https://overthewire.org/wargames/natas/natas6.html
비밀을 입력하세요
소스코드 보기? 바로 봐보자
<html>
<head>
<!-- This stuff in the header has nothing to do with the level -->
<link rel="stylesheet" type="text/css" href="http://natas.labs.overthewire.org/css/level.css">
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/jquery-ui.css" />
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/wechall.css" />
<script src="http://natas.labs.overthewire.org/js/jquery-1.9.1.js"></script>
<script src="http://natas.labs.overthewire.org/js/jquery-ui.js"></script>
<script src=http://natas.labs.overthewire.org/js/wechall-data.js></script><script src="http://natas.labs.overthewire.org/js/wechall.js"></script>
<script>var wechallinfo = { "level": "natas6", "pass": "<censored>" };</script></head>
<body>
<h1>natas6</h1>
<div id="content">
<?
include "includes/secret.inc";
if(array_key_exists("submit", $_POST)) {
if($secret == $_POST['secret']) {
print "Access granted. The password for natas7 is <censored>";
} else {
print "Wrong secret";
}
}
?>
<form method=post>
Input secret: <input name=secret><br>
<input type=submit name=submit>
</form>
<div id="viewsource"><a href="index-source.html">View sourcecode</a></div>
</div>
</body>
</html>submit한 내용이 secret 변수와 같으면 비밀번호를 알려주는 것 같다
(php를 안 배웠는데 읽히기는 한다)
include "includes/secret.inc";
includes/secret.inc를 import하는 것 같다
한번 확인해보자
<?
$secret = "FOEIUWGHFEEUHOFUOIU";
?>
제출 하면
jmxSiH3SP6Sonf8dv66ng8v1cIEdjXWr
그냥 중학생