Chest/CTF-site-project
Chest/CTF-site-project
1
1
Fork 0
Code Issues Pull Requests Activity

wip: Sql task error

Browse Source
This commit is contained in:
chest 2025-01-26 22:34:47 +03:00 committed by Sweetbread
parent 312dfccd79
commit fff4031edb
3 changed files with 49 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
app.py
View File

@ -1,7 +1,7 @@
from flask import Flask, render_template, request, url_for, flash, redirect from flask import Flask, render_template, request, url_for, flash, redirect, g
import sqlite3 import sqlite3
connection = sqlite3.connect('my_database.db') connection = sqlite3.connect('database.db')
cursor = connection.cursor() cursor = connection.cursor()
cursor.execute(''' cursor.execute('''
CREATE TABLE IF NOT EXISTS Users ( CREATE TABLE IF NOT EXISTS Users (
@ -11,13 +11,25 @@ cursor.execute('''
) )
''') ''')
cursor.execute('SELECT * FROM Users where login = "admin"') cursor.execute('SELECT * FROM Users where login = "admin"')
user = cursor.fetchone() if not cursor.fetchone():
if not user:
cursor.execute('INSERT INTO Users (login, password) VALUES (?, ?)', ('admin', '12345678')) cursor.execute('INSERT INTO Users (login, password) VALUES (?, ?)', ('admin', '12345678'))
connection.commit() connection.commit()
app = Flask(__name__) app = Flask(__name__)
app.config['SECRET_KEY'] = 'ca4ac4ada05f91a5790d2132992bfaed86df15c4d08f2dfe' app.config['SECRET_KEY'] = 'ca4ac4ada05f91a5790d2132992bfaed86df15c4d08f2dfe'
DATABASE = 'database.db'
def get_db():
db = getattr(g, '_database', None)
if db is None:
db = g._database = sqlite3.connect(DATABASE)
return db
@app.teardown_appcontext
def close_connection(exception):
db = getattr(g, '_database', None)
if db:
db.close()
@app.route("/") @app.route("/")
def index(): def index():
@ -28,6 +40,14 @@ def sql():
if request.method == 'POST': if request.method == 'POST':
login = request.form['login'] login = request.form['login']
password = request.form['pass'] password = request.form['pass']
cursor = get_db().cursor()
cursor.execute(f'SELECT * FROM Users where login == "{login}"')
user = cursor.fetchone()
if not user:
return render_template('sql-injection.html', error='catmeow')
if password != user[2]:
return render_template('sql-injection.html', error=':p')
return render_template('sql-injection.html', success="popacool")
return render_template('sql-injection.html') return render_template('sql-injection.html')
@app.route("/found-me") @app.route("/found-me")

14
static/index.css
View File

@ -225,6 +225,20 @@
transform: translate(0, 0.2em); transform: translate(0, 0.2em);
} }
#error {
bottom: 1.5%;
right: 10%;
position: absolute;
background-color: red;
}
#success {
bottom: 1.5%;
right: 10%;
position: absolute;
background-color: green;
}
body { body {
background-image: url(/static/imgs/bg.gif); background-image: url(/static/imgs/bg.gif);
width: 100vw; width: 100vw;

13
templates/sql-injection.html
View File

@ -12,7 +12,7 @@
</div> </div>
<div class="sql-input divv"> <div class="sql-input divv">
<form action="auth-data" method="post" class="simpletext"> <form action="sql-injection" method="post" class="simpletext">
<div class="small-container" ><p>Login : </p> <input type="text" name="login" class="inpt" /></div> <div class="small-container" ><p>Login : </p> <input type="text" name="login" class="inpt" /></div>
<div class="small-container"><p>Password:</p> <input type="password" name="pass" class="inpt"/></div> <div class="small-container"><p>Password:</p> <input type="password" name="pass" class="inpt"/></div>
<input type="submit" value="Submit" class="btn1" /> <input type="submit" value="Submit" class="btn1" />
@ -30,8 +30,17 @@
<!-- <a href="">lfi</a>--> <!-- <a href="">lfi</a>-->
</nav> </nav>
</div> </div>
{% if error %}
<div id="error">
<p>{{ error }}</p>
</div>
{% endif %}
{% if success %}
<div id="success">
<p>{{ success }}</p>
</div>
{% endif %}
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}"> <img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
</body> </body>