Beispiel #1
0
func Welcome(w http.ResponseWriter, req *http.Request) {
	cookie, err := req.Cookie("username")
	if err != nil {
		io.WriteString(w, "no cookie, get lost")
		return
	}

	dehexedUsername, err := hex.DecodeString(cookie.Value)
	if err != nil {
		io.WriteString(w, "mangled cookie, it should be hex, get lost")
	}
	decryptedUsername := dimebag.Encrypt(string(dehexedUsername))

	flag := "only for the admin"

	if decryptedUsername == "admin" {
		flagtmp, err := ioutil.ReadFile("/home/badmedicine/flag")
		if err != nil {
			panic(err)
		}
		flag = string(flagtmp)
	}

	views.WriteSuccess(w, decryptedUsername, flag)
}
Beispiel #2
0
func Login(w http.ResponseWriter, req *http.Request) {
	username := req.FormValue("username")

	if username == "admin" {
		views.WriteIndexFlash(w, "admin login disabled")
		return
	}
	encryptedUsername := []byte(dimebag.Encrypt(username))
	hexUsername := hex.EncodeToString(encryptedUsername)

	cookie := &http.Cookie{
		Name:  "username",
		Value: hexUsername,
	}
	log.Printf("cookie %s", cookie.String())
	http.SetCookie(w, cookie)

	http.Redirect(w, req, "/welcome", 303)
}