Catalog ​​​​​​​

One 、 Basic knowledge of

1.1、 Congruence (===) Be equal to (==)

1.2、 Equal value

Two 、 Weak type example

2.1、 Weak equality

Example ：

Ideas ：

2.2、 Strong equality

Example ：

Ideas ：

2.3、 The function compares sizes to bypass

Example ：

Ideas ：

One 、 Basic knowledge of

1.1、 Congruence (===) Be equal to (==)

To compare whether two values are equal, you can use “==” and “===”

seeing the name of a thing one thinks of its function

“===” Congruence means that all forms are equal （ Strong is equal to ）

“==” If it is equal, it will undergo type conversion （ Weak is equal to ）

1.2、 Equal value

'' == 0 == false

'123' == 123

'abc' == 0

'123a' == 123

'0x01' == 1

'0e123456789' == '0e987654321'

[false] == [0] == [NULL] == ['']

NULL == false == 0

true == 1

Two 、 Weak type example

2.1、 Weak equality

Example ：

if($_GET['a']!=$_GET['b'] && md5($_GET['a'])==md5($_GET['b'])){
echo $flag;
}

Ideas ：

To make a and b The value of is not equal to , but md5 The values are equal ----->flag

adopt MD5 Collision to achieve

2.2、 Strong equality

Example ：

if($_GET['a']!=$_GET['b'] && md5($_GET['a'])===md5($_GET['b'])){
echo $flag;
}

Ideas ：

By using PHP The characteristics of function in error handling

Submit a[]=1&b[]=2, When we make MD5 When the parameter of the function is an array , The function will report an error and return NULL value .

Although the parameters of the function are two different arrays , But the return value of the function is the same NULL, Successfully bypassed .

Among the return values, it is easy to judge the wrong functions, and many return values are 0, and 0==false Is established , It can also achieve the purpose of bypassing

2.3、 The function compares sizes to bypass

Example ：

if(is_numeric($b)){
    exit();
     }
     if($b>10000){
       echo $flag;
     }

Ideas ：

Parameters b----> Greater than 10000----> obtain flag

to b assignment 10001a, After type conversion , Greater than 10000