basln-ctf warmup.php

balsn-warmup.php

<?php
$secret=bASe64_deCODe(str_ROt13("CTygMlOmpz"."Z9VaSkYzcjMJpvCt==")))
highLIGHT_file(__FILE__)
inCLUDE("config.php"))
($op=@$_GET['op'])
&&(@strlen($op)<3
  &&@($op+8)<'A_A')
?
 ( ($_=@$_GET['Σ>―(#°ω°#)♡→'])
  &&(preg_match('/[\x00-!\'0-9"`&$.,|^[{_zdxfegavpos\x7F]+/i',$_)
  || @strlen(count_chars(strtolower($_),0x3))>0xd
  || @strlen($_)>19)
  ?
  exit($secret)
  :
  ($ch=curl_init())
  &&@curl_setopt(
    $ch,
    CURLOPT_URL,
    Str_Replace("int",":DD",
    sTR_replace("%69%6e%74","XDDD",
      str_rePLace("%2e%2e","Q___Q",
        str_repLacE("..","QAQ",
          stR_replace("%33%33%61",">__<",
            str_repLace("%63%3a","WTF",
              STR_replACE("633a",":)",
                str_REPLace("433a",":(",
                  str_replace("\x63:","ggininder",
                    strtolower(eval("return $_;"))))))))))))
  &&@curl_setopt($ch,CURLOPT_RETURNTRANSFER,true)
  &&@curl_setopt($ch,CURLOPT_TIMEOUT,1)
  &&@curl_EXEC($ch))
 :
 ((@stRLEn($op)<4
  &&@($op+78)<'A__A')
 ?
 (($_=@$_GET['⁣'])
  &&((strtOLOwer(suBSTr($_,-4))==='.php')
    ||(strtOLOwer(suBSTr($_,-4))==='php.')
    ||(stripos($_,"\"")!==FALSE)
    ||(stripos($_,"\x3e")!==FALSE)
    ||(stripos($_,"\x3c")!==FALSE)
    ||(stripos(strtolower($_),"amp")!==FALSE))
  ? dIE($secret)
  :
  ((stRIPos($_,"..")!==FalsE)
    ?
    die($secret)
    :
    ((stRIPos($_,"\x24") !== FALSE)
      ?
      die($secret)
      :
      (print_r(sUBStr(@file_gET_coNTEnts($_),0,155))))))
 :
 die($secret)
 &&
 system($_GET[0x9487945]));