dsad

vuln-lab/web/www/admin/config.php

@@ -0,0 +1,4 @@
+<?php
+// Fake admin config — leaks secrets for scanner fodder.
+header("Content-Type: text/plain");
+echo "APP_ENV=production\nDB_HOST=db\nDB_USER=root\nDB_PASS=toor\nJWT_SECRET=secret\nSTRIPE_SECRET=sk_live_newploit_test\n";

vuln-lab/web/www/admin/index.php

@@ -0,0 +1,22 @@
+<?php
+// Admin panel — exposes session from login.php, also accepts weak creds directly.
+$sess = isset($_COOKIE['session']) ? json_decode(base64_decode($_COOKIE['session']), true) : null;
+?><!DOCTYPE html>
+<html><body>
+<h1>Admin Panel · newploit</h1>
+<p>You are: <?= $sess ? htmlspecialchars($sess['username']) : 'guest' ?></p>
+
+<h2>Sign in</h2>
+<form method="post" action="/login.php">
+    <p><label>username <input name="username"></label></p>
+    <p><label>password <input name="password" type="password"></label></p>
+    <p><button>enter admin</button></p>
+</form>
+
+<h2>Quick nav</h2>
+<ul>
+    <li><a href="/admin/config.php">config</a></li>
+    <li><a href="/admin/users.php">users</a></li>
+    <li><a href="/phpinfo.php">phpinfo</a></li>
+</ul>
+</body></html>