CTF-site-project/app.py

import werkzeug
from flask import Flask, render_template, request, url_for, session, redirect, g, abort, send_file
import sqlite3
from random import getrandbits
from func import *
import base64

connection = sqlite3.connect('database.db')
cursor = connection.cursor()
cursor.execute('''
    CREATE TABLE IF NOT EXISTS Users (
    id INTEGER PRIMARY KEY,
    login TEXT NOT NULL,
    password TEXT NOT NULL
    )
''')
cursor.execute('SELECT * FROM Users where login = "admin"')
if not cursor.fetchone():
    cursor.execute('INSERT INTO Users (login, password) VALUES (?, ?)', ('admin', '12345678'))
connection.commit()

app = Flask(__name__)
app.config['SECRET_KEY'] = 'ca4ac4ada05f91a5790d2132992bfaed86df15c4d08f2dfe'
DATABASE = 'database.db'

def get_db():
    db = getattr(g, '_database', None)
    if db is None:
        db = g._database = sqlite3.connect(DATABASE)
    return db

@app.teardown_appcontext
def close_connection(exception):
    db = getattr(g, '_database', None)
    if db:
        db.close()

@app.route("/")
def index():
    return render_template('index.html')

@app.route("/web")
def web():
    return render_template('web-main.html')

@app.route("/forensic")
def forensic():
    return render_template('forensic-main.html')

@app.route("/osint")
def osint():
    return render_template('osint-main.html')

@app.route("/web/sql-injection", methods=('GET', 'POST'))
def websql():
    if request.method == 'POST':
        login = request.form['login']
        password = request.form['pass']
        cursor = get_db().cursor()
        cursor.execute(f'SELECT * FROM Users WHERE login == "{login}" AND password == "{password}"')
        user = cursor.fetchone()
        if not user:
            return render_template('sql-injection.html', error='Ошибка: неверный логин или пароль')
        session['sql_flag'] = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
        return redirect(url_for('success_login'), code=302)
    return render_template('sql-injection.html')

@app.route("/web/idor")
def webidor():
    return render_template('idor.html')

@app.route("/web/path-traversal")
def webpt():
    return render_template('path-traversal.html')

@app.route("/web/ssti")
def webssti():
    return render_template('ssti.html')

@app.route("/web/portswigger-guide")
def webpsguide():
    return render_template('portswigger-guide.html')

@app.route("/forensic/metadata", methods=('GET', 'POST'))
def fmetadata():
    flag_task1 = session['flag_task1']
    if request.method == 'POST':
        user_flag = request.form['user_flag']
        if user_flag == flag_task1:
            return render_template('task1-metadata.html', flag=flag_task1, success_flag='.')
        return render_template('task1-metadata.html', flag=flag_task1, error='Ошибка: неверный флаг!')

    if not flag_task1:
        session['task1_id'] = id = hex(getrandbits(45))[2:]
        session['flag_task1'] = flag_task1 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
        task1_flag(flag_task1, id)
    return render_template('task1-metadata.html', flag=flag_task1)

@app.route("/forensic/getimg")
def forensic_task1():
    return send_file(f'/tmp/task1/{session['task1_id']}.jpg')

@app.route("/forensic/base-guide", methods=('GET', 'POST'))
def fbase():
    flag_task2 = session['flag_task2']
    if request.method == 'POST':
        user_flag = request.form['user_flag']
        if user_flag == flag_task2:
            return render_template('base.html', flag=flag_task2, success_flag='.')
        return render_template('base.html', flag=flag_task2, error='Ошибка: неверный флаг!')
    if not flag_task2:
        session['flag_task2'] = flag_task2 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
    base32str = str(base64.b32encode(flag_task2.encode()))[2:-1]
    base64str = str(base64.b64encode(f"Ой-ой, похоже, что самое главное всё ещё зашифровано(  {base32str}".encode()))[2:-1]
    return render_template('base.html', base_task=base64str)


@app.route("/forensic/.docx_files", methods=('GET', 'POST'))
def fbinwalk():
    flag_task2 = 'C4TchFl4g{GT4_6_1eaks}'
    if request.method == 'POST':
        user_flag = request.form['user_flag']
        if user_flag == flag_task2:
            return render_template('binwalk.html', flag=flag_task2, success_flag='.')
        return render_template('binwalk.html', flag=flag_task2, error='Ошибка: неверный флаг!')
    return render_template('binwalk.html')

@app.route("/forensic/hex")
def fhex():
    return render_template('hex.html')

@app.route("/forensic/hash")
def fhash():
    return render_template('hash.html')

@app.route("/osint/questions")
def osintquestions():
    return render_template('osint-questions.html')

@app.route("/osint/geoguessr")
def osintgeoguessr():
    return render_template('osint-geoguessr.html')

@app.route("/osint/really_hard_task")
def osintrht():
    return render_template('osint-hardtask.html')

@app.route("/web/success_login-sqltask", methods=('GET', 'POST'))
def success_login():
    flag = session.get('sql_flag')
    if request.method == 'POST':
        user_flag = request.form['user_flag']
        if user_flag == flag:
            return render_template('success-sql.html', flag=flag, success_flag='.')
        return render_template('success-sql.html', flag=flag, error='Ошибка: неверный флаг!')
    if flag:
        return render_template('success-sql.html', flag=flag)
    abort(404)

@app.errorhandler(werkzeug.exceptions.NotFound)
def handle_bad_request(e):
    return '<img src="https://http.cat/404.jpg">', 404

app.run(host="0.0.0.0", debug=False)
connection.close()
feat: sql-task profile 2025-02-02 20:43:16 +03:00			`import werkzeug`
feat: regen forensic_task1 flag 2025-02-14 13:19:23 +03:00			`from flask import Flask, render_template, request, url_for, session, redirect, g, abort, send_file`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`import sqlite3`
feat: sql-task get flag 2025-02-03 00:19:41 +03:00			`from random import getrandbits`
feat: regen forensic_task1 flag 2025-02-14 13:19:23 +03:00			`from func import *`
feat(forensic): base task and flag accept 2025-04-08 23:00:54 +03:00			`import base64`
feat: Sql task window 2025-01-25 22:18:21 +03:00
wip: Sql task error 2025-01-26 22:34:47 +03:00			`connection = sqlite3.connect('database.db')`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`cursor = connection.cursor()`
			`cursor.execute('''`
			`CREATE TABLE IF NOT EXISTS Users (`
			`id INTEGER PRIMARY KEY,`
			`login TEXT NOT NULL,`
			`password TEXT NOT NULL`
			`)`
			`''')`
			`cursor.execute('SELECT * FROM Users where login = "admin"')`
wip: Sql task error 2025-01-26 22:34:47 +03:00			`if not cursor.fetchone():`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`cursor.execute('INSERT INTO Users (login, password) VALUES (?, ?)', ('admin', '12345678'))`
			`connection.commit()`
init commit 2025-01-23 00:19:58 +03:00
			`app = Flask(__name__)`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`app.config['SECRET_KEY'] = 'ca4ac4ada05f91a5790d2132992bfaed86df15c4d08f2dfe'`
wip: Sql task error 2025-01-26 22:34:47 +03:00			`DATABASE = 'database.db'`

			`def get_db():`
			`db = getattr(g, '_database', None)`
			`if db is None:`
			`db = g._database = sqlite3.connect(DATABASE)`
			`return db`

			`@app.teardown_appcontext`
			`def close_connection(exception):`
			`db = getattr(g, '_database', None)`
			`if db:`
			`db.close()`
init commit 2025-01-23 00:19:58 +03:00
			`@app.route("/")`
			`def index():`
			`return render_template('index.html')`

feat: section main files 2025-04-05 22:42:20 +03:00			`@app.route("/web")`
			`def web():`
			`return render_template('web-main.html')`

			`@app.route("/forensic")`
			`def forensic():`
			`return render_template('forensic-main.html')`

			`@app.route("/osint")`
			`def osint():`
			`return render_template('osint-main.html')`

fix: nav-div disign 2025-04-06 21:37:12 +03:00			`@app.route("/web/sql-injection", methods=('GET', 'POST'))`
feat: web main page 2025-04-07 12:23:56 +03:00			`def websql():`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`if request.method == 'POST':`
			`login = request.form['login']`
			`password = request.form['pass']`
wip: Sql task error 2025-01-26 22:34:47 +03:00			`cursor = get_db().cursor()`
Smol change 2025-01-26 22:50:50 +03:00			`cursor.execute(f'SELECT * FROM Users WHERE login == "{login}" AND password == "{password}"')`
wip: Sql task error 2025-01-26 22:34:47 +03:00			`user = cursor.fetchone()`
			`if not user:`
wip: Sql task tmp disign 2025-01-27 00:20:55 +03:00			`return render_template('sql-injection.html', error='Ошибка: неверный логин или пароль')`
feat: sql-task get flag 2025-02-03 00:19:41 +03:00			`session['sql_flag'] = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'`
feat: sql-task profile 2025-02-02 20:43:16 +03:00			`return redirect(url_for('success_login'), code=302)`
init commit 2025-01-23 00:19:58 +03:00			`return render_template('sql-injection.html')`

feat: web main page 2025-04-07 12:23:56 +03:00			`@app.route("/web/idor")`
			`def webidor():`
			`return render_template('idor.html')`

			`@app.route("/web/path-traversal")`
			`def webpt():`
			`return render_template('path-traversal.html')`

			`@app.route("/web/ssti")`
			`def webssti():`
			`return render_template('ssti.html')`

			`@app.route("/web/portswigger-guide")`
			`def webpsguide():`
			`return render_template('portswigger-guide.html')`

feat: forensic metadata task help 2025-04-08 14:43:15 +03:00			`@app.route("/forensic/metadata", methods=('GET', 'POST'))`
feat: forensic main page 2025-04-07 12:48:42 +03:00			`def fmetadata():`
fix(forensic): metadata task flag accept 2025-04-08 20:22:57 +03:00			`flag_task1 = session['flag_task1']`
fix: main-icon 2025-04-03 22:23:02 +03:00			`if request.method == 'POST':`
			`user_flag = request.form['user_flag']`
			`if user_flag == flag_task1:`
feat: section main files 2025-04-05 22:42:20 +03:00			`return render_template('task1-metadata.html', flag=flag_task1, success_flag='.')`
			`return render_template('task1-metadata.html', flag=flag_task1, error='Ошибка: неверный флаг!')`
fix(forensic): metadata task flag accept 2025-04-08 20:22:57 +03:00
			`if not flag_task1:`
			`session['task1_id'] = id = hex(getrandbits(45))[2:]`
			`session['flag_task1'] = flag_task1 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'`
			`task1_flag(flag_task1, id)`
			`return render_template('task1-metadata.html', flag=flag_task1)`
init commit 2025-01-23 00:19:58 +03:00
fix: main help 2025-04-07 23:38:07 +03:00			`@app.route("/forensic/getimg")`
feat: regen forensic_task1 flag 2025-02-14 13:19:23 +03:00			`def forensic_task1():`
			`return send_file(f'/tmp/task1/{session['task1_id']}.jpg')`

feat(forensic): base task and flag accept 2025-04-08 23:00:54 +03:00			`@app.route("/forensic/base-guide", methods=('GET', 'POST'))`
feat: forensic main page 2025-04-07 12:48:42 +03:00			`def fbase():`
feat(forensic): base task and flag accept 2025-04-08 23:00:54 +03:00			`flag_task2 = session['flag_task2']`
			`if request.method == 'POST':`
			`user_flag = request.form['user_flag']`
			`if user_flag == flag_task2:`
			`return render_template('base.html', flag=flag_task2, success_flag='.')`
			`return render_template('base.html', flag=flag_task2, error='Ошибка: неверный флаг!')`
			`if not flag_task2:`
			`session['flag_task2'] = flag_task2 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'`
			`base32str = str(base64.b32encode(flag_task2.encode()))[2:-1]`
			`base64str = str(base64.b64encode(f"Ой-ой, похоже, что самое главное всё ещё зашифровано( {base32str}".encode()))[2:-1]`
			`return render_template('base.html', base_task=base64str)`

feat: forensic main page 2025-04-07 12:48:42 +03:00
feat(forensic): binwalk task flag accept 2025-04-08 21:18:10 +03:00			`@app.route("/forensic/.docx_files", methods=('GET', 'POST'))`
feat: forensic main page 2025-04-07 12:48:42 +03:00			`def fbinwalk():`
feat(forensic): binwalk task flag accept 2025-04-08 21:18:10 +03:00			`flag_task2 = 'C4TchFl4g{GT4_6_1eaks}'`
			`if request.method == 'POST':`
			`user_flag = request.form['user_flag']`
			`if user_flag == flag_task2:`
fix(forensic): binwalk task flag accept 2025-04-08 21:20:03 +03:00			`return render_template('binwalk.html', flag=flag_task2, success_flag='.')`
			`return render_template('binwalk.html', flag=flag_task2, error='Ошибка: неверный флаг!')`
feat: forensic main page 2025-04-07 12:48:42 +03:00			`return render_template('binwalk.html')`

			`@app.route("/forensic/hex")`
			`def fhex():`
			`return render_template('hex.html')`

			`@app.route("/forensic/hash")`
			`def fhash():`
			`return render_template('hash.html')`

			`@app.route("/osint/questions")`
			`def osintquestions():`
			`return render_template('osint-questions.html')`

			`@app.route("/osint/geoguessr")`
			`def osintgeoguessr():`
			`return render_template('osint-geoguessr.html')`

			`@app.route("/osint/really_hard_task")`
			`def osintrht():`
			`return render_template('osint-hardtask.html')`

fix: success page 2025-04-07 22:13:31 +03:00			`@app.route("/web/success_login-sqltask", methods=('GET', 'POST'))`
feat: sql-task profile 2025-02-02 20:43:16 +03:00			`def success_login():`
fix: display flag sql-task 2025-02-05 00:17:09 +03:00			`flag = session.get('sql_flag')`
feat: sql-task get flag 2025-02-03 00:19:41 +03:00			`if request.method == 'POST':`
			`user_flag = request.form['user_flag']`
fix: display flag sql-task 2025-02-05 00:17:09 +03:00			`if user_flag == flag:`
feat: section main files 2025-04-05 22:42:20 +03:00			`return render_template('success-sql.html', flag=flag, success_flag='.')`
			`return render_template('success-sql.html', flag=flag, error='Ошибка: неверный флаг!')`
fix: display flag sql-task 2025-02-05 00:17:09 +03:00			`if flag:`
feat: section main files 2025-04-05 22:42:20 +03:00			`return render_template('success-sql.html', flag=flag)`
feat: sql-task profile 2025-02-02 20:43:16 +03:00			`abort(404)`
feat: Sql task window 2025-01-25 22:18:21 +03:00
feat: sql-task profile 2025-02-02 20:43:16 +03:00			`@app.errorhandler(werkzeug.exceptions.NotFound)`
			`def handle_bad_request(e):`
			`return '<img src="https://http.cat/404.jpg">', 404`
vse ploho 2025-01-24 21:21:41 +03:00
fix: run 2025-01-30 20:55:31 +03:00			`app.run(host="0.0.0.0", debug=False)`
Smol change 2025-01-26 22:50:50 +03:00			`connection.close()`