Chest/CTF-site-project
Chest/CTF-site-project
1
1
Fork 0
Code Issues Pull Requests Activity

feat: web main page

Browse Source
This commit is contained in:
cheeest 2025-04-07 12:23:56 +03:00
parent 22cdb19d98
commit 7c068e0c89
4 changed files with 39 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app.py
View File

@ -51,7 +51,7 @@ def osint():
return render_template('osint-main.html') return render_template('osint-main.html')
@app.route("/web/sql-injection", methods=('GET', 'POST')) @app.route("/web/sql-injection", methods=('GET', 'POST'))
def sql(): def websql():
if request.method == 'POST': if request.method == 'POST':
login = request.form['login'] login = request.form['login']
password = request.form['pass'] password = request.form['pass']
@ -64,8 +64,24 @@ def sql():
return redirect(url_for('success_login'), code=302) return redirect(url_for('success_login'), code=302)
return render_template('sql-injection.html') return render_template('sql-injection.html')
@app.route("/web/idor")
def webidor():
return render_template('idor.html')
@app.route("/web/path-traversal")
def webpt():
return render_template('path-traversal.html')
@app.route("/web/ssti")
def webssti():
return render_template('ssti.html')
@app.route("/web/portswigger-guide")
def webpsguide():
return render_template('portswigger-guide.html')
@app.route("/forensic/task1-metadata") @app.route("/forensic/task1-metadata")
def task1(): def forensictask1():
session['task1_id'] = id = hex(getrandbits(45))[2:] session['task1_id'] = id = hex(getrandbits(45))[2:]
session['task1_flag'] = flag_task1 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}' session['task1_flag'] = flag_task1 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
task1_flag(flag_task1, id) task1_flag(flag_task1, id)
@ -83,10 +99,6 @@ def task1():
def forensic_task1(): def forensic_task1():
return send_file(f'/tmp/task1/{session['task1_id']}.jpg') return send_file(f'/tmp/task1/{session['task1_id']}.jpg')
@app.route("/decode-me")
def decode():
return render_template('decode.html')
@app.route("/success_login", methods=('GET', 'POST')) @app.route("/success_login", methods=('GET', 'POST'))
def success_login(): def success_login():
flag = session.get('sql_flag') flag = session.get('sql_flag')

1
templates/decode.html
View File

@ -1 +0,0 @@
{% extends '_task.html' %}

0
templates/success.html → templates/success-sql.html
View File

26
templates/web-main.html
View File

@ -1,6 +1,22 @@
<html lang="ru"> <html lang="ru">
{% include '_head.html' %} {% include '_head.html' %}
<body> <body>
{% include '_header.html' %} {% include '_header.html' %}
{% include '_sidenav.html' %} {% include '_sidenav.html' %}
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}"> <div class="container">
<div class="small info1 capsule-window">
<p class="simpletext">< Задания категории Web ></p>
<nav class="navbtn">
{%- for name, descr in (
('websql', "SQL-инъекция"),
('webidor', "Уязвимость IDOR"),
('webpt', "Уязвимость Path Traversal"),
('webssti', "Уязвимость SSTI"),
('webpsguide', "PortSwigger и с чем его едят"),
) %}
<a href="{{ url_for(name) }}" class="btn1">{{ descr }}</a>
{%- endfor %}
</div>
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
</body>
</html>