<?php
error_reporting(0);
highlight_file('index.php');
class Checker {
    public $token;
    public $data;

    function __construct() {
        $this->token = $_GET['token'];
        $this->data = $_GET['data'];
    }

    function checkToken() {
        $admin = "240610708";

        if (md5($this->token) == md5($admin)) {
            echo "[Step 1] Token Check Passed<br>";
            return true;
        }

        echo "[Step 1] Token Check Failed<br>";
        return false;
    }

    function checkData() {

        if (!isset($_GET['data']) || !isset($_GET['data_hash'])) {
            echo "[Step 2] data / data_hash not provided<br>";
            return false;
        }

        $a = $_GET['data'];
        $b = $_GET['data_hash'];

        if ($a !== $b && md5($a) === md5($b)) {
            echo "[Step 2] Data Hash Check Passed<br>";
            return true;
        }

        echo "[Step 2] Data Hash Check Failed<br>";
        return false;
    }


    function checkSelf() {

        if (!isset($_GET['a']) || !isset($_GET['b'])) {
            echo "[Step 3] a / b not provided<br>";
            return false;
        }

        $a = $_GET['a'];
        $b = $_GET['b'];

        if ($a !== $b && md5($a) === md5($b)) {
            echo "[Step 3] Self-MD5 Check Passed<br>";
            return true;
        }

        echo "[Step 3] Self-MD5 Check Failed<br>";
        return false;
    }

}

$chk = new Checker();

if (!$chk->checkToken()) exit;
if (!$chk->checkData()) exit;
if (!$chk->checkSelf()) exit;

echo "<hr>";
echo "All Steps Passed!<br>";

echo file_get_contents('/flag/flag.txt'); [Step 1] Token Check Failed


我正在做一个ctf题，需要绕过上面的代码执行 file_get_contents，请给我可用的payload，谢谢