Beispiel #1
0
func Welcome(w http.ResponseWriter, req *http.Request) {
	cookie, err := req.Cookie("username")
	if err != nil {
		io.WriteString(w, "no cookie, get lost")
		return
	}

	dehexedUsername, err := hex.DecodeString(cookie.Value)
	if err != nil {
		io.WriteString(w, "mangled cookie, it should be hex, get lost")
	}
	decryptedUsername := dimebag.Encrypt(string(dehexedUsername))

	flag := "only for the admin"

	if decryptedUsername == "admin" {
		flagtmp, err := ioutil.ReadFile("/home/badmedicine/flag")
		if err != nil {
			panic(err)
		}
		flag = string(flagtmp)
	}

	views.WriteSuccess(w, decryptedUsername, flag)
}
Beispiel #2
0
func Login(w http.ResponseWriter, req *http.Request) {
	username := req.FormValue("username")
	password := req.FormValue("password")
	foundUsername, sql := phial.Login(username, password)

	w.Header().Set("X-SQL", sql)

	switch u := foundUsername.(type) {
	case string:
		w.WriteHeader(200)
		views.WriteSuccess(w, u)
		return
	case nil:
		w.WriteHeader(403)
		views.WriteIndex(w)
		return
	}
}