<?php $dn="admin"; $pass="\x00\x41"; if (empty($dn) or empty($pass)) { exit(); } //check for empty strings if (preg_match('/[^a-zA-Z]/',$dn) or preg_match('/[^a-zA-Z0-9\x20!@#$%^&*()]/',$pass)) { exit(); } //check for expected values (whitelisting) //if (preg_match('/\x00/',$dn) or preg_match('/\x00/',$pass)) { exit(); } //check for null byte (blacklisting) $ldapconn=ldap_connect("challenge01.root-me.org", "54013") or die("Could not connect to LDAP server."); if ($ldapconn) { ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); $ldapbind=ldap_bind($ldapconn, $dn, $pass); if ($ldapbind) { echo("success"); } else { echo("fail"); } } ?>
You have javascript disabled. You will not be able to edit any code.