The function is broken…. Very interesting.
Username: natas24
Password: OsRxSpoAduo98564TZX14z379LZveg
URL:http://natas24.natas.labs.overthewire.org/
source code:
The strcmp() function exists, strcmp() function’s role is to compare two strings, the same as 0. This naturally thought of strcmp vulnerability, strcmp function can not compare arrays, it will return 0, the passwd input as an array can be bypassed!
Extension – strcmp vulnerability
PHP strcmp(str1, str2) function: compares two strings (case sensitive).
Returns < 0 if str1 is smaller than str2; > 0 if str1 is larger than str2; 0 if both are equal.
The expected data type is a string, but if we pass in non-string data, how will this function behave? In fact, the function will throw an error if it receives a non-conforming type. In php version 5.2 and earlier, comparing arrays to strings using the strcmp function returned -1, but since 5.3, it has returned 0! That is, although an error was reported, it was determined to be equal. This is a fatal flaw in code that uses this function to make judgements.
今朝有酒今朝醉 