题目:http://120.24.86.145:9009/21.PHP
1 <?PHP 2 error_reporting(0); 3 $flag = ‘flag{test}‘; 4 if ("POST" == $_SERVER[‘REQUEST_METHOD‘]) { 5 $password = $_POST[‘password‘]; 6 if (0 >= preg_match(‘/^[[:graph:]]{12,}$/‘,$password)) //preg_match — 执行一个正则表达式匹配 7 { 8 echo ‘flag‘; 9 exit; 10 } 11 while (TRUE) { 12 $reg = ‘/([[:punct:]]+|[[:digit:]]+|[[:upper:]]+|[[:lower:]]+)/‘; 13 if (6 > preg_match_all($reg,$password,$arr)){ 14 echo "hello world"; 15 break; 16 } 17 echo preg_match_all($reg,$arr); 18 $c = 0; 19 $ps = array( 20 ‘punct‘,21 ‘digit‘,22 ‘upper‘,23 ‘lower‘ 24 ); //[[:punct:]] 任何标点符号 [[:digit:]] 任何数字 [[:upper:]] 任何大写字母 [[:lower:]] 任何小写字母 25 foreach ($ps as $pt) { 26 if (preg_match("/[[:$pt:]]+/",$password)) $c+= 1; 27 } 28 if ($c < 3) break; 29 //>=3,必须包含四种类型三种与三种以上 30 if ("42" == $password) echo $flag; 31 else echo ‘Wrong password‘; 32 exit; 33 } 34 } 35 ?>