<?php
chdir('../../');
define('GWF_PAGE_TITLE', 'Snake');
define('CHEAT_SNAKE_SCORE', 300000);
require_once 'challenge/html_head.php';
if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) {
$chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/snake/index.php', false);
}
$chall->showHeader();
htmlTitleBox($chall->lang('title'), $chall->lang('info', array(CHEAT_SNAKE_SCORE, 'CGI_Highscore.php', 'http://snake.gizmore.org', 'http://snake.gizmore.org/CGI_Highscore.php')));
echo '<div class="box box_c">' . PHP_EOL;
echo '<applet code="SnakeApplet.class" archive="snake.jar?v=1.06" width="500" height="400"><param name="sessid" value="' . GWF_HTML::display(GWF_Session::getSessID()) . '" ></param></applet>' . PHP_EOL;
echo '</div>' . PHP_EOL;
echo $chall->copyrightFooter();
require_once 'challenge/html_foot.php';
$chall = WC_Challenge::dummyChallenge('Screwed Signup', 7, 'challenge/screwed_signup/index.php', false);
}
$chall->showHeader();
require_once 'screwed_signup.include';
if (isset($_POST['login'])) {
screwed_signupLogin($chall);
}
?>
<div class="box box_c"><a href="register.php"><?php
echo $chall->lang('btn_register');
?>
</a></div>
<?php
htmlTitleBox($chall->lang('login_title'), $chall->lang('login_info'));
?>
<form action="" method="post">
<?php
#Session::CSRF();
?>
<table>
<tr>
<td><?php
echo $chall->lang('th_username');
?>
:</td>
<td><input type="text" name="username" value="" /></td>
</tr>
<?php
chdir('../../../');
define('GWF_PAGE_TITLE', 'Z - Reloaded');
require_once 'challenge/html_head.php';
$title = 'Z - Reloaded';
if (false === ($chall = WC_Challenge::getByTitle($title))) {
$chall = WC_Challenge::dummyChallenge($title, 6, '/challenge/Z/reloaded', false);
}
$chall->showHeader();
htmlTitleBox($chall->lang('title'), $chall->lang('info', array('zshellz.php')));
echo $chall->copyrightFooter();
require_once 'challenge/html_foot.php';
<?php
chdir('../../../');
define('GWF_PAGE_TITLE', 'The Last Hope');
require_once 'challenge/html_head.php';
require GWF_CORE_PATH . 'module/WeChall/solutionbox.php';
if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) {
$chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/bsdhell/thelasthope/index.php', false);
}
$chall->showHeader();
if (strcasecmp(Common::getPost('answer'), 'username_password') === 0) {
$count = GWF_Counter::getCount('WC_BSD_LH_DOLT');
if (false === GWF_Session::getOrDefault('WC_BSD_LH_DOLT', false)) {
$count++;
GWF_Counter::saveCounter('WC_BSD_LH_DOLT', $count);
GWF_Session::set('WC_BSD_LH_DOLT', '1');
}
echo GWF_HTML::message('The Last Hope', $chall->lang('msg_literal'), false);
echo GWF_HTML::error('The Last Hope', $chall->lang('err_literal', array($count)), false);
} else {
$chall->onCheckSolution();
}
htmlTitleBox($chall->lang('title'), $chall->lang('info', array('bsd_thelasthope.elf')));
formSolutionbox($chall);
echo $chall->copyrightFooter();
require_once 'challenge/html_foot.php';
echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_login', array($attemp)));
}
blightSetAttempt($attemp);
}
$url1 = 'index.php?show=source';
$url2 = 'index.php?highlight=christmas';
$url3 = 'index.php?reset=me';
$egg = 'On the run to the great gig.';
$egg = '<span style="color: #eee;">' . $egg . '</span>';
if (false !== ($dloser = GWF_User::getByName('dloser'))) {
$dloser = $dloser->displayProfileLink();
} else {
$dloser = 'dloser';
}
$text = $chall->lang('info', array(BLIGHT2_ATTEMPS, BLIGHT2_CONSEC, $url1, $url2, $url3, $egg, $dloser));
htmlTitleBox($chall->lang('title'), $text);
if (Common::getGetString('highlight') === 'christmas') {
echo GWF_Message::display('[php title=vuln.php]' . file_get_contents('challenge/blind_lighter/vuln.php') . '[/php]');
}
?>
<div class="box box_c">
<form method="post" action="index.php">
<div><?php
echo $chall->lang('th_injection');
?>
: <input name="injection" type="text" value="" /></div>
<div><input name="inject" type="submit" value="<?php
echo $chall->lang('btn_inject');
?>
" /></div>
</form>
chdir("../../");
define('GWF_PAGE_TITLE', 'Lettergrid');
require_once 'challenge/html_head.php';
define('LETTERGRID_MAX_TIME', 4.5);
if (false === ($chall = WC_Challenge::getByTitle('Lettergrid'))) {
$chall = WC_Challenge::dummyChallenge('Lettergrid');
}
$chall->showHeader();
$solved = false;
if (false !== ($answer = Common::getGet('solution'))) {
$solved = checkSolution($chall);
}
if ($solved === true) {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
echo htmlTitleBox($chall->lang('title'), $chall->lang('info', array(LETTERGRID_MAX_TIME)));
?>
<div class="box box_c">
<iframe src='generate.php' scrolling='auto'>
</iframe>
<form action='index.php' method='get'>
<input type='text' name='solution' value='' />
<input type="submit" name="cmd" value="Submit Answer" />
</form>
</div>
<?php
echo $chall->copyrightFooter();
require_once "challenge/html_foot.php";
function checkSolution(WC_Challenge $chall)
chdir("../../");
define('GWF_PAGE_TITLE', 'Letterworm');
require_once 'challenge/html_head.php';
if (false === ($chall = WC_Challenge::getByTitle("Letterworm"))) {
$chall = WC_Challenge::dummyChallenge('Letterworm');
}
$chall->showHeader();
$solved = false;
if (isset($_GET["solution"])) {
$solved = checkSolution($chall);
}
if ($solved === true) {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
htmlTitleBox($chall->lang('title'), $chall->lang('info'));
?>
<div class="box box_c">
<iframe src='generate.php' scrolling='auto' style="margin: 10px; padding: 5px; height: 320px;"></iframe>
<form action='index.php' method='get'>
<input type="text" name="solution" value="" />
<input type="submit" name="submit" value="Submit" />
</form>
</div>
<?php
echo $chall->copyrightFooter();
require_once "challenge/html_foot.php";
function checkSolution(WC_Challenge $chall)
{
// if (!User::isLoggedIn()) {
chdir("../../");
define('WC_CYRM_TIMEOUT', 2.5);
define('GWF_PAGE_TITLE', 'Can you read me');
require_once "challenge/html_head.php";
if (false === ($chall = WC_Challenge::getByTitle('Can you read me'))) {
$chall = WC_Challenge::dummyChallenge('Can you read me');
}
$chall->showHeader();
$solved = false;
if (isset($_GET["solution"])) {
$solved = checkSolution($chall);
}
if ($solved === true) {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
htmlTitleBox($chall->lang('title'), $chall->lang('info', array(WC_CYRM_TIMEOUT)));
?>
<div class="box box_c">
<img src='gimme.php'><br/>
<form action='index.php' method='get'>
<input type='text' name='solution' value='' />
<input type="submit" name="cmd" value="Answer" />
</form>
</div>
<?php
echo $chall->copyrightFooter();
require_once "challenge/html_foot.php";
function checkSolution(WC_Challenge $chall)
{
if (false === ($correct = GWF_Session::getOrDefault('cyrm_solution'))) {
return htmlDisplayError($chall->lang('err_no_request'));
if (false === ($chall = WC_Challenge::getByTitle('Screwed Signup'))) {
$chall = WC_Challenge::dummyChallenge('Screwed Signup', 7, 'challenge/screwed_signup/index.php', false);
}
$chall->showHeader();
require_once 'screwed_signup.include';
if (isset($_POST['register'])) {
screwed_signupRegister($chall);
}
?>
<div class="box"><a href="login.php"><?php
echo $chall->lang('btn_login');
?>
</a></div>
<?php
htmlTitleBox($chall->lang('register_title'), $chall->lang('register_info'));
?>
<form action="" method="post">
<?php
#Session::CSRF();
?>
<table>
<tr>
<td><?php
echo $chall->lang('th_username');
?>
</td>
<td><input type="text" name="username" value="" /></td>
</tr>
<tr>
$password = Common::getPostString('injection');
$success = blightVuln($password);
$attemp = blightAttemp() + 1;
if ($success) {
echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('msg_logged_in', array($attemp)));
} else {
echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_login', array($attemp)));
}
blightSetAttempt($attemp);
}
$url1 = 'index.php?show=source';
$url2 = 'index.php?highlight=christmas';
$url3 = 'index.php?reset=me';
$egg = '4970342d42344c5657636c3d763f68637461772f6d6f632e65627574756f792e7777772f2f3a70747468';
$egg = '<span style="color: #eee;">' . $egg . '</span>';
htmlTitleBox($chall->lang('title'), $chall->lang('info', array(BLIGHT_ATTEMPS, $url1, $url2, $url3, $egg)));
if (Common::getGetString('highlight') === 'christmas') {
echo GWF_Message::display('[php title=vuln.php]' . file_get_contents('challenge/blind_light/vuln.php') . '[/php]');
}
?>
<div class="box box_c">
<form method="post" action="index.php">
<div><?php
echo $chall->lang('th_injection');
?>
: <input name="injection" type="text" value="" /></div>
<div><input name="inject" type="submit" value="<?php
echo $chall->lang('btn_inject');
?>
" /></div>
</form>
/**
* Thank you for upload. we might store the file and earn money.
* Thank you again :)
* @param string $file_data
* @return NULL
*/
function upload_please_thx($file_data)
{
htmlTitleBox('Thank You For Uploading:', '<div class="thx_result">' . nl2br(htmlspecialchars(substr($file_data, 0, 1024)) . '</div>'));
}
if (false === ($chall = WC_Challenge::getByTitle('Screwed Signup'))) {
$chall = WC_Challenge::dummyChallenge('Screwed Signup', 7, 'challenge/screwed_signup/index.php', false);
}
$chall->showHeader();
switch (Common::getGet('hl')) {
case 'src':
$highlight = 'screwed_signup.include';
break;
case 'Login':
$highlight = 'login.php';
break;
case 'Register':
$highlight = 'register.php';
break;
default:
break;
}
if (isset($highlight)) {
$msg = file_get_contents('challenge/screwed_signup/' . $highlight);
$msg = '[code=php title=' . $highlight . ']' . $msg . '[/code]';
echo GWF_Box::box(GWF_Message::display($msg, true, true, true));
}
htmlTitleBox($chall->lang('title'), $chall->lang('info', array('screwed_signup.include', 'index.php?hl=src', 'index.php?hl=Login', 'index.php?hl=Register')));
?>
<div class="box box_c">
<div style="margin: 4px;"><a href="register.php">Register</a></div>
<div style="margin: 4px;"><a href="login.php">Login</a></div>
</div>
<?php
echo $chall->copyrightFooter();
require_once 'challenge/html_foot.php';
<?php
define('NO_ESCAPE_USER', 'gizmore_noesc');
define('NO_ESCAPE_DB', 'gizmore_noesc');
define('NO_ESCAPE_PW', 'gizmore_noesc');
require_once 'code.include';
chdir('../../');
define('GWF_PAGE_TITLE', 'No Escape');
require_once 'challenge/html_head.php';
if (!($chall = WC_Challenge::getByTitle('No Escape'))) {
$chall = WC_Challenge::dummyChallenge('No Escape', 2, '/challenge/no_escape/index.php', false);
}
$chall->showHeader();
if ($who = Common::getGetString('vote_for', false)) {
noesc_voteup($who);
}
htmlTitleBox($chall->lang('title'), $chall->lang('info', array('code.include', 'index.php?highlight=christmas')));
if (Common::getGetString('highlight') === 'christmas') {
$msg = file_get_contents('challenge/no_escape/code.include');
$msg = '[code=php title=code.include]' . $msg . '[/code]';
echo GWF_Box::box(GWF_Message::display($msg, true, false, false));
}
echo noesc_DisplayVotes($chall);
echo $chall->copyrightFooter();
require_once 'challenge/html_foot.php';
