- sha1: documentation ( source)
- date: documentation ( source)
- pack: documentation ( source)
- preg_replace: documentation ( source)
- unpack: documentation ( source)
- printf: documentation ( source)
<?php
// ultimate goal...inject command into $upacked that will read a text file in the same dir as php file
$post_seeds = "1154731896 ";
$hard_coded_algo = "5368413128644154652843527950542843524333322873545252655628414273282431255371725428655850284558702870492829292929292929292929";
$uPacked = unpack("H*", "ShA1(dATe('')) ");
$test = $uPacked[1];
//abcdefghi pqrstuvwxy // allowed chars
echo pack("H*", $test);
echo "<br />";
echo pack("H*", $hard_coded_algo);
echo "<br />";
if(comp($hard_coded_algo, $test)){
// ShA1(dATe(CRyPT(CRC32(sTRReV(ABs($1%SqrT(eXP(EXp(pI())))))))))
// magical execution
printf(preg_replace("#\b(\d+)\b#se", pack("H*", $test), $post_seeds));
} else {
echo "<br /> Hacker Detected ";
}
echo "<br />";
echo sha1(date(''));
function comp($numOne, $numTwo){
// Show that php doesn't correctly compare numeric strings
echo "<br />";
echo "<br />";
echo "Comparing the numbers";
echo "<br />";
echo $numOne;
echo "<br />";
echo $numTwo;
echo "<br />";
echo floatval($numOne);
echo "<br />";
echo floatval($numTwo);
echo "<br />";
if($numOne != $numTwo){
echo "Not Matching <br />";
return false;
} else {
echo "Matching </br>";
return true;
}
}
?>