It looks like the POST parameter is encoded with the encodeSecret() function and then compared with the $encodedSecret string.
We can write our own PHP script to reverse these operations like this:
<?
function decodeString($secret){
return base64_decode(strrev(hex2bin($secret)));
}
echo decodeString("3d3d516343746d4d6d6c315669563362");
?>
Running this locally will prints a string, and feeding this string in as the POST parameter solves the level!
No comments:
Post a Comment