-
Notifications
You must be signed in to change notification settings - Fork 0
/
NoProtection.php
45 lines (38 loc) · 1.06 KB
/
NoProtection.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
include_once "include.inc.php";
generateHeader(true, "Vulnerable to the most basic SQL injection attack possible.");
?>
<div id="main">
<p id="challenge"><b>Challenge:</b> Dump all user account information</p>
<p id="header"><b>Source:<br /></b></p>
<script type="syntaxhighlighter" class="brush: php; gutter: false;">
<![CDATA[
$user = $_POST["username"];
$pass = md5($_POST["password"]);
$sql = "SELECT * FROM NoProtection WHERE username = '$user' AND password = '$pass';";
]]>
</script>
<form id="loginform" method="POST">
<ul>
<li><label for="username">Username:</label></li>
<li><input id="username" name="username" type="text" /></li>
<li><label for="password">Password:</label></li>
<li><input id="password" name="password" type="text" /></li>
</ul>
</form>
</div>
<script type="text/javascript">
$("input").each(function(){
$(this).keyup(function(){
$.post("processquery.php", {
level: 1,
username: $("#username").val(),
password: $("#password").val()
}, handleResponse
);
});
});
</script>
<?php
generateFooter();
?>