public function __wakeup() { if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, 'challenge/are_you_serial/index.php'); } $chall->onChallengeSolved(GWF_Session::getUserID()); }
<?php chdir("../../../../"); define('GWF_PAGE_TITLE', 'Training: GPG'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/WC_CryptoChall.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, '/challenge/training/crypto/gpg/index.php', false); } $chall->showHeader(); WC_CryptoChall::checkSolution($chall, 'OHOYOUGOTGPG!', true, false); if (false !== Common::getPost('send')) { wccgpg_doit($chall, GWF_Session::getUser()); } $url = GWF_WEB_ROOT . 'account'; echo GWF_Box::box($chall->lang('info', array($url)), $chall->lang('title')); $form = '<form action="index.php" method="post">' . PHP_EOL; $form .= '<input type="submit" name="send" value="' . $chall->lang('btn_send') . '" />' . PHP_EOL; $form .= '</form>' . PHP_EOL; echo GWF_Box::box($form); formSolutionbox($chall); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php'; function wccgpg_doit(WC_Challenge $chall, $user) { if ($user === false) { echo GWF_HTML::error('GPG', $chall->lang('err_login'), false); return; } if (!$user->hasValidMail()) {
<?php chdir('../../'); define('GWF_PAGE_TITLE', 'Fremes'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/FREMES/index.php', false); } $chall->showHeader(); if (false !== ($answer = Common::getPostString('answer', false))) { if (false === ($key = GWF_Session::get('FREMEN_KEY', false))) { echo GWF_HTML::error('Fremes', $chall->lang('err_try')); } else { $solution = GWF_Numeric::baseConvert($key, 2, 16); $slen = strlen($solution); $wlen = 128 / 4; $nlen = $wlen - $slen; $solution = str_repeat('0', $nlen) . $solution; $answer = strtoupper($answer); $solution = strtoupper($solution); if ($answer === $solution || substr($answer, 2) === $solution) { $chall->onChallengeSolved(GWF_Session::getUserID()); } else { echo WC_HTML::error('err_wrong'); } } } echo GWF_Box::box($chall->lang('info', array(128, 'fremes.php')), $chall->lang('title')); echo formSolutionbox($chall); require_once 'challenge/html_foot.php';
<?php chdir('../../../../'); define('GWF_PAGE_TITLE', 'Encodings: URL'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 1, 'challenge/training/encodings/url/index.php', false); } $chall->showHeader(); require_once GWF_CORE_PATH . 'module/WeChall/WC_CryptoChall.php'; $solution = WC_CryptoChall::generateSolution('OHNOU_R_Ls', true, true); if (Common::getGetString('p', '') === $solution) { $chall->onChallengeSolved(GWF_Session::getUserID()); } echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
if (isset($_GET['show']) && is_string($_GET['show'])) { if ($_GET['show'] === 'smile') { header('Content-Type: text/plain;'); die(file_get_contents('smile.php')); } elseif ($_GET['show'] === 'livin_smile') { header('Content-Type: text/plain;'); die(file_get_contents('LIVIN_Smile.php')); } } # -------------------------- # chdir('../../../'); define('GWF_PAGE_TITLE', 'Smile'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/livinskull/smile/index.php', false); } $chall->showHeader(); # -------------------------- # if (false !== ($answer = Common::getPostString('answer', false))) { require_once 'challenge/livinskull/smile/LIVIN_Smile.php'; $solution = LIVIN_Smile::getSolution(); if ($answer === $solution) { $chall->onChallengeSolved(GWF_Session::getUserID()); } else { echo WC_HTML::error('err_wrong'); } } # -------------------------- # $url1 = 'index.php?show=smile'; $url2 = 'index.php?highlight=smile';
<?php chdir("../../../"); define('GWF_PAGE_TITLE', 'Training: Get Sourced'); require_once "challenge/html_head.php"; require GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle('Training: Get Sourced'))) { $chall = WC_Challenge::dummyChallenge('Training: Get Sourced'); } $chall->showHeader(); $chall->onCheckSolution(); ?> <div class="box box_c"> <p><?php echo $chall->lang('info'); ?> </p> <p style="color:#e5e5e5;"><?php echo $chall->lang('info2'); ?> </p> </div> <!-- <?php echo $chall->lang('comment'); ?> --> <?php formSolutionbox($chall); require_once "challenge/html_foot.php"; ?> <!-- <?php
<?php if (isset($_GET['show']) && is_string($_GET['show'])) { if ($_GET['show'] === 'source') { header('Content-Type: text/plain; charset=UTF-8;'); die(file_get_contents('nootherdomain.php')); } elseif ($_GET['show'] === 'noothtable') { header('Content-Type: text/plain; charset=UTF-8;'); die(file_get_contents('noothtable.php')); } } chdir('../../../'); define('GWF_PAGE_TITLE', 'Stop us'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 3, 'challenge/noother/stop_us/index.php', false); } $chall->showHeader(); # -------------------------- # $href1 = 'index.php?show=source'; $href2 = 'index.php?highlight=christmas'; $href3 = 'index.php?show=noothtable'; $href4 = 'index.php?highlight=noothtable'; $jjk = 'jjk'; $dloser = 'dloser'; echo GWF_Box::box($chall->lang('info', array('nootherdomain.php', $href1, $href2, $href3, $href4, $jjk, $dloser)), $chall->lang('title')); # -------------------------- # if (false !== ($file = Common::getGetString('highlight', false))) { if ($file === 'noothtable') { $file = 'noothtable.php'; } else {
<?php chdir('../../'); define('GWF_PAGE_TITLE', 'Screwed Signup - Login'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle('Screwed Signup'))) { $chall = WC_Challenge::dummyChallenge('Screwed Signup', 7, 'challenge/screwed_signup/index.php', false); } $chall->showHeader(); require_once 'screwed_signup.include'; if (isset($_POST['login'])) { screwed_signupLogin($chall); } ?> <div class="box box_c"><a href="register.php"><?php echo $chall->lang('btn_register'); ?> </a></div> <?php htmlTitleBox($chall->lang('login_title'), $chall->lang('login_info')); ?> <form action="" method="post"> <?php #Session::CSRF(); ?> <table> <tr>
<?php chdir('../../../'); define('GWF_PAGE_TITLE', 'The Last Hope'); require_once 'challenge/html_head.php'; require GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/bsdhell/thelasthope/index.php', false); } $chall->showHeader(); if (strcasecmp(Common::getPost('answer'), 'username_password') === 0) { $count = GWF_Counter::getCount('WC_BSD_LH_DOLT'); if (false === GWF_Session::getOrDefault('WC_BSD_LH_DOLT', false)) { $count++; GWF_Counter::saveCounter('WC_BSD_LH_DOLT', $count); GWF_Session::set('WC_BSD_LH_DOLT', '1'); } echo GWF_HTML::message('The Last Hope', $chall->lang('msg_literal'), false); echo GWF_HTML::error('The Last Hope', $chall->lang('err_literal', array($count)), false); } else { $chall->onCheckSolution(); } htmlTitleBox($chall->lang('title'), $chall->lang('info', array('bsd_thelasthope.elf'))); formSolutionbox($chall); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../../'); define('GWF_PAGE_TITLE', 'Shadowlamb - Chapter I'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 1, 'challenge/lamb/shadowlamb1/index.php'); } $chall->showHeader(); echo GWF_Box::box(base64_encode($chall->lang('client_info')), $chall->lang('client_it')); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../../'); define('GWF_PAGE_TITLE', 'Training: Prime Factory'); require_once "challenge/html_head.php"; require GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle('Prime Factory'))) { $chall = WC_Challenge::dummyChallenge('Prime Factory', 1, 'index.php', '1'); } $chall->showHeader(); $chall->onCheckSolution(); ?> <div class="box box_c"><?php echo $chall->lang('info'); ?> </div> <?php formSolutionbox($chall); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../../'); define('GWF_PAGE_TITLE', 'Z - Reloaded'); require_once 'challenge/html_head.php'; $title = 'Z - Reloaded'; if (false === ($chall = WC_Challenge::getByTitle($title))) { $chall = WC_Challenge::dummyChallenge($title, 6, '/challenge/Z/reloaded', false); } $chall->showHeader(); htmlTitleBox($chall->lang('title'), $chall->lang('info', array('zshellz.php'))); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../'); define('GWF_PAGE_TITLE', 'Addslashes'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle('Addslashes'))) { $chall = WC_Challenge::dummyChallenge('Addslashes', 5, false, false); } $chall->showHeader(); # Mission echo GWF_Box::box($chall->lang('info', array('addslashes.include', 'index.php?highlight=christmas'))); define('ADDSLASH_USERNAME', 'gizmore_addslash'); define('ADDSLASH_DATABASE', 'gizmore_addslash'); define('ADDSLASH_PASSWORD', 'addslash'); require_once 'addslashes.include'; if (false !== Common::getGet('login')) { if (true === asvsmysql_login(Common::getGet('username'), Common::getGet('password'))) { $chall->onChallengeSolved(GWF_Session::getUserID()); } } if (false !== Common::getGet('highlight')) { $msg = file_get_contents('challenge/addslashes/addslashes.include'); $msg = '[code=php title=addslashes.include]' . $msg . '[/code]'; echo GWF_Box::box(GWF_Message::display($msg)); } ?> <div class="box box_c"> <h2>欢迎登录页面</h2> <h3>请登录</h3>
<?php $data = (require 'data.php'); $solution = (require 'solution.php'); require 'expdb.php'; chdir('../../../../'); define('GWF_PAGE_TITLE', 'Experience'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 3, 'challenge/training/php/experience/index.php', $solution); } $chall->showHeader(); $chall->onCheckSolution(); $user = GWF_User::getStaticOrGuest(); $username = $user->isGuest() ? $chall->lang('guest') : $user->displayUsername(); $hint = '<span style="color:#fff;">' . $chall->lang('hint') . '</span>' . PHP_EOL; echo GWF_Box::box($chall->lang('descr', array($username, $hint))); if (!($db = gdo_db_instance(EXP_DB_HOST, EXP_DB_USER, EXP_DB_PASS, EXP_DB_NAME))) { echo GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } else { require 'blackbox.php'; formSolutionbox($chall); } echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir("../../"); define('GWF_PAGE_TITLE', 'Lettergrid'); require_once 'challenge/html_head.php'; define('LETTERGRID_MAX_TIME', 4.5); if (false === ($chall = WC_Challenge::getByTitle('Lettergrid'))) { $chall = WC_Challenge::dummyChallenge('Lettergrid'); } $chall->showHeader(); $solved = false; if (false !== ($answer = Common::getGet('solution'))) { $solved = checkSolution($chall); } if ($solved === true) { $chall->onChallengeSolved(GWF_Session::getUserID()); } echo htmlTitleBox($chall->lang('title'), $chall->lang('info', array(LETTERGRID_MAX_TIME))); ?> <div class="box box_c"> <iframe src='generate.php' scrolling='auto'> </iframe> <form action='index.php' method='get'> <input type='text' name='solution' value='' /> <input type="submit" name="cmd" value="Submit Answer" /> </form> </div> <?php echo $chall->copyrightFooter();
<?php chdir('../../../../'); define('GWF_PAGE_TITLE', 'Training: WWW-Robots'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 1, 'challenge/training/www/robots/index.php'); } $chall->showHeader(); echo GWF_Box::box($chall->lang('info'), $chall->lang('title')); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../'); define('GWF_PAGE_TITLE', 'Identity'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/identity/index.php', false); } $chall->showHeader(); $score_needed = 500; $title = $chall->lang('title'); if (false !== ($user = GWF_Session::getUser())) { if ($user->getLevel() >= $score_needed) { if (isset($_POST['answer'])) { $pre = $_POST['answer']; identity_filter($chall); $chall->onCheckSolution(); $_POST['answer'] = $pre; } $gizmore = GWF_User::getByName('gizmore'); $profile = $gizmore->displayProfileLink(); echo GWF_Box::box($chall->lang('info', array($profile)), $title); require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; echo formSolutionbox($chall); } else { $score = $user->getLevel(); echo GWF_HTML::error($title, $chall->lang('err_score', array($score, $score_needed))); } } else { echo GWF_HTML::error($title, $chall->lang('err_login'));
<?php chdir('../../../../'); define('GWF_PAGE_TITLE', 'Training: Caterpillar'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, 'challenge/training/stegano/caterpillar/index.php'); } $chall->showHeader(); $chall->onCheckSolution(); echo GWF_Box::box($chall->lang('info', array('caterpillar.png')), $chall->lang('title')); formSolutionbox($chall); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../../../'); define('GWF_PAGE_TITLE', 'AUTH me'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, 'challenge/space/auth_me/index.php', false); } $chall->showHeader(); $chall->onChallengeSolved(); # THE GAME! ;) echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php header('Content-Type: text/plain'); chdir('../../../../'); define('GWF_PAGE_TITLE', 'The Travelling Customer'); require_once 'challenge/gwf_include.php'; GWF_Website::init(getcwd()); require_once 'challenge/training/programming/knapsaak/salesman.php'; $wechall = GWF_Module::loadModuleDB('WeChall', true, true); if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/training/programming/knapsaak/index.php'); } echo salesman_on_submit_answer($chall); //GWF_Session::commit();
<?php chdir('../../'); define('GWF_PAGE_TITLE', 'Pimitive Encryption'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/pimitive_encryption/index.php'); } $chall->showHeader(); $href_zip = 'pimitive.zip'; if (false === ($jander = GWF_User::getByName('Jander'))) { $jander = '<b>Jander</b>'; } else { $jander = $jander->displayProfileLink(); } $chall->onCheckSolution(); echo GWF_Box::box($chall->lang('info', array($jander, $href_zip)), $chall->lang('title')); echo formSolutionbox($chall); # Your footer echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php require_once 'hg_wc3.php'; require_once 'hg_wc4.php'; require_once 'passwords.php'; chdir('../../'); define('GWF_PAGE_TITLE', 'WC Hashing Game'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, '/challenge/hashgame/index.php', false); } $chall->showHeader(); if ('' !== ($answer = Common::getPostString('answer'))) { hashgame_check_answer($chall, $answer, $list1, $list2); } if (false !== ($z = GWF_User::getByName('Z'))) { $credits = $z->displayProfileLink(); } else { $credits = 'Z'; } echo GWF_Box::box($chall->lang('info', array('index.php?list=wc3', 'index.php?algo=wc3', 'index.php?list=wc4', 'index.php?algo=wc4', $credits)), $chall->lang('title')); if (Common::getGetString('algo') === 'wc3') { $code = sprintf('[PHP title=hg_wc3.php]%s[/PHP]', file_get_contents('challenge/hashgame/hg_wc3.php')); echo GWF_Box::box(GWF_Message::display($code)); } elseif (Common::getGetString('algo') === 'wc4') { $code = sprintf('[PHP title=hg_wc4.php]%s[/PHP]', file_get_contents('challenge/hashgame/hg_wc4.php')); echo GWF_Box::box(GWF_Message::display($code)); } if (Common::getGetString('list') === 'wc3') { $content = '';
<?php # Change dir to web root chdir('../../../../'); define('GWF_PAGE_TITLE', 'Training: MySQL I'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, 'challenge/training/mysql/auth_bypass1/index.php', false); } $chall->showHeader(); echo GWF_Box::box($chall->lang('info', array('index.php?show=source', 'index.php?highlight=christmas')), $chall->lang('title')); $filename = 'challenge/training/mysql/auth_bypass1/login.php'; if (Common::getGetString('show') === 'source') { echo GWF_Box::box('<pre>' . htmlspecialchars(file_get_contents($filename)) . '</pre>'); } elseif (Common::getGetString('highlight') === 'christmas') { $message = '[PHP]' . file_get_contents($filename) . '[/PHP]'; echo GWF_Message::display($message); } define('WCC_AUTH_BYPASS1_DB', 'gizmore_auth1'); define('WCC_AUTH_BYPASS1_USER', 'gizmore_auth1'); define('WCC_AUTH_BYPASS1_PASS', 'AuthIsBypass'); include 'login.php'; echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../../'); define('GWF_PAGE_TITLE', 'Babbage and Coldplay'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 3, 'challenge/ludde/babbage_and_coldplay/index.php', 'fe91bf59f3a2476d45f78ef00701a24b'); } $chall->showHeader(); # -------------------------- # if (false !== ($answer = Common::getPostString('answer', false))) { $chall->onCheckSolution(md5(preg_replace('/[^a-z]/', '', strtolower($answer)))); } # -------------------------- # $href = 'babbage_and_coldplay.mp3'; echo GWF_Box::box($chall->lang('info', array($href)), $chall->lang('title')); # -------------------------- # echo formSolutionbox($chall); # -------------------------- # echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir("../../../"); define('GWF_PAGE_TITLE', 'Training: Encodings I'); require_once "challenge/html_head.php"; require GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle("Training: Encodings I"))) { $chall = WC_Challenge::dummyChallenge('Training: Encodings I'); } $chall->showHeader(); $chall->onCheckSolution(); ?> <div class="box box_c"> <?php echo $chall->lang('info', array(GWF_WEB_ROOT . 'tools/JPK')); ?> <br/> <br/> <pre> 10101001101000110100111100110100 00011101001100101111100011101000 10000011010011110011010000001101 11010110111000101101001111010001 00000110010111011101100011110111 11100100110010111001000100000110 00011110011110001111010011101001 01011100100000101100111011111110 10111100100100000111000011000011 11001111100111110111110111111100 10110010001000001101001111001101
<?php header('Content-Type: text/plain'); chdir('../../'); define('GWF_PAGE_TITLE', 'Crackcha'); require_once 'challenge/gwf_include.php'; GWF_Website::init(getcwd()); $wechall = GWF_Module::loadModuleDB('WeChall', true, true); require_once 'challenge/crackcha/crackcha.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 8, 'challenge/crackcha/index.php', false); } echo crackcha_reset($chall); //GWF_Session::commit();
<?php require_once 'warconfig.php'; chdir('../../../'); define('GWF_PAGE_TITLE', 'Training: Warchall - The Beginning'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 1, 'challenge/warchall/begins/index.php', 'bitwarrior,LameStartup,HiddenIsConfig,RepeatingHistory,AndIknowchown,OhRightThePerms'); } $chall->showHeader(); $score = 0; $chall->onCheckSolution(); echo GWF_Box::box($chall->lang('info'), $chall->lang('title')); if (false === ($user = GWF_Session::getUser())) { echo GWF_HTML::error('Warchall', $chall->lang('err_login')); } elseif ($score > ($scre = $user->getLevel())) { echo GWF_HTML::error('Warchall', $chall->lang('err_score', $scre, $score)); } else { echo warchall1createAccount($chall); } formSolutionbox($chall); echo $chall->copyrightFooter(); require 'challenge/warchall/ads.php'; require_once 'challenge/html_foot.php'; final class WCA_FormCreate { public function form(WC_Challenge $chall) { $data = array('password1' => array(GWF_Form::PASSWORD, '', $chall->lang('th_password')), 'password2' => array(GWF_Form::PASSWORD, '', $chall->lang('th_password2')), 'create' => array(GWF_Form::SUBMIT, $chall->lang('btn_submit'))); return new GWF_Form($this, $data);
<?php # Show src if (isset($_GET['show'])) { # http://en.wikipedia.org/wiki/Quine_%28computing%29 header('Content-Type: text/plain'); die(file_get_contents('index.php')); } # Header chdir('../../../'); define('GWF_PAGE_TITLE', 'Training: RegexMini'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, 'challenge/training/regex2/index.php', false); } $chall->showHeader(); # Info box echo GWF_Box::box($chall->lang('info', array('index.php?show=source', 'index.php?highlight=christmas')), $chall->lang('title')); # Show highlighted src if (isset($_GET['highlight'])) { $source = '[PHP title=regex2/index.php]' . file_get_contents('challenge/training/regex2/index.php') . '[/PHP]'; echo GWF_Box::box(GWF_Message::display($source, true, false)); } # Submitted? if (isset($_POST['submit'])) { # Check it! $error = ludde_is_satisfied($chall); # Oooops! if ($error === true) { $chall->onChallengeSolved(GWF_Session::getUserID()); } elseif ($error === false) {
<?php require 'checkit.php'; # required to check your solution/injection chdir('../../'); # chroot to web root define('GWF_PAGE_TITLE', 'Yourself PHP'); # Wrapper hack require_once 'challenge/html_head.php'; # output start of website # Get the challenge if (false === ($chall = WC_Challenge::getByTitle('Yourself PHP'))) { $chall = WC_Challenge::dummyChallenge('Yourself PHP', 4, 'challenge/yourself_php/index.php', false); } # And display the header $chall->showHeader(); # Show mission box (translated) echo GWF_Box::box($chall->lang('mission_i', array('index.php?highlight=christmas')), $chall->lang('mission_t')); # Check your injection and fix the hole by silently applying htmlsepcialchars to the vuln input. if (phpself_checkit()) { $chall->onChallengeSolved(GWF_Session::getUserID()); } # Show this file as highlighted sourcecode, if desired if ('christmas' === Common::getGetString('highlight')) { $msg = file_get_contents('challenge/yourself_php/index.php'); $msg = '[' . 'code=php title=index.php]' . $msg . '[' . '/code]'; echo GWF_Box::box(GWF_Message::display($msg)); } # __This is the challenge: if (isset($_POST['username'])) { echo GWF_Box::box(sprintf("Well done %s, you entered your username. But this is <b>not</b> what you need to do.", htmlspecialchars(Common::getPostString('username'))));
<?php chdir('../../../../'); define('GWF_PAGE_TITLE', 'Stegano Attachment'); require_once 'challenge/html_head.php'; require_once GWF_CORE_PATH . 'module/WeChall/WC_CryptoChall.php'; require_once GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, '/challenge/training/stegano/attachment/index.php', false); } $chall->showHeader(); WC_CryptoChall::checkSolution($chall, 'YouLikeAttachmentEh', true, false); echo GWF_Box::box($chall->lang('info', array('attachment.php')), $chall->lang('title')); formSolutionbox($chall); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';