-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathketiga.html
More file actions
53 lines (49 loc) · 3.43 KB
/
ketiga.html
File metadata and controls
53 lines (49 loc) · 3.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<!DOCTYPE html>
<html>
<head>
<title>Zero-Day Exploit</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f0f0f0;
color: #333;
max-width: 800px;
margin: 0 auto;
padding: 20px;
}
.login-box {
background-color: white;
padding: 20px;
border-radius: 5px;
box-shadow: 0 0 10px rgba(0,0,0,0.1);
}
input, button {
padding: 8px;
margin: 5px 0;
}
#response {
margin-top: 15px;
padding: 10px;
border-radius: 3px;
display: none;
}
</style>
</head>
<body>
<h1>Zero-Day Exploit</h1>
<p>Exploit sistem login ini untuk mendapatkan flag:</p>
<div class="login-box">
<h3>Admin Login root</h3>
<input type="text" id="username" placeholder="Username"><br>
<input type="password" id="password" placeholder="Password"><br>
<button onclick="login()">LOGIN</button>
<div id="response"></div>
</div>
<script>
function _0x1e9c(){const _0x473efe=['19316ClUGAL','37904zxbeiP','innerHTML','Login\x20berhasil!\x20Copy\x20Paste\x20Flag:\x20CTF{Z3r0_D4y_Rul3z}','password','color','block','style','395996CutoEA','response','Login\x20gagal!\x20Coba\x20exploit\x20SQL\x20injection','display','940TZfOUb','36NMIlwo','root','15tXbhKH','backgroundColor','#f8d7da','264435EuSuXi','getElementById','#d4edda','1180152ZGXJoe','577mlvAin','username','value','1728097igLsSR','326OhuupU','\x27\x20OR\x201=1\x20--','#721c24'];_0x1e9c=function(){return _0x473efe;};return _0x1e9c();}(function(_0xa522cc,_0x103a23){const _0x4d07f4=_0x37c9,_0x34de7e=_0xa522cc();while(!![]){try{const _0x32a97a=parseInt(_0x4d07f4(0x1d1))/0x1*(parseInt(_0x4d07f4(0x1d5))/0x2)+parseInt(_0x4d07f4(0x1ea))/0x3+-parseInt(_0x4d07f4(0x1e0))/0x4*(-parseInt(_0x4d07f4(0x1e7))/0x5)+-parseInt(_0x4d07f4(0x1d0))/0x6+-parseInt(_0x4d07f4(0x1d4))/0x7+parseInt(_0x4d07f4(0x1d9))/0x8*(-parseInt(_0x4d07f4(0x1e5))/0x9)+-parseInt(_0x4d07f4(0x1e4))/0xa*(-parseInt(_0x4d07f4(0x1d8))/0xb);if(_0x32a97a===_0x103a23)break;else _0x34de7e['push'](_0x34de7e['shift']());}catch(_0x15829e){_0x34de7e['push'](_0x34de7e['shift']());}}}(_0x1e9c,0x2c5ee));function _0x37c9(_0x21a3ec,_0x1fabcd){const _0x1e9c5e=_0x1e9c();return _0x37c9=function(_0x37c92e,_0xc347db){_0x37c92e=_0x37c92e-0x1ce;let _0x51f48a=_0x1e9c5e[_0x37c92e];return _0x51f48a;},_0x37c9(_0x21a3ec,_0x1fabcd);}function login(){const _0x2164b4=_0x37c9,_0x176e77=document['getElementById'](_0x2164b4(0x1d2))[_0x2164b4(0x1d3)],_0x46e015=document[_0x2164b4(0x1ce)](_0x2164b4(0x1dc))['value'],_0x14d1d4=document[_0x2164b4(0x1ce)](_0x2164b4(0x1e1));_0x176e77===_0x2164b4(0x1e6)&&_0x46e015===_0x2164b4(0x1d6)?(_0x14d1d4[_0x2164b4(0x1df)]['display']=_0x2164b4(0x1de),_0x14d1d4[_0x2164b4(0x1df)][_0x2164b4(0x1e8)]=_0x2164b4(0x1cf),_0x14d1d4[_0x2164b4(0x1df)][_0x2164b4(0x1dd)]='#155724',_0x14d1d4[_0x2164b4(0x1da)]=_0x2164b4(0x1db)):(_0x14d1d4[_0x2164b4(0x1df)][_0x2164b4(0x1e3)]='block',_0x14d1d4[_0x2164b4(0x1df)][_0x2164b4(0x1e8)]=_0x2164b4(0x1e9),_0x14d1d4[_0x2164b4(0x1df)][_0x2164b4(0x1dd)]=_0x2164b4(0x1d7),_0x14d1d4[_0x2164b4(0x1da)]=_0x2164b4(0x1e2));}
</script>
<div style="margin-top: 30px; font-size: 12px; color: #999;">
Petunjuk: Coba SQL injection classic: ' OR 1=1 --
</div>
</body>
</html>