<?php chdir('../../'); define('GWF_PAGE_TITLE', 'Snake'); define('CHEAT_SNAKE_SCORE', 300000); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/snake/index.php', false); } $chall->showHeader(); htmlTitleBox($chall->lang('title'), $chall->lang('info', array(CHEAT_SNAKE_SCORE, 'CGI_Highscore.php', 'http://snake.gizmore.org', 'http://snake.gizmore.org/CGI_Highscore.php'))); echo '<div class="box box_c">' . PHP_EOL; echo '<applet code="SnakeApplet.class" archive="snake.jar?v=1.06" width="500" height="400"><param name="sessid" value="' . GWF_HTML::display(GWF_Session::getSessID()) . '" ></param></applet>' . PHP_EOL; echo '</div>' . PHP_EOL; echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
$chall = WC_Challenge::dummyChallenge('Screwed Signup', 7, 'challenge/screwed_signup/index.php', false); } $chall->showHeader(); require_once 'screwed_signup.include'; if (isset($_POST['login'])) { screwed_signupLogin($chall); } ?> <div class="box box_c"><a href="register.php"><?php echo $chall->lang('btn_register'); ?> </a></div> <?php htmlTitleBox($chall->lang('login_title'), $chall->lang('login_info')); ?> <form action="" method="post"> <?php #Session::CSRF(); ?> <table> <tr> <td><?php echo $chall->lang('th_username'); ?> :</td> <td><input type="text" name="username" value="" /></td> </tr>
<?php chdir('../../../'); define('GWF_PAGE_TITLE', 'Z - Reloaded'); require_once 'challenge/html_head.php'; $title = 'Z - Reloaded'; if (false === ($chall = WC_Challenge::getByTitle($title))) { $chall = WC_Challenge::dummyChallenge($title, 6, '/challenge/Z/reloaded', false); } $chall->showHeader(); htmlTitleBox($chall->lang('title'), $chall->lang('info', array('zshellz.php'))); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php chdir('../../../'); define('GWF_PAGE_TITLE', 'The Last Hope'); require_once 'challenge/html_head.php'; require GWF_CORE_PATH . 'module/WeChall/solutionbox.php'; if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 4, 'challenge/bsdhell/thelasthope/index.php', false); } $chall->showHeader(); if (strcasecmp(Common::getPost('answer'), 'username_password') === 0) { $count = GWF_Counter::getCount('WC_BSD_LH_DOLT'); if (false === GWF_Session::getOrDefault('WC_BSD_LH_DOLT', false)) { $count++; GWF_Counter::saveCounter('WC_BSD_LH_DOLT', $count); GWF_Session::set('WC_BSD_LH_DOLT', '1'); } echo GWF_HTML::message('The Last Hope', $chall->lang('msg_literal'), false); echo GWF_HTML::error('The Last Hope', $chall->lang('err_literal', array($count)), false); } else { $chall->onCheckSolution(); } htmlTitleBox($chall->lang('title'), $chall->lang('info', array('bsd_thelasthope.elf'))); formSolutionbox($chall); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_login', array($attemp))); } blightSetAttempt($attemp); } $url1 = 'index.php?show=source'; $url2 = 'index.php?highlight=christmas'; $url3 = 'index.php?reset=me'; $egg = 'On the run to the great gig.'; $egg = '<span style="color: #eee;">' . $egg . '</span>'; if (false !== ($dloser = GWF_User::getByName('dloser'))) { $dloser = $dloser->displayProfileLink(); } else { $dloser = 'dloser'; } $text = $chall->lang('info', array(BLIGHT2_ATTEMPS, BLIGHT2_CONSEC, $url1, $url2, $url3, $egg, $dloser)); htmlTitleBox($chall->lang('title'), $text); if (Common::getGetString('highlight') === 'christmas') { echo GWF_Message::display('[php title=vuln.php]' . file_get_contents('challenge/blind_lighter/vuln.php') . '[/php]'); } ?> <div class="box box_c"> <form method="post" action="index.php"> <div><?php echo $chall->lang('th_injection'); ?> : <input name="injection" type="text" value="" /></div> <div><input name="inject" type="submit" value="<?php echo $chall->lang('btn_inject'); ?> " /></div> </form>
chdir("../../"); define('GWF_PAGE_TITLE', 'Lettergrid'); require_once 'challenge/html_head.php'; define('LETTERGRID_MAX_TIME', 4.5); if (false === ($chall = WC_Challenge::getByTitle('Lettergrid'))) { $chall = WC_Challenge::dummyChallenge('Lettergrid'); } $chall->showHeader(); $solved = false; if (false !== ($answer = Common::getGet('solution'))) { $solved = checkSolution($chall); } if ($solved === true) { $chall->onChallengeSolved(GWF_Session::getUserID()); } echo htmlTitleBox($chall->lang('title'), $chall->lang('info', array(LETTERGRID_MAX_TIME))); ?> <div class="box box_c"> <iframe src='generate.php' scrolling='auto'> </iframe> <form action='index.php' method='get'> <input type='text' name='solution' value='' /> <input type="submit" name="cmd" value="Submit Answer" /> </form> </div> <?php echo $chall->copyrightFooter(); require_once "challenge/html_foot.php"; function checkSolution(WC_Challenge $chall)
chdir("../../"); define('GWF_PAGE_TITLE', 'Letterworm'); require_once 'challenge/html_head.php'; if (false === ($chall = WC_Challenge::getByTitle("Letterworm"))) { $chall = WC_Challenge::dummyChallenge('Letterworm'); } $chall->showHeader(); $solved = false; if (isset($_GET["solution"])) { $solved = checkSolution($chall); } if ($solved === true) { $chall->onChallengeSolved(GWF_Session::getUserID()); } htmlTitleBox($chall->lang('title'), $chall->lang('info')); ?> <div class="box box_c"> <iframe src='generate.php' scrolling='auto' style="margin: 10px; padding: 5px; height: 320px;"></iframe> <form action='index.php' method='get'> <input type="text" name="solution" value="" /> <input type="submit" name="submit" value="Submit" /> </form> </div> <?php echo $chall->copyrightFooter(); require_once "challenge/html_foot.php"; function checkSolution(WC_Challenge $chall) { // if (!User::isLoggedIn()) {
chdir("../../"); define('WC_CYRM_TIMEOUT', 2.5); define('GWF_PAGE_TITLE', 'Can you read me'); require_once "challenge/html_head.php"; if (false === ($chall = WC_Challenge::getByTitle('Can you read me'))) { $chall = WC_Challenge::dummyChallenge('Can you read me'); } $chall->showHeader(); $solved = false; if (isset($_GET["solution"])) { $solved = checkSolution($chall); } if ($solved === true) { $chall->onChallengeSolved(GWF_Session::getUserID()); } htmlTitleBox($chall->lang('title'), $chall->lang('info', array(WC_CYRM_TIMEOUT))); ?> <div class="box box_c"> <img src='gimme.php'><br/> <form action='index.php' method='get'> <input type='text' name='solution' value='' /> <input type="submit" name="cmd" value="Answer" /> </form> </div> <?php echo $chall->copyrightFooter(); require_once "challenge/html_foot.php"; function checkSolution(WC_Challenge $chall) { if (false === ($correct = GWF_Session::getOrDefault('cyrm_solution'))) { return htmlDisplayError($chall->lang('err_no_request'));
if (false === ($chall = WC_Challenge::getByTitle('Screwed Signup'))) { $chall = WC_Challenge::dummyChallenge('Screwed Signup', 7, 'challenge/screwed_signup/index.php', false); } $chall->showHeader(); require_once 'screwed_signup.include'; if (isset($_POST['register'])) { screwed_signupRegister($chall); } ?> <div class="box"><a href="login.php"><?php echo $chall->lang('btn_login'); ?> </a></div> <?php htmlTitleBox($chall->lang('register_title'), $chall->lang('register_info')); ?> <form action="" method="post"> <?php #Session::CSRF(); ?> <table> <tr> <td><?php echo $chall->lang('th_username'); ?> </td> <td><input type="text" name="username" value="" /></td> </tr> <tr>
$password = Common::getPostString('injection'); $success = blightVuln($password); $attemp = blightAttemp() + 1; if ($success) { echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('msg_logged_in', array($attemp))); } else { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('err_login', array($attemp))); } blightSetAttempt($attemp); } $url1 = 'index.php?show=source'; $url2 = 'index.php?highlight=christmas'; $url3 = 'index.php?reset=me'; $egg = '4970342d42344c5657636c3d763f68637461772f6d6f632e65627574756f792e7777772f2f3a70747468'; $egg = '<span style="color: #eee;">' . $egg . '</span>'; htmlTitleBox($chall->lang('title'), $chall->lang('info', array(BLIGHT_ATTEMPS, $url1, $url2, $url3, $egg))); if (Common::getGetString('highlight') === 'christmas') { echo GWF_Message::display('[php title=vuln.php]' . file_get_contents('challenge/blind_light/vuln.php') . '[/php]'); } ?> <div class="box box_c"> <form method="post" action="index.php"> <div><?php echo $chall->lang('th_injection'); ?> : <input name="injection" type="text" value="" /></div> <div><input name="inject" type="submit" value="<?php echo $chall->lang('btn_inject'); ?> " /></div> </form>
/** * Thank you for upload. we might store the file and earn money. * Thank you again :) * @param string $file_data * @return NULL */ function upload_please_thx($file_data) { htmlTitleBox('Thank You For Uploading:', '<div class="thx_result">' . nl2br(htmlspecialchars(substr($file_data, 0, 1024)) . '</div>')); }
if (false === ($chall = WC_Challenge::getByTitle('Screwed Signup'))) { $chall = WC_Challenge::dummyChallenge('Screwed Signup', 7, 'challenge/screwed_signup/index.php', false); } $chall->showHeader(); switch (Common::getGet('hl')) { case 'src': $highlight = 'screwed_signup.include'; break; case 'Login': $highlight = 'login.php'; break; case 'Register': $highlight = 'register.php'; break; default: break; } if (isset($highlight)) { $msg = file_get_contents('challenge/screwed_signup/' . $highlight); $msg = '[code=php title=' . $highlight . ']' . $msg . '[/code]'; echo GWF_Box::box(GWF_Message::display($msg, true, true, true)); } htmlTitleBox($chall->lang('title'), $chall->lang('info', array('screwed_signup.include', 'index.php?hl=src', 'index.php?hl=Login', 'index.php?hl=Register'))); ?> <div class="box box_c"> <div style="margin: 4px;"><a href="register.php">Register</a></div> <div style="margin: 4px;"><a href="login.php">Login</a></div> </div> <?php echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';
<?php define('NO_ESCAPE_USER', 'gizmore_noesc'); define('NO_ESCAPE_DB', 'gizmore_noesc'); define('NO_ESCAPE_PW', 'gizmore_noesc'); require_once 'code.include'; chdir('../../'); define('GWF_PAGE_TITLE', 'No Escape'); require_once 'challenge/html_head.php'; if (!($chall = WC_Challenge::getByTitle('No Escape'))) { $chall = WC_Challenge::dummyChallenge('No Escape', 2, '/challenge/no_escape/index.php', false); } $chall->showHeader(); if ($who = Common::getGetString('vote_for', false)) { noesc_voteup($who); } htmlTitleBox($chall->lang('title'), $chall->lang('info', array('code.include', 'index.php?highlight=christmas'))); if (Common::getGetString('highlight') === 'christmas') { $msg = file_get_contents('challenge/no_escape/code.include'); $msg = '[code=php title=code.include]' . $msg . '[/code]'; echo GWF_Box::box(GWF_Message::display($msg, true, false, false)); } echo noesc_DisplayVotes($chall); echo $chall->copyrightFooter(); require_once 'challenge/html_foot.php';