level 21

 avatar
unknown
plain_text
a year ago
1.3 kB
6
Indexable
<?php
//error_reporting(0);
//require 'secret.php';

function encryptMessage($message, $key)
{
    $ivSize = openssl_cipher_iv_length('aes-256-cbc');
    $iv = openssl_random_pseudo_bytes($ivSize);
    $encrypted = openssl_encrypt($message, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
    $ivBase64 = base64_encode($iv);
    $encryptedBase64 = base64_encode($encrypted);
    return $ivBase64 . '.' . $encryptedBase64;
}

function decryptMessage($encryptedMessage, $key)
{
    list($ivBase64, $encryptedBase64) = explode('.', $encryptedMessage, 2);
	//echo 'ivBase64' . $ivBase64 . '</br>'; 
	//echo 'encryptedBase64' . $encryptedBase64 . '</br>'; 
    $iv = base64_decode($ivBase64);
    $encrypted = base64_decode($encryptedBase64);
    $decrypted = openssl_decrypt($encrypted, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
    return $decrypted;
}

if ($_SERVER['REQUEST_METHOD'] == 'GET' && isset($_GET['black_hole_source_value'])) {
    setcookie('encrypted_message', encryptMessage('user', '123456'), time() + (86400 * 30), '/');
    exit;
}

if (isset($_GET['key'])) {
		$encmsg = $_GET['encrypted_message'];
		$deckey = decryptMessage($encmsg, $_GET['key']);
		echo 'deckey = ' . $deckey . '</br>';
        if ($deckey == 'user') {
            echo 'LEVEL_21';
        }else{
			header('HTTP/1.0 403 Forbidden');
			echo 'false';
		}
}
?>
Leave a Comment