信息泄露+代码审计

svn泄露源码：http://192.168.200.200/web/codeaudit/.svn/text-base/index.php.svn-base.txt

<?php
error_reporting(0);
$user = $_COOKIE['user'];
$code = $_GET['code']?(int)$_GET['code']:'';
if($user == 'admin' && !empty($code)) {
$hex = (int)$code;
if(($hex ^ 6789) === 0xCDEF) {
require("flag.php");
echo $flag;
exit();
}
echo "ȱ��Ӧ�еIJ���,��û��Ȩ�޲鿴������";
?>

文章原文链接:https://www.anquanke.com/post/id/160801