) { return htmlSendToLogin("Better be admin !"); } /* CREATE USER 'gizmore_noesc'@'localhost' IDENTIFIED BY 'gizmore_noesc'; CREATE DATABASE gizmore_noesc; GRANT ALL ON gizmore_noesc.* TO 'gizmore_noesc'@'localhost' IDENTIFIED BY 'gizmore_noesc'; # Now execute install.php */ define('NO_ESCAPE_USER', 'gizmore_noesc'); define('NO_ESCAPE_DB', 'gizmore_noesc'); define('NO_ESCAPE_PW', 'gizmore_noesc'); require_once 'code.include'; noesc_createTable(); $title = 'No Escape'; $solution = false; $score = 2; $url = "challenge/no_escape/index.php"; $creators = "Gizmore"; $tags = 'Exploit,PHP,MySQL'; WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
/** * Areas definieren */ #$areas['workflow'] = array('title'=>'Workflow', 'color'=>'#336600'); $areas['upload'] = array('title' => 'Uploads verwalten', 'color' => '#663300'); $areas['user'] = array('title' => 'Leser verwalten', 'color' => '#660033'); $areas['rights'] = array('title' => 'Dateien verwalten', 'color' => '#330066'); $areas['download'] = array('title' => 'Download', 'color' => '#660066'); // Default Area aktivieren $area = $_REQUEST['area']; if (!isset($area) || !isset($areas[$area])) { $area = array_keys($areas); $area = $area[0]; } // Kopf ausgeben html_head('<style>.tblhead {background-color: ' . $areas[$area]['color'] . '}</style>'); ?> <table border="0" cellspacing="0" cellpadding="0"> <tr> <td><b> Redakteur: <?php echo $db_user['name']; ?> </b></td> <?php // alle Areas foreach ($areas as $_key => $_val) { ?> <td> </td><td style="padding:3px;background-color:<?php echo $area == $_key ? $areas[$area]['color'] : "gray";
$MY_ENV['selected']['langde'] = "selected"; } if ($l == "es") { $MY_ENV['selected']['langes'] = "selected"; } if ($l == "pl") { $MY_ENV['selected']['langpl'] = "selected"; } if ($l == "ru") { $MY_ENV['selected']['langru'] = "selected"; } // adding image if URL sent if (trim($MY_ENV['imgurl']) != "") { $MY_ENV['htmlimgurl'] = "<figure><img src=\"" . $MY_ENV['imgurl'] . "\"></figure>"; } $html_head = html_head(); print $html_head; if ($MY_ENV['complete'] != "yes") { $html_body = html_form(); } else { $html_body = html_page(); } print $html_body; function html_head() { return "\n <!DOCTYPE html>\n <html>\n <head>\n \t<meta charset=\"utf-8\">\n \t<title>Screencast</title>\n \t<link href='http://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|Roboto+Slab:400,100,700&subset=latin,greek,greek-ext,vietnamese,cyrillic-ext,latin-ext' rel='stylesheet' type='text/css'>\n \t<link rel=\"stylesheet\" type=\"text/css\" href=\"css/main.css\">\n </head>"; } // end function html_head() function html_form() { global $lang;
<?php chdir("../../"); require_once "challenge/html_head.php"; html_head("Install Crackcha"); if (!GWF_User::isAdminS()) { return htmlSendToLogin("Better be admin !"); } $title = 'Crackcha'; $solution = false; $score = 8; $url = "challenge/crackcha/index.php"; $creators = "Gizmore"; $tags = 'Cracking,Image,Coding'; require_once 'challenge/crackcha/WC_Crackcha.php'; if (false === GDO::table('WC_Crackcha')->createTable(true)) { die('Can not install crackcha table'); } WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
<?php chdir("../../../../"); require_once "challenge/html_head.php"; html_head("Training: Bacon Returns"); if (!GWF_User::isAdminS()) { echo GWF_HTML::err('ERR_NO_PERMISSION'); $_GET['no_session'] = 1; require_once "challenge/html_foot.php"; return; } $title = 'Training: Bacon Returns'; $solution = false; $score = 3; $url = "challenge/training/encodings/bacon2/index.php"; $creators = "Gizmore"; $tags = 'Encoding,Crypto,Training'; WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
<?php $solutions = (require 'solution.php'); chdir('../../'); require_once 'challenge/html_head.php'; define('GWF_PAGE_TITLE', 'Interesting'); $title = GWF_PAGE_TITLE; html_head('Install: ' . $title); if (!GWF_User::isAdminS()) { return htmlSendToLogin('Better be admin !'); } $solution = implode('', array_keys($solutions)); $score = 2; $url = 'challenge/interesting/index.php'; $creators = 'Gizmore'; $tags = 'Fun,Exploit'; if (false === ($bunny = GWF_User::getByName('Easterbunny'))) { die('Easterbunny not found!'); } $bunny_id = $bunny->getID(); require_once GWF_CORE_PATH . 'module/Profile/GWF_ProfilePOI.php'; $table = GDO::table('GWF_ProfilePOI'); if (!$table->deleteWhere('pp_uid=' . $bunny_id)) { die('DBERR1'); } foreach ($solutions as $word => $latlon) { if (!$table->insertAssoc(array('pp_id' => '0', 'pp_uid' => $bunny_id, 'pp_lat' => $latlon[0], 'pp_lon' => $latlon[1], 'pp_descr' => $word))) { die('DB ERROR!!!!'); } } WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true);
<?php chdir("../../"); require_once "challenge/html_head.php"; html_head("Install Screwed Signup"); if (!GWF_User::isAdminS()) { return htmlSendToLogin("Better be admin !"); } # Create the tables require_once 'screwed_signup.include'; screwed_signupCreateUserTable(); /* CREATE TABLE IF NOT EXISTS `chall_sql1` ( `username` VARCHAR(24) NOT NULL, `password` VARCHAR(32) NOT NULL, `access_level` INT(10) UNSIGNED NOT NULL DEFAULT 0); INSERT INTO `chall_sql1` VALUES ( 'Admin', 'xxx', 1337) */ $title = "Screwed Signup"; $solution = false; $score = 7; $url = "challenge/screwed_signup/index.php"; $creators = "Gizmore"; $tags = 'Exploit,PHP,MySQL'; WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
<?php chdir("../../../../"); require_once "challenge/html_head.php"; html_head("Install Training: Math Pyramid"); if (!GWF_User::isAdminS()) { echo GWF_HTML::err('ERR_NO_PERMISSION'); $_GET['no_session'] = 1; require_once "challenge/html_foot.php"; return; } $title = 'Training: Math Pyramid'; $solution = false; $score = 2; $url = "challenge/training/math/pyramid/index.php"; $creators = "Gizmore"; $tags = 'Math,Training'; WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
switch ($action) { case "subscribe": $area->activate_participation(); redirect(); break; case "unsubscribe": $area->deactivate_participation(); redirect(); break; } warning(_("Unknown action")); redirect(); } html_head(_("Subject areas"), true); $entitled = ( Login::$member and Login::$member->entitled($ngroup->id) ); ?> <table> <tr> <th><?php echo _("Name"); ?> </th> <th><?php echo _("Participants"); ?> </th> <? if ($entitled) { ?>
require './inc/script_start.inc.php'; if ($_SERVER['REQUEST_METHOD'] == 'GET') { $table = get_request_data('table', 'GET'); $col = get_request_data('col', 'GET'); $where = get_request_data('where', 'GET'); } else { $table = get_request_data('table'); $col = get_request_data('col'); $where = get_request_data('where'); $s_wt['blob_as'][$col] = get_request_data('blobtype'); } $imageurl = 'showimage.php?where=' . urlencode($where) . '&table=' . $table . '&col=' . $col; $imageurl .= '&' . uniqid('UNIQ_'); $blob = get_blob_content(sprintf('SELECT %s FROM %s %s', $col, $table, $where)); $title = build_title(sprintf('Blob from %s %s', $table, $where), FALSE); echo html_head($title) . '<body bgcolor="' . $s_cust['color']['area'] . "\">\n" . js_window_resize(BLOB_WINDOW_WIDTH, BLOB_WINDOW_HEIGHT) . '<form method="post" action="' . url_session($_SERVER['PHP_SELF']) . '" name="showblob_form">' . "\n" . hidden_field('table', htmlentities($table)) . hidden_field('col', htmlentities($col)) . hidden_field('where', htmlentities($where)) . "<table>\n<tr>\n<td>\n" . get_selectlist('blobtype', $blob_types, $s_wt['blob_as'][$col], TRUE) . "</td>\n<td>\n" . '<input type="submit" name="change_blobtype" value="Change Type">' . "\n" . "</td>\n<td width=\"50\">\n</td>\n<td>\n" . '<input type="button" value="Close" onClick="self.close()">' . "\n" . "</td>\n</tr>\n<table>\n" . "</form>\n"; $blobas = isset($s_wt['blob_as'][$col]) && $s_wt['blob_as'][$col] != '' ? $s_wt['blob_as'][$col] : 'hex'; switch ($blobas) { case 'png': case 'jpg': case 'gif': echo '<img src="' . $imageurl . "\">\n"; break; case 'text': echo '<pre align="left">' . htmlspecialchars($blob) . "</pre>\n"; break; case 'html': echo $blob; break; case 'hex': echo hex_view($blob);
<?php include '_common.php'; ?> <?php echo html_head('Create Account'); ?> <body class="kbc-outer-page"> <div class="kbc-outer-container"> <div class="kbc-outer-logo"> <span class="kbc-icon-keboola-logo"></span> </div> <form class="kbc-outer-content well" role="form"> <div class="kbc-outer-header"> <h2>Create Account</h2> <p>We will send you password retrieval link via email</p> </div> <div class="kbc-outer-input"> <label for="inputEmail" class="sr-only">Email</label> <input type="email" id="inputEmail" class="form-control" placeholder="Email" required="" autofocus=""> <label for="inputName" class="sr-only">Name</label> <input type="text" id="inputName" class="form-control" placeholder="Name"> <label for="inputPassword" class="sr-only">Password</label> <input type="password" id="inputPassword" class="form-control" placeholder="Password"> <label for="inputConfirmPassword" class="sr-only">Confirm Password</label> <input type="password" id="inputConfirmPassword" class="form-control" placeholder="Confirm Password"> </div> <div class="kbc-outer-form"> <div class="formCaptcha form-group kbc-outer-captcha"> <img width="200" height="50" alt="" src="captcha.png">
<?php chdir('../../../../'); require_once 'challenge/html_head.php'; html_head("Install Training: ASCII"); if (!GWF_User::isAdminS()) { echo GWF_HTML::err('ERR_NO_PERMISSION'); $_GET['no_session'] = 1; require_once "challenge/html_foot.php"; return; } $title = 'Training: ASCII'; $solution = false; $score = 1; $url = "challenge/training/encodings/ascii/index.php"; $creators = "Gizmore"; $tags = 'Training,Encoding'; WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
<?php include '_common.php'; ?> <?php echo html_head('Login'); ?> <body class="kbc-outer-page"> <div class="kbc-outer-container"> <div class="kbc-outer-logo"> <span class="kbc-icon-keboola-logo"></span> </div> <form class="kbc-outer-content well" role="form"> <div class="kbc-outer-header"> <h2>Please Sign In</h2> </div> <div class="kbc-outer-input"> <label for="inputEmail" class="sr-only">Email</label> <input type="email" id="inputEmail" class="form-control" placeholder="Email"> <label for="inputPassword" class="sr-only">Password</label> <input type="password" id="inputPassword" class="form-control" placeholder="Password"> </div> <button class="btn btn-lg btn-info btn-block kbc-login-submit" type="submit">Sign In</button> <p class="kbc-login-links"> <a href="">Sign Up</a> <a href="">Forgot password?</a> </p> </form> <p class="kbc-login-terms">By signing in You agree with our <a href="">Terms and Conditions</a></p> </div>
<?php chdir("../../"); require_once "challenge/html_head.php"; html_head("Install Trivia Challenge"); if (!GWF_User::isAdminS()) { return htmlSendToLogin("Better be admin !"); } $title = "Trivia"; $solution = false; $score = 4; $url = "challenge/trivia/index.php"; $creators = "Z,Gizmore"; $tags = 'Fun'; WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
<? /** * member.php * * @author Magnus Rosenbaum <*****@*****.**> * @package Basisentscheid */ require "inc/common_http.php"; Login::access("member"); if (empty($_GET['id'])) error(_("Missing parameter")); $member = new Member(intval($_GET['id'])); if (!$member) error(_("The requested member does not exist.")); html_head(sprintf(_("Member %s"), $member->username())); ?> <p><?php echo content2html($member->profile); ?> </p> <? html_foot();
$member->password = crypt($password); if ( ! $member->update(['password'], 'password_reset_code=NULL, password_reset_code_expiry=NULL') ) break; success(_("Password has been reset successfully. You can log in with the new password now:")); redirect("login.php"); break; default: warning(_("Unknown action")); redirect(); } } html_head(_("Reset password")); form(BN); input_hidden("action", "set_password"); ?> <fieldset class="member"> <? if ($member) { input_hidden("code", $code); } else { ?> <div class="description td1"><?php echo _("Please enter the code you have received by email:"); ?> </div> <div class="input td1">
if ($action) { if ($action!="confirm") error(_("Unknown action")); action_required_parameters('code'); action_confirm_mail($_POST['code']); } // link in confirmation request mail clicked if (isset($_GET['code'])) { action_confirm_mail($_GET['code']); } } html_head(_("Email address confirmation")); if (Login::$member) { form(BN); ?> <label><?php echo _("Code"); ?> : <input type="text" name="code" size="20" value="<?php echo trim(@$_REQUEST['code']); ?> "></label> <input type="hidden" name="action" value="confirm"> <input type="submit" value="<?php echo _("confirm");
<?php include_once 'lib.php'; $sort = param($_GET, 'sort', 'rd'); $order = param($_GET, 'order', 'ASC'); html_head('Admin > Cards > Extensions list', array('style.css', 'admin.css')); ?> <body> <?php html_menu(); ?> <div class="section"> <h1>Extensions</h1> <a href="../">Return to admin</a> <form method="get"> Sort : <select name="sort"> <option value="rd">Release date</option> <option value="priority">Priority</option> </select> <select name="order"> <option value="ASC">Ascendency</option> <option value="DESC">Descendency</option> </select> <input type="submit"> </form> <?php $ext = param($_GET, 'ext_del', 0); if ($ext != 0) { query("DELETE FROM extension WHERE `id` = '{$ext}' ; "); echo " <p>Extension {$ext} removed</p>";
<?php include '../lib.php'; $id = intval(param_or_die($_GET, 'id')); $pid = param($_GET, 'pid', ''); html_head('Building #' . $id, array('style.css', 'options.css', 'menu.css', 'tournament.css', 'build.css'), array('lib/Flotr2/flotr2.min.js', 'html.js', 'math.js', 'image.js', 'deck.js', 'options.js', 'stats.js', 'websockets.js', 'menu.js', 'spectactor.js', 'tournament/lib.js', 'tournament/limited.js', 'tournament/build.js', '../variables.js.php')); ?> <body onload="start(<?php echo $id; ?> , '<?php echo $pid; ?> ')"> <div id="info" class="section"> <input id="timeleft" type="text" value="Initializing" disabled="disabled" title="Time left for building" size="8"><br> <label title="Tournament starts if every player check this box before timer ends"><input id="ready" type="checkbox" disabled="disabled">I'm ready</label> </div> <div id="stats" class="section"> <h2>Stats</h2> <label><input id="stats_side" type="checkbox">Stats side</label> <div id="stats_graphs"></div> </div> <div id="selectors" class="section"></div> <div id="div_side" class="section"> <h1>Sideboard <?php echo ws_indicator(); ?>
<?php include_once 'lib.php'; $ext = param_or_die($_GET, 'ext'); html_head('Admin > Cards > Extension', array('style.css', 'admin.css', 'admin_extension.css'), array('lib/jquery.js', 'html.js', 'math.js', 'stats.js', 'lib/Flotr2/flotr2.min.js', 'admin/extension.js')); ?> <body> <?php html_menu(); ?> <div class="section"> <?php $query = query("SELECT * FROM extension WHERE `se` = '{$ext}' ; "); if ($arr = mysql_fetch_array($query)) { $ext_bdd = $arr; // Backup first extension line (normally only 1) echo ' <h1>' . $ext . ' - ' . $ext_bdd['name'] . ' (#' . $ext_bdd['id'] . ')</h1>'; echo ' <input id="ext" type="hidden" value="' . $ext_bdd['id'] . '">'; } ?> <a href="extensions.php">Return to extension list</a> <form id="update_ext" action="json/extension.php"> <input type="hidden" name="ext_id" value="<?php echo $ext_bdd['id']; ?> "> Code : <input type="text" name="se" size="4" value="<?php echo $ext_bdd['se']; ?>
<?php include '_common.php'; ?> <?php echo html_head('Orchestrations List'); echo head('<h1>Orchestrations</h1> <a href=""><span class="kbc-refresh kbc-icon-cw"></span></a>', '<button type="button" class="btn btn-success" data-toggle="modal" data-target="#myModal"><span class="kbc-icon-plus"></span> Add Orchestration</button> <!-- Modal --> <div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <div class="modal-dialog"> <div class="modal-content"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button> <h4 class="modal-title" id="myModalLabel">Modal title</h4> </div> <div class="modal-body"> ... </div> <div class="modal-footer"> <button type="button" class="btn btn-lg btn-default" data-dismiss="modal">Close</button> <button type="button" class="btn btn-lg btn-success">Save changes</button> </div> </div> </div> </div> '); ?> <?php include 'notifications.php';
<?php include_once 'lib.php'; $id = param_or_die($_GET, 'id'); html_head('Admin > Cards > View one', array('style.css', 'admin.css'), array('lib/jquery.js', 'math.js', 'html.js')); ?> <script type="text/javascript"> function setimage(src, backsrc) { var img = new Image() ; img.addEventListener('load', function(ev) { var ci = document.getElementById('cardimage') ; ci.style.width = this.width+'px' ; ci.style.height = this.height+'px' ; ci.style.backgroundImage = 'url("'+src+'")' ; }, false) ; img.addEventListener('error', function(ev) { alert('Error loading '+ev.target.src) ; }, false) ; img.src = src ; if ( backsrc ) { var img = new Image() ; img.addEventListener('load', function(ev) { var ci = document.getElementById('cardimageback') ; ci.style.width = this.width+'px' ; ci.style.height = this.height+'px' ; ci.style.backgroundImage = 'url("'+backsrc+'")' ; }, false) ; img.src = backsrc ; } } function start() {
<?php chdir("../../"); require_once "challenge/html_head.php"; html_head("Install Sidology"); if (!GWF_User::isAdminS()) { return htmlSendToLogin("Better be admin !"); } $title = "Sidology Remix"; $solution = false; $score = 5; $url = "challenge/sidology_remix/index.php"; $creators = "Gizmore"; WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
/** * a fatal user error * * @param string $text * @param boolean $content2html (optional) format content */ function error($text, $content2html=false) { if (PHP_SAPI=="cli") { // for tests echo "Error: ".$text."\n"; } else { if (empty($GLOBALS['html_head_issued'])) { html_head(_("Error")); } ?> <p class="error">☓ <?php echo $content2html ? content2html($text) : h($text); ?> </p> <? html_foot(); } exit; }
} $proposal = new Proposal($draft->proposal); $issue = $proposal->issue(); $_SESSION['ngroup'] = $issue->area()->ngroup; list($supporters, $proponents, $is_supporter, $is_proponent) = $proposal->supporters(); if (!$is_proponent and !Login::$admin) { error(_("You are not a proponent of this proposal!")); } html_head( sprintf(_("<a%s>Proposal %d</a>, version differences"), ' href="proposal.php?id='.$proposal->id.'"', $proposal->id) ); ?> <section class="proposal_info"> <? $proposal->display_proposal_info($issue, $proponents, $is_proponent); ?> </section> <section class="proposal_content diff"> <h2><?php echo _("Title"); ?> </h2> <p class="proposal proposal_title"><? diff($draft->title, $draft2->title)?></p> <h2><?php echo _("Content");
<? /** * about * * @author Magnus Rosenbaum <*****@*****.**> * @package Basisentscheid */ require "inc/common_http.php"; html_head(_("About")); readfile("locale/about_".LANG.".html"); ?> <p class="version"><?php echo _("Version"); ?> : <span><?php echo version(); ?> </span></p> <? html_foot();
<?php require_once 'settings.php'; require_once 'vuln.php'; chdir("../../../"); require_once "challenge/html_head.php"; $title = 'Light in the Darkness'; html_head("Install: {$title}"); if (!GWF_User::isAdminS()) { return htmlSendToLogin("Better be admin !"); } $solution = false; $score = 6; $url = "challenge/Mawekl/light_in_the_darkness/index.php"; $creators = "Mawekl"; $tags = 'MySQL,Exploit'; if (false === blightInstall()) { die('DB ERROR!'); } WC_Challenge::installChallenge($title, $solution, $score, $url, $creators, $tags, true); require_once "challenge/html_foot.php";
} } $period->select_ballot($ballot, true); redirect("ballots.php?period=".$period->id); default: warning(_("Unknown action")); redirect(); } } if ($ballot->id) { html_head(sprintf(_("Edit Ballot %d"), $ballot->id), true); } else { html_head(_("New ballot"), true); } form("", "", "editform edit_ballot", "ballot", true); ?> <fieldset> <div class="input <?php echo stripes(); ?> "><label for="name"><?php echo _("Name or location of the ballot"); ?> </label><span class="input"><input type="text" name="name" id="name" value="<?php echo h($ballot->name); ?> "></span></div>
notice(_("The key has already been imported.")); } else { warning(_("The key could not be imported.")); } } redirect(); default: warning(_("Unknown action")); redirect(); } } html_head(_("Member settings")); display_nav_settings(); form(BN); ?> <fieldset class="member"> <div class="input <?php echo stripes(); ?> "> <label for="mail"><?php echo _("Confirmed email address for notifications"); ?> </label> <span class="input"><?php
<?php include_once 'lib.php'; $id = param_or_die($_GET, 'id'); html_head('Admin > Tournament', array('style.css', 'admin.css'), array('lib/jquery.js', 'html.js', 'admin/tournament.js')); ?> <body> <?php html_menu(); $t = query_oneshot("SELECT * FROM `tournament` WHERE `id` = '{$id}' ; "); $data = json_decode($t->data); ?> <div class="section"> <h1>Tournament : <?php echo $t->name; ?> </h1> <h2>General data</h2> <form id="tournament_form" action="json.php"> <input type="hidden" name="id" value="<?php echo $id; ?> "> <ul> <li>ID : <?php echo $t->id; ?> </li> <li>Created : <?php echo $t->creation_date;