CTF-site-project/app.py

from flask import Flask, render_template, request, url_for, flash, redirect, g
import sqlite3

connection = sqlite3.connect('database.db')
cursor = connection.cursor()
cursor.execute('''
    CREATE TABLE IF NOT EXISTS Users (
    id INTEGER PRIMARY KEY,
    login TEXT NOT NULL,
    password TEXT NOT NULL
    )
''')
cursor.execute('SELECT * FROM Users where login = "admin"')
if not cursor.fetchone():
    cursor.execute('INSERT INTO Users (login, password) VALUES (?, ?)', ('admin', '12345678'))
connection.commit()

app = Flask(__name__)
app.config['SECRET_KEY'] = 'ca4ac4ada05f91a5790d2132992bfaed86df15c4d08f2dfe'
DATABASE = 'database.db'

def get_db():
    db = getattr(g, '_database', None)
    if db is None:
        db = g._database = sqlite3.connect(DATABASE)
    return db

@app.teardown_appcontext
def close_connection(exception):
    db = getattr(g, '_database', None)
    if db:
        db.close()

@app.route("/")
def index():
    return render_template('index.html')

@app.route("/sql-injection", methods=('GET', 'POST'))
def sql():
    if request.method == 'POST':
        login = request.form['login']
        password = request.form['pass']
        cursor = get_db().cursor()
        cursor.execute(f'SELECT * FROM Users where login == "{login}"')
        user = cursor.fetchone()
        if not user:
            return render_template('sql-injection.html', error='catmeow')
        if password != user[2]:
            return render_template('sql-injection.html', error=':p')
        return render_template('sql-injection.html', success="popacool")
    return render_template('sql-injection.html')

@app.route("/found-me")
def found():
    return render_template('found.html')

@app.route("/decode-me")
def decode():
    return render_template('decode.html')

@app.route("/auth-data")
def authdata():
    pass


app.run()
connection.close()
wip: Sql task error 2025-01-26 22:34:47 +03:00			`from flask import Flask, render_template, request, url_for, flash, redirect, g`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`import sqlite3`

wip: Sql task error 2025-01-26 22:34:47 +03:00			`connection = sqlite3.connect('database.db')`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`cursor = connection.cursor()`
			`cursor.execute('''`
			`CREATE TABLE IF NOT EXISTS Users (`
			`id INTEGER PRIMARY KEY,`
			`login TEXT NOT NULL,`
			`password TEXT NOT NULL`
			`)`
			`''')`
			`cursor.execute('SELECT * FROM Users where login = "admin"')`
wip: Sql task error 2025-01-26 22:34:47 +03:00			`if not cursor.fetchone():`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`cursor.execute('INSERT INTO Users (login, password) VALUES (?, ?)', ('admin', '12345678'))`
			`connection.commit()`
init commit 2025-01-23 00:19:58 +03:00
			`app = Flask(__name__)`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`app.config['SECRET_KEY'] = 'ca4ac4ada05f91a5790d2132992bfaed86df15c4d08f2dfe'`
wip: Sql task error 2025-01-26 22:34:47 +03:00			`DATABASE = 'database.db'`

			`def get_db():`
			`db = getattr(g, '_database', None)`
			`if db is None:`
			`db = g._database = sqlite3.connect(DATABASE)`
			`return db`

			`@app.teardown_appcontext`
			`def close_connection(exception):`
			`db = getattr(g, '_database', None)`
			`if db:`
			`db.close()`
init commit 2025-01-23 00:19:58 +03:00
			`@app.route("/")`
			`def index():`
			`return render_template('index.html')`

feat: Sql task window 2025-01-25 22:18:21 +03:00			`@app.route("/sql-injection", methods=('GET', 'POST'))`
init commit 2025-01-23 00:19:58 +03:00			`def sql():`
feat: Sql task window 2025-01-25 22:18:21 +03:00			`if request.method == 'POST':`
			`login = request.form['login']`
			`password = request.form['pass']`
wip: Sql task error 2025-01-26 22:34:47 +03:00			`cursor = get_db().cursor()`
			`cursor.execute(f'SELECT * FROM Users where login == "{login}"')`
			`user = cursor.fetchone()`
			`if not user:`
			`return render_template('sql-injection.html', error='catmeow')`
			`if password != user[2]:`
			`return render_template('sql-injection.html', error=':p')`
			`return render_template('sql-injection.html', success="popacool")`
init commit 2025-01-23 00:19:58 +03:00			`return render_template('sql-injection.html')`

			`@app.route("/found-me")`
			`def found():`
			`return render_template('found.html')`

			`@app.route("/decode-me")`
			`def decode():`
			`return render_template('decode.html')`

feat: Sql task window 2025-01-25 22:18:21 +03:00			`@app.route("/auth-data")`
			`def authdata():`
			`pass`

vse ploho 2025-01-24 21:21:41 +03:00
feat: Sql task window 2025-01-25 22:18:21 +03:00			`app.run()`
			`connection.close()`