How to extract the verification code in php168_cms

This article describes how to extract the verification code in php168_cms. For more information, see The code is as follows:

Function yzImg ($ nmsg ){
If (function_exists ('imagecreatetruecolor ')){
$ Imstr [0] ["s"] = $ nmsg [0];
$ Imstr [1] ["s"] = $ nmsg [1];
$ Imstr [2] ["s"] = $ nmsg [2];
$ Imstr [3] ["s"] = $ nmsg [3];
// File header...
Header ("Content-type: image/png ");
// Create white paper with true color
$ Im = @ imagecreatetruecolor (50, 20) or die ("image creation failed ");
// Obtain the background color
$ Background_color = imagecolorallocate ($ instant, 255,255,255 );
// Fill in the background color (this is similar to a barrel)
Imagefill ($ im, 0, 0, $ background_color );
// Obtain the border color
$ Border_color = imagecolorallocate ($ im, 200,200,200 );
// Draw a rectangle with a border color of 200,200,200
Imagerectangle ($ im, $ border_color );
// Show off the background line by line. use 1 or 0 in full screen.
For ($ I = 2; $ I <28; $ I ++ ){
// Obtain random light colors
$ Line_color = imagecolorallocate ($ im, rand (180,255), rand (180,255), rand (180,255 ));
// Draw a line
Imageline ($ im, 2, $ I, 47, $ I, $ line_color );
}
// Set the font size
$ Font_size = 12;
// Set the printed text
$ Str [0] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ ";
$ Str [1] = "abcdefghijklmnopqrstuvwxyz ";
$ Str [2] = "01234567891234567890123456 ";
// Obtain 1st random texts
// $ Imstr [0] ["s"] = $ Str [rand ()] [rand ()];
$ Imstr [0] ["x"] = rand (2, 5 );
$ Imstr [0] ["y"] = rand (1, 4 );
// Obtain 2nd random texts
// $ Imstr [1] ["s"] = $ Str [rand ()] [rand ()];
$ Imstr [1] ["x"] = $ imstr [0] ["x"] + $ font_size-1 + rand );
$ Imstr [1] ["y"] = rand (1, 3 );
// Obtain 3rd random texts
// $ Imstr [2] ["s"] = $ Str [rand ()] [rand ()];
$ Imstr [2] ["x"] = $ imstr [1] ["x"] + $ font_size-1 + rand );
$ Imstr [2] ["y"] = rand (1, 4 );
// Obtain 4th random texts
// $ Imstr [3] ["s"] = $ Str [rand ()] [rand ()];
$ Imstr [3] ["x"] = $ imstr [2] ["x"] + $ font_size-1 + rand );
$ Imstr [3] ["y"] = rand (1, 3 );
// Write random strings
For ($ I = 0; $ I <4; $ I ++ ){
// Obtain random darker colors
$ Text_color = imagecolorallocate ($ im, rand (80,180), rand (80,180), rand (80,180 ));
// Draw text
Imagechar ($ im, $ font_size, $ imstr [$ I] ["x"], $ imstr [$ I] ["y"], $ imstr [$ I] ["s"], $ text_color );
}
// Display the image
Imagepng ($ im );
// Destroy the image
Imagedestroy ($ im );
Exit;
} Else {
Header ("Pragma: no-cache ");
Header ("Cache-control: no-cache ");
Header ("ContentType: Image/BMP ");

$ Color [0] = chr (0). chr (0). chr (0 );
$ Color [1] = chr (255). chr (255). chr (255 );
$ _ Num [0] = "1110000111110111101111011110111101001011110100101111010010111101001011110111101111011110111110000111 ";
$ _ Num [1] = "1111011111110001111111110111111111011111111101111111110111111111011111111101111111110111111100000111 ";
$ _ Num [2] = "1110000111110111101111011110111111111011111111011111111011111111011111111011111111011110111100000011 ";
$ _ Num [3] = "1110000111110111101111011110111111110111111100111111111101111111111011110111101111011110111110000111 ";
$ _ Num [4] = "1111101111111110111111110011111110101111110110111111011011111100000011111110111111111011111111000011 ";
$ _ Num [5] = "1100000011110111111111011111111101000111110011101111111110111111111011110111101111011110111110000111 ";
$ _ Num [6] = "1111000111111011101111011111111101111111110100011111001110111101111011110111101111011110111110000111 ";
$ _ Num [7] = "1100000011110111011111011101111111101111111110111111110111111111011111111101111111110111111111011111 ";
$ _ Num [8] = "1110000111110111101111011110111101111011111000011111101101111101111011110111101111011110111110000111 ";
$ _ Num [9] = "1110001111110111011111011110111101111011110111001111100010111111111011111111101111011101111110001111 ";

Echo chr (66 ). chr (77 ). chr (1, 230 ). chr (4 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (54 ). chr (0 ). chr (0 ). chr (0 ). chr (40 ). chr (0 ). chr (0 ). chr (0 ). chr (40 ). chr (0 ). chr (0 ). chr (0 ). chr (10 ). chr (0 ). chr (0 ). chr (0 ). chr (1 ). chr (0 );
Echo chr (24 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (1, 176 ). chr (4 ). chr (0 ). chr (0 ). chr (18 ). chr (11 ). chr (0 ). chr (0 ). chr (18 ). chr (11 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 ). chr (0 );

For ($ I = 9; $ I >=0; $ I --){
For ($ j = 0; $ j <= 3; $ j ++ ){
For ($ k = 1; $ k <= 10; $ k ++ ){
Echo $ Color [substr ($ _ Num [$ nmsg [$ j], $ I * 10 + $ k, 1)];
}
}
}
Exit;
}

}

$ String_yzimg = yzImgNumRand (4 );

YzImg ($ string_yzimg );

Function yzImgNumRand ($ lenth ){
Mt_srand (double) microtime () * 1000000 );
For ($ I = 0; $ I <$ lenth; $ I ++ ){
$ Randval. = mt_rand (1, 9 );
}
Return $ randval;
}
/* = = */
?>

The verification code generated here is just a number, and the background filling is simple, but 26 lines are filled in. The front side saw that he wanted 4 to add numbers to random letters, but later he used only numbers when generating the sequence, but it was useless. The following is a sequence of 4-digit letters and numbers:

The code is as follows:

Function yzImgNumRand ($ lenth ){
Mt_srand (double) microtime () * 1000000 );
$ Str [0] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ ";
$ Str [1] = "abcdefghijklmnopqrstuvwxyz ";
$ Str [2] = "01234567891234567890123456 ";
For ($ I = 0; $ I <$ lenth; $ I ++ ){
$ Randval. = $ Str [rand (0, 2)] [rand (0, 25)];
}
Return $ randval;
}