So Here are my results for 0x0539.net ctf
Twitter.com/ClumsyLulz
0x0539.net by SleepTheGod
<?php
function setck($name,$val) {
setcookie($name, $val);
$_COOKIE[$name] = $val;
}
if(isset($_POST['source'])) {
echo "<pre>";
echo htmlentities(preg_replace('/FLAG{([a-z0-9_]+)}/i','FLAG{figure_it_out}', file_get_contents(__FILE__)));
echo "</pre>";
die();
}
session_start();
if(!isset($_SESSION['c1_streak'])) $_SESSION['c1_streak'] = 0;
if(!isset($_COOKIE['rounds'])||!is_numeric($_COOKIE['rounds'])) {
setck("rounds", 1);
}
if($_SESSION['c1_streak'] >= $_COOKIE['rounds']) {
$_SESSION['c1_streak'] = 0; //No cheating!
}
if(isset($_POST['reset'])) {
//Give the poor unlucky players a way to restart after the game gets too hard
setck("rounds", 1);
$_SESSION['c1_streak'] = 0;
}
if(isset($_POST['guess'])) {
//Make it more difficult with every round
$rnd = mt_rand(1, $_COOKIE['rounds']);
$guess = (int)$_POST['guess'];
setck("rounds", ++$_COOKIE['rounds']);
if(md5($rnd) == md5($_POST['guess'])) {
$_SESSION['c1_streak']++;
echo "Congratulations, the number was $rnd<br/><br/>";
} else {
$_SESSION['c1_streak'] = 0;
echo "You guessed $guess, but the number was $rnd<br/><br/>";
sleep(1);
}
if($_SESSION['c1_streak'] >= 100) {
echo "FLAG{figure_it_out}";
die();
}
}
echo '<h1>Luck Tester</h1>
<h3>Just guess correctly 100 times in a row to win</h3>
<hr/>';
echo 'Rounds: '.$_COOKIE['rounds'].'<br/>';
echo 'Streak: '.$_SESSION['c1_streak'].'<br/><hr/>';
?>
<form method="POST">
<input type="text" name="guess" /><input type="submit" value="Guess!"/>
</form>
Getting too hard? Feel free to reset:
<form method="POST">
<input type="submit" name="reset" value="Reset!"/>
</form>
Or just view the source:
<form method="POST">
<input type="submit" name="source" value="Source!"/>
</form>
This forum account is currently banned. Ban Length: (2w, 3d, 19h remaining).
Ban Reason: Self-Ban | Contact us via if you wish to be unbanned in the future.
Twitter.com/ClumsyLulz
0x0539.net by SleepTheGod
<?php
function setck($name,$val) {
setcookie($name, $val);
$_COOKIE[$name] = $val;
}
if(isset($_POST['source'])) {
echo "<pre>";
echo htmlentities(preg_replace('/FLAG{([a-z0-9_]+)}/i','FLAG{figure_it_out}', file_get_contents(__FILE__)));
echo "</pre>";
die();
}
session_start();
if(!isset($_SESSION['c1_streak'])) $_SESSION['c1_streak'] = 0;
if(!isset($_COOKIE['rounds'])||!is_numeric($_COOKIE['rounds'])) {
setck("rounds", 1);
}
if($_SESSION['c1_streak'] >= $_COOKIE['rounds']) {
$_SESSION['c1_streak'] = 0; //No cheating!
}
if(isset($_POST['reset'])) {
//Give the poor unlucky players a way to restart after the game gets too hard
setck("rounds", 1);
$_SESSION['c1_streak'] = 0;
}
if(isset($_POST['guess'])) {
//Make it more difficult with every round
$rnd = mt_rand(1, $_COOKIE['rounds']);
$guess = (int)$_POST['guess'];
setck("rounds", ++$_COOKIE['rounds']);
if(md5($rnd) == md5($_POST['guess'])) {
$_SESSION['c1_streak']++;
echo "Congratulations, the number was $rnd<br/><br/>";
} else {
$_SESSION['c1_streak'] = 0;
echo "You guessed $guess, but the number was $rnd<br/><br/>";
sleep(1);
}
if($_SESSION['c1_streak'] >= 100) {
echo "FLAG{figure_it_out}";
die();
}
}
echo '<h1>Luck Tester</h1>
<h3>Just guess correctly 100 times in a row to win</h3>
<hr/>';
echo 'Rounds: '.$_COOKIE['rounds'].'<br/>';
echo 'Streak: '.$_SESSION['c1_streak'].'<br/><hr/>';
?>
<form method="POST">
<input type="text" name="guess" /><input type="submit" value="Guess!"/>
</form>
Getting too hard? Feel free to reset:
<form method="POST">
<input type="submit" name="reset" value="Reset!"/>
</form>
Or just view the source:
<form method="POST">
<input type="submit" name="source" value="Source!"/>
</form>
This forum account is currently banned. Ban Length: (2w, 3d, 19h remaining).
Ban Reason: Self-Ban | Contact us via if you wish to be unbanned in the future.
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding