To win this level it would appear that we need to get $_REQUEST[“passwd”] to match the value of “censored”. Maybe there is another way though. Let’s see what the comments on php.net have to say about the strcmp() function.
As it turns out !strcmp(“foo”, array()) returns “1” AKA “true”,
For the win we can make $_REQUEST[“passwd”] an array, to do this just replace the “=” in the request to “” like so: