<?php
require("../lib.php"); // for auth_code function
$password = sha1(md5(rand().file_get_contents("/var/lib/dummy_file")).rand());
if (isset($_GET['view-source'])) {
show_source(__FILE__);
exit();
}else if(isset($_POST['password'])){
sleep(1); // do not brute force!
if (strcmp($_POST['password'], $password) == 0) {
echo "Congratulations! Flag is <b>" . auth_code("strcmp") ."</b>";
exit();
} else {
echo "Wrong password..";
}
}
?>
<br />
<br />
<form method="POST">
password : <input type="text" name="password" /> <input type="submit" value="chk">
</form>
<br />
<a href="?view-source">view-source</a>
