ApachePHP/5.4.45md5()

0x01 源码

  1. <?php
  2. include("flag.php");
  3. highlight_file(__FILE__);
  4. if (isset($_POST['a']) and isset($_POST['b'])) {
  5.     if ($_POST['a'] != $_POST['b'])
  6.         if (md5($_POST['a']) === md5($_POST['b']))
  7.             echo $flag;
  8.         else
  9.             print 'Wrong.';
  10. }

强比较md5类型题目,md5函数处理数组会返回NULL,两个NULL即相等

0x02 Payload

  1. a[]=1&b[]=2