If i have some code in index.php
if ($_GET['x']==="\x01\x03\x03\x07")
{
echo 'OK';
}
So, how i could pass value x in url index.php?x=??? to get output 'OK'.
Thanks!
so, url must be like this:
... index.php?x=\x01\x03\x03\x07
and your $_GET must be like this:
$_GET['x'] = "\\x01\\x03\\x03\\x07";
It will return "OK"
To compare '\x01\x03\x03\x07'(hex value) with variable x that you sent in the url, first you have to change '\x01\x03\x03\x07' to '\\x01\\x03\\x03\\x07'. Why ? because if you don't double the '\' you won't be able to compare these.
So, you have to place the hex in a variable like this:
$hex = "\x01\x03\x03\x07";
and you will compare 'x' with edited $hex (the value be "\\x01\\x03\\x03\\x07").
to make edited/fixed $hex we have to use a function, str_ireplace().
here's the example:
$hex = "\x01\x03\x03\x07";
$hex_able_to_compare = "\\x01\\x03\\x03\\x07";
$fixed = str_ireplace($hex,$hex_able_to_compare,$hex);
if ($_GET['x'] == $fixed){
echo "OK!";
}
else {
echo "Not OK!";
}
So you can still compare your hex with place your hex to $hex variable.
But the problem is: what if the the hex value is dynamic? we should make the value of $hex_able_to_compare as dynamic too,. :D
To passing the hex value in URL you need character "%" before hex code. For example, %20 stand for space character.
So URL you need is:
index.php/x=%01%03%03%07
You can references HTML URL Encode here
P/s: I think you are playing ctf.wargamevn.vn ;))
Related
I have a string which value is 123, like: $string = '123'; and my hex value, which is $hex = bin2hex($string); and the return is 313233. When i convert to string again, using hex2bin(), it returns 123 correctly. But when i try to make a "compare" it always returns both like a hexadecimal value.
I know that each number, both 1, 2 and 3 are part of hexadecimal table, but, is there a way that can i differentiate each one ? I'd already searched something about it, but i got no solution.
I'm sorry if this question is poor. But it will really helped me. Besides, it's a doubt that i have.
My php code:
<?php
$string = '123';
$hex = bin2hex($string);
if(hex2bin($hex)){
echo 'hex';
}else{
echo 'not hex';
}
?>
As far as I understand, you are looking for the ctype_xdigit() function, which returns true if all the individual letters in your string are hexadecimal digits, otherwise false.
You just have to pass the string as a parameter:
if (ctype_xdigit($hex_string)){
echo 'hex';
} else {
echo 'not hex';
}
What you did in your original code was converting binary numbers to hexadecimals and then the other way round. It's no surprise that it didn't give you the expected results, as 123 is not a binary number, in the input there couldn't be any other digits than 0 and 1.
firstly, functions don't work as you think they do, i.e. if(hex2bin($hex)) is kind of nonsense when used like that. (it returns "123" which will always evaluate as "true")
secondly, consider using ctype_xdigit which does what you want
<?php
$string = '123';
$hex = bin2hex($string);
if(ctype_xdigit($hex)){
echo 'is a hex value (was originally '+hex2bin($hex)+')';
}else{
echo 'not hex';
}
?>
I am creating a simple checker function in PHP to validate strings before putting them into an SQL query. But I can not get the right results the from the preg_match function.
$myval = "srg845s4hs64f849v8s4b9s4vs4v165";
$tv = preg_match('/[^a-z0-9]/', $myval);
echo $tv;
Sometimes nothing echoed to the source code, not even a false value... I want to get 1 as the result of this call, because $myval only contains lowercase alphanumerics and numbers.
So is there any way in php to detect if a string only contains lowercase alphanumerics and numbers using the preg_match function?
Yes, the circumflex goes outside the [] to indicate the start of the string, you probably need an asterisk to allow an arbitrary number of characters, and you probably want a $ at the end to indicate the end of the string:
$tv = preg_match('/^[a-z0-9]*$/', $myval);
If you write [^a-z] it means anything else than a-z.
If you want to test if a string contains lowercase alphanumerics only, I would present your code that way to get the proper results (what you wrote already works):
$myval = "srg845s4hs64f849v8s4b9s4vs4v165";
$tv = preg_match('/[^a-z0-9]/', $myval);
if($tv === 0){
echo "the string only contains lowercase alphanumerics";
}else if($tv === 1){
echo "the string does not only contain lowercase alphanumerics";
}else{
echo "error";
}
I have a url like
test.php?x=hello+world&y=%00h%00e%00l%00l%00o
when i write it to file
file_put_contents('x.txt', $_GET['x']); // -->hello world
file_put_contents('y.txt', $_GET['y']); // -->\0h\0e\0l\0l\0o
but i need to write it to without encoding
file_put_contents('x.txt', ????); // -->hello+world
file_put_contents('y.txt', ????); // -->%00h%00e%00l%00l%00o
how can i do?
Thanks
You can get unencoded values from the $_SERVER["QUERY_STRING"] variable.
function getNonDecodedParameters() {
$a = array();
foreach (explode ("&", $_SERVER["QUERY_STRING"]) as $q) {
$p = explode ('=', $q, 2);
$a[$p[0]] = isset ($p[1]) ? $p[1] : '';
}
return $a;
}
$input = getNonDecodedParameters();
file_put_contents('x.txt', $input['x']);
Because the The $_GET and $_REQUEST superglobals are automatically run through a decoding function (equivalent to urldecode()), you simply need to re-urlencode() the data to get it to match the characters passed in the URL string:
file_put_contents('x.txt', urlencode($_GET['x'])); // -->hello+world
file_put_contents('y.txt', urlencode($_GET['y'])); // -->%00h%00e%00l%00l%00o
I've tested this out locally and it's working perfectly. However, from your comments, you might want to look at your encoding settings as well. If the result of urlencode($_GET['y']) is %5C0h%5C0e%5C0l%5C0l%5C0o then it appears that the null character that you're passing in (%00) is being interpreted as a literal string "\0" (like a \ character concatenated to a 0 character) instead of correctly interpreting the \0 as a single null character.
You should have a look at the PHP documentation on string encoding and ASCII device control characters.
i think you can use urlencode() to pass the value in URL and urldecode() to get the value.
I'm new to Xor encryption, and I'm having some trouble with the following code:
function xor_this($string) {
// Let's define our key here
$key = ('magic_key');
// Our plaintext/ciphertext
$text =$string;
// Our output text
$outText = '';
// Iterate through each character
for($i=0;$i<strlen($text);)
{
for($j=0;$j<strlen($key);$j++,$i++)
{
$outText .= $text{$i} ^ $key{$j};
//echo 'i='.$i.', '.'j='.$j.', '.$outText{$i}.'<br />'; //for debugging
}
}
return $outText;
}
When I run this it works for normal strings, like 'dog' but it only partially works for strings containing numbers, like '12345'.
To demonstrate...
xor_this('dog') = 'UYV'
xor_this('123') = ''
It's also interesting to note that xor_this( xor_this('123') ) = '123', as I expect it to. I'm pretty sure the problem resides somewhere in my shaky understanding of bitwise operators, OR possibly the way PHP handles strings that contain numbers. I'm betting there's someone clever out there that knows exactly what's wrong here. Thanks.
EDIT #1: It's not truly 'encryption'. I guess obfuscation is the correct term, which is what I'm doing. I need to pass a code containing unimportant data from a user without them being able to easily tamper with it. They're completing a timed activity off-line and submitting their time to an online scoreboard via this code. The off-line activity will obfuscate their time (in milliseconds). I need to write a script to receive this code and turn it back into the string containing their time.
How i did it, might help someone ...
$msg = 'say hi!';
$key = 'whatever_123';
// print, and make unprintable chars available for a link or alike.
// using $_GET, php will urldecode it, if it was passed urlencoded
print "obfuscated, ready for url: " . urlencode(obfuscate($msg, $key)) . "\n";
print "deObfuscated: " . obfuscate(obfuscate($msg, $key), $key);
function obfuscate($msg, $key) {
if (empty($key)) return $msg;
return $msg ^ str_pad('', strlen($msg), $key);
}
I think you might have a few problems here, I've tried to outline how I think you can fix it:
You need to use ord(..) to get the ASCII value of a character so that you can represent it in binary. For example, try the following:
printf("%08b ", ord('A')); // outputs "01000001"
I'm not sure how you do an XOR cipher with a multi-byte key, as the wikipedia page on XOR cipher doesn't specify. But I assume for a given key like "123", your key starts "left-aligned" and extends to the length of the text, like this:
function xor_this($text) {
$key = '123';
$i = 0;
$encrypted = '';
foreach (str_split($text) as $char) {
$encrypted .= chr(ord($char) ^ ord($key{$i++ % strlen($key)}));
}
return $encrypted;
}
print xor_this('hello'); // outputs "YW_]]"
Which encrypts 'hello' width the key '12312'.
There's no guarantee that the result of the XOR operation will produce a printable character. If you give us a better idea of the reason you're doing this, we can probably point you to something sensible to do instead.
I believe you are faced with console output and encoding problem rather than XOR-related.
Try to output results of xor function in a text file and see a set of generated characters. I believe HEX editor would be the best choice to observe and compare a generated characters set.
Basically to revert text back (even numbers are in) you can use the same function:
var $textToObfuscate = "Some Text 12345";
var $obfuscatedText = $xor_this($textToObfuscate);
var $restoredText = $xor_this($obfuscatedText);
Based on the fact that you're getting xor_this( xor_this('123') ) = '123', I am willing to guess that this is merely an output issue. You're sending data to the browser, the browser is recognizing it as something which should be rendered in HTML (say, the first half dozen ASCII characters). Try looking at the page source to see what is really there. Better yet, iterate through the output and echo the ord of the value at each position.
Use this code, it works perfect
function scramble($inv) {
$key=342244; // scramble key
$invarr=str_split($inv);
for($index=0;$index<=strlen($inv)-1;$index++) {
srand($key);
$var=rand(0,255);
$res=$res.(chr(ord($var)) ^ chr(ord($invarr[$index])));
$key++;
}
return($res);
}
Try this:
$outText .= (string)$text{$i} ^ (string)$key{$j};
If one of the two operands is an integer, PHP casts the other to an integer and XORs them for a numeric result.
Alternatively, you could use this:
$outText .= chr(ord($text{$i}) ^ ord($key{$j}));
// Iterate through each character
for($i=0; $i<strlen($text); $i++)
{
$outText .= chr(ord($text{$i}) ^ ord($key{$i % strlen($key)))};
}
note: it probably will create some weird characters...
Despite all the wise suggestions, I solved this problem in a much simpler way:
I changed the key! It turns out that by changing the key to something more like this:
$key = 'ISINUS0478331006';
...it will generate an obfuscated output of printable characters.
I have a problem concerning the input of special characters. Firstly, + is considered
as a special character, right? I have a field in my form that needs to be able to contain a +. However, when I send it to my PHP script using AJAX and access the variable using $_POST, the + is not displayed, and therefore, not saved in the database.
Example:
// on the JavaScript side
value = +123;
paramPost = "name=abc&value=" + value;
alert("paramPost = " + paramPost);
// Output: parampost = name=abc&value=123
// The + is gone!
// Also, when I change value to a string, the + is still there,
// but when PHP receives it, it's gone.
ajax.doPost(paramPost);
// on the PHP side
$val = $_POST['value'];
echo "val = $val";
// Output: 123
// The + is no longer there!
What can I do to fix this?
I tried this:
$val = htmlspecialchars($_POST['value'], ENT_QUOTES);
...but it still didn't work.
A + is redundant on a number; change +123 to "+123".
If your JavaScript library does not escape that, also do encodeURIComponent(value) instead of value. So, your fixed code should be:
value = "+123";
paramPost = "name=abc&value=" + encodeURIComponent(value);
// ..
ajax.doPost(paramPost);
In javascript, a leading '+' before a number indicates it is positive. To send the value '+1' as part of a URI query param, you'll need to escape it. The correctly escaped version of '+1' would be:
%2B1
where %2B is the HEX value for '+'