Ryo Tomidokoro hanhan1978

## lolipop-mc-vuln-challenge.patch
diff --git a/global/index.php b/global/index.php
index 956a254..179265a 100644
--- a/global/index.php
+++ b/global/index.php
@@ -9,7 +9,7 @@
   require_once('./auth.php');
   $auth = new Auth();
   $secret_token = $auth->generateToken();
-  extract($_POST);
+  $token = $_POST['token'];

## hello_from_rest_api.txt
Hello World

## whitelist.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                hanhan1978
                / whitelist.md
            
            
              Created
              January 23, 2018 01:51
                — forked from okohs/whitelist.md
            
              
                20180122_定時前に帰宅できた企業
              
          
    はじめに

書き方

該当する各社の対応欄に企業名を書いてください。備考があれば適宜カッコ書きしてください。
目的


定時前に帰宅させてくれるホワイトな会社のりすとを気軽に作りたい
定時前に帰宅させてくれるホワイトな会社がホワイトアピールできる場があれば良いな


## ore_no_prefork.php
<?php
$sock = @socket_create_listen(8091);
if(!$sock){die("port in use\n");}

$pids=[];
for($i=0; $i < 10 ; $i++){
    $pid = pcntl_fork();
    if($pid){
        $pids[] = $pid;
    }else{

## ore_no_webserver.php
<?php
$sock = @socket_create_listen(8080);
if(!$sock){die("port in use\n");}
$client_sock = socket_accept($sock);
while(true){
    $buf = socket_read($client_sock, 1024);
    if(preg_match('/GET ([^ ]+)/', $buf, $m) && is_file('./htdocs/'.$m[1])){
        $content = file_get_contents('./htdocs/'.$m[1]);
        $res = "HTTP/1.1 200 OK\nContent-Type: text/html\nCache-Control: max-age=8640000\nAccept-Ranges: bytes\nContent-Length: 197\nServer: HTTPServer/0.1\n\n";
        socket_write($client_sock, $res.$content);

## view_sample_005.vue
<template>
  <div class="links">
    <a v-on:click="doSomething">{{title}}</a>
  </div>
</template>

<script>
  export default {
    props: ['data_id', 'title'],
    methods: {

## view_sample_005.html
<div id="app">
   <foo data_id="42" title="Do something"></foo>
</div>

## view_sample_004.js
$('.links > a').on('click', function(){
  console.log($(this).data('id'));
});

## view_sample_004.html
<div class="links">
  <a data-id='{{ $number }}'>Do something</a>
</div>

## view_sample_003.css
.links > a:hover {
  color: red;
}
	diff --git a/global/index.php b/global/index.php
	index 956a254..179265a 100644
	--- a/global/index.php
	+++ b/global/index.php
	@@ -9,7 +9,7 @@
	require_once('./auth.php');
	$auth = new Auth();
	$secret_token = $auth->generateToken();
	- extract($_POST);
	+ $token = $_POST['token'];
	<?php
	$sock = @socket_create_listen(8091);
	if(!$sock){die("port in use\n");}

	$pids=[];
	for($i=0; $i < 10 ; $i++){
	$pid = pcntl_fork();
	if($pid){
	$pids[] = $pid;
	}else{
	<?php
	$sock = @socket_create_listen(8080);
	if(!$sock){die("port in use\n");}
	$client_sock = socket_accept($sock);
	while(true){
	$buf = socket_read($client_sock, 1024);
	if(preg_match('/GET ([^ ]+)/', $buf, $m) && is_file('./htdocs/'.$m[1])){
	$content = file_get_contents('./htdocs/'.$m[1]);
	$res = "HTTP/1.1 200 OK\nContent-Type: text/html\nCache-Control: max-age=8640000\nAccept-Ranges: bytes\nContent-Length: 197\nServer: HTTPServer/0.1\n\n";
	socket_write($client_sock, $res.$content);
	<template>
	<div class="links">
	<a v-on:click="doSomething">{{title}}</a>
	</div>
	</template>

	<script>
	export default {
	props: ['data_id', 'title'],
	methods: {
	<div id="app">
	<foo data_id="42" title="Do something"></foo>
	</div>
	$('.links > a').on('click', function(){
	console.log($(this).data('id'));
	});
	<div class="links">
	<a data-id='{{ $number }}'>Do something</a>
	</div>