Compare commits
4 Commits
22cdb19d98
...
fe43dc0497
| Author | SHA1 | Date | |
|---|---|---|---|
| fe43dc0497 | |||
| f585a49b5b | |||
| 0a70a407e5 | |||
| 7c068e0c89 |
56
app.py
56
app.py
@ -51,7 +51,7 @@ def osint():
|
|||||||
return render_template('osint-main.html')
|
return render_template('osint-main.html')
|
||||||
|
|
||||||
@app.route("/web/sql-injection", methods=('GET', 'POST'))
|
@app.route("/web/sql-injection", methods=('GET', 'POST'))
|
||||||
def sql():
|
def websql():
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
login = request.form['login']
|
login = request.form['login']
|
||||||
password = request.form['pass']
|
password = request.form['pass']
|
||||||
@ -64,8 +64,24 @@ def sql():
|
|||||||
return redirect(url_for('success_login'), code=302)
|
return redirect(url_for('success_login'), code=302)
|
||||||
return render_template('sql-injection.html')
|
return render_template('sql-injection.html')
|
||||||
|
|
||||||
@app.route("/forensic/task1-metadata")
|
@app.route("/web/idor")
|
||||||
def task1():
|
def webidor():
|
||||||
|
return render_template('idor.html')
|
||||||
|
|
||||||
|
@app.route("/web/path-traversal")
|
||||||
|
def webpt():
|
||||||
|
return render_template('path-traversal.html')
|
||||||
|
|
||||||
|
@app.route("/web/ssti")
|
||||||
|
def webssti():
|
||||||
|
return render_template('ssti.html')
|
||||||
|
|
||||||
|
@app.route("/web/portswigger-guide")
|
||||||
|
def webpsguide():
|
||||||
|
return render_template('portswigger-guide.html')
|
||||||
|
|
||||||
|
@app.route("/forensic/metadata")
|
||||||
|
def fmetadata():
|
||||||
session['task1_id'] = id = hex(getrandbits(45))[2:]
|
session['task1_id'] = id = hex(getrandbits(45))[2:]
|
||||||
session['task1_flag'] = flag_task1 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
|
session['task1_flag'] = flag_task1 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
|
||||||
task1_flag(flag_task1, id)
|
task1_flag(flag_task1, id)
|
||||||
@ -79,15 +95,39 @@ def task1():
|
|||||||
abort(404)
|
abort(404)
|
||||||
return render_template('task1-metadata.html')
|
return render_template('task1-metadata.html')
|
||||||
|
|
||||||
@app.route("/found-me/task1")
|
@app.route("/found-me/task1") #TODO
|
||||||
def forensic_task1():
|
def forensic_task1():
|
||||||
return send_file(f'/tmp/task1/{session['task1_id']}.jpg')
|
return send_file(f'/tmp/task1/{session['task1_id']}.jpg')
|
||||||
|
|
||||||
@app.route("/decode-me")
|
@app.route("/forensic/base-guide")
|
||||||
def decode():
|
def fbase():
|
||||||
return render_template('decode.html')
|
return render_template('base.html')
|
||||||
|
|
||||||
@app.route("/success_login", methods=('GET', 'POST'))
|
@app.route("/forensic/.docx_files")
|
||||||
|
def fbinwalk():
|
||||||
|
return render_template('binwalk.html')
|
||||||
|
|
||||||
|
@app.route("/forensic/hex")
|
||||||
|
def fhex():
|
||||||
|
return render_template('hex.html')
|
||||||
|
|
||||||
|
@app.route("/forensic/hash")
|
||||||
|
def fhash():
|
||||||
|
return render_template('hash.html')
|
||||||
|
|
||||||
|
@app.route("/osint/questions")
|
||||||
|
def osintquestions():
|
||||||
|
return render_template('osint-questions.html')
|
||||||
|
|
||||||
|
@app.route("/osint/geoguessr")
|
||||||
|
def osintgeoguessr():
|
||||||
|
return render_template('osint-geoguessr.html')
|
||||||
|
|
||||||
|
@app.route("/osint/really_hard_task")
|
||||||
|
def osintrht():
|
||||||
|
return render_template('osint-hardtask.html')
|
||||||
|
|
||||||
|
@app.route("/success_login-sqltask", methods=('GET', 'POST'))
|
||||||
def success_login():
|
def success_login():
|
||||||
flag = session.get('sql_flag')
|
flag = session.get('sql_flag')
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
|
|||||||
19
templates/_forensicsidenav.html
Normal file
19
templates/_forensicsidenav.html
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
<div class="navigation capsule-window">
|
||||||
|
<div class="decore1"></div>
|
||||||
|
<nav class="navlink">
|
||||||
|
<a href="{{ url_for('index') }}" class="link">На главную</a>
|
||||||
|
{%- for link, text in (
|
||||||
|
('fmetadata', "Метаданные и как их найти"),
|
||||||
|
('fbinwalk', "Что не так с моим докладом?"),
|
||||||
|
('fbase', "0K3RgtC+INCx0LDQt9Cw"),
|
||||||
|
('fhex', "Hex в картинках"),
|
||||||
|
('fhash', "Зачем Cat нужен hash"),
|
||||||
|
) %}
|
||||||
|
{%- if request.path != url_for(link) %}
|
||||||
|
<a href="{{ url_for(link) }}" class="link">{{ text }}</a>
|
||||||
|
{%- endif %}
|
||||||
|
{%- endfor %}
|
||||||
|
{#- <!-- <a href="">rfi</a>--> #}
|
||||||
|
{#- <!-- <a href="">lfi</a>--> #}
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
@ -1,7 +1,7 @@
|
|||||||
<div class="navigation capsule-window">
|
<div class="navigation capsule-window">
|
||||||
<div class="decore1"></div>
|
<div class="decore1"></div>
|
||||||
<nav class="navlink">
|
<nav class="navlink">
|
||||||
<a href="{{ url_for('index') }}" class="link">на главную</a>
|
<a href="{{ url_for('index') }}" class="link">На главную</a>
|
||||||
{%- for link, text in (
|
{%- for link, text in (
|
||||||
('web', 'Web'),
|
('web', 'Web'),
|
||||||
('forensic', 'Форензика'),
|
('forensic', 'Форензика'),
|
||||||
17
templates/_osintsidenav.html
Normal file
17
templates/_osintsidenav.html
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
<div class="navigation capsule-window">
|
||||||
|
<div class="decore1"></div>
|
||||||
|
<nav class="navlink">
|
||||||
|
<a href="{{ url_for('index') }}" class="link">На главную</a>
|
||||||
|
{%- for link, text in (
|
||||||
|
('osintquestions', "Чур ответы не гуглить!"),
|
||||||
|
('osintgeoguessr', "Мастер яндекс-карт"),
|
||||||
|
('osintrht', "Реально сложный таск"),
|
||||||
|
) %}
|
||||||
|
{%- if request.path != url_for(link) %}
|
||||||
|
<a href="{{ url_for(link) }}" class="link">{{ text }}</a>
|
||||||
|
{%- endif %}
|
||||||
|
{%- endfor %}
|
||||||
|
{#- <!-- <a href="">rfi</a>--> #}
|
||||||
|
{#- <!-- <a href="">lfi</a>--> #}
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
@ -10,7 +10,7 @@
|
|||||||
|
|
||||||
{% block content -%}{% endblock -%}
|
{% block content -%}{% endblock -%}
|
||||||
|
|
||||||
{% include '_sidenav.html' %}
|
|
||||||
<img id="help" onclick="showPopup()" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
<img id="help" onclick="showPopup()" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
|
|||||||
19
templates/_websidenav.html
Normal file
19
templates/_websidenav.html
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
<div class="navigation capsule-window">
|
||||||
|
<div class="decore1"></div>
|
||||||
|
<nav class="navlink">
|
||||||
|
<a href="{{ url_for('index') }}" class="link">На главную</a>
|
||||||
|
{%- for link, text in (
|
||||||
|
('websql', "SQL-инъекция"),
|
||||||
|
('webidor', "Уязвимость IDOR"),
|
||||||
|
('webpt', "Уязвимость Path Traversal"),
|
||||||
|
('webssti', "Уязвимость SSTI"),
|
||||||
|
('webpsguide', "Немного о PortSwigger"),
|
||||||
|
) %}
|
||||||
|
{%- if request.path != url_for(link) %}
|
||||||
|
<a href="{{ url_for(link) }}" class="link">{{ text }}</a>
|
||||||
|
{%- endif %}
|
||||||
|
{%- endfor %}
|
||||||
|
{#- <!-- <a href="">rfi</a>--> #}
|
||||||
|
{#- <!-- <a href="">lfi</a>--> #}
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
@ -1 +0,0 @@
|
|||||||
{% extends '_task.html' %}
|
|
||||||
@ -1,6 +1,22 @@
|
|||||||
<html lang="ru">
|
<html lang="ru">
|
||||||
{% include '_head.html' %}
|
{% include '_head.html' %}
|
||||||
<body>
|
<body>
|
||||||
{% include '_header.html' %}
|
{% include '_header.html' %}
|
||||||
{% include '_sidenav.html' %}
|
{% include '_mainsidenav.html' %}
|
||||||
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
<div class="container">
|
||||||
|
<div class="small info1 capsule-window">
|
||||||
|
<p class="simpletext">< Задания категории Форензика ></p>
|
||||||
|
<nav class="navbtn">
|
||||||
|
{%- for name, descr in (
|
||||||
|
('fmetadata', "Метаданные и как их найти"),
|
||||||
|
('fbinwalk', "Что не так с моим докладом?"),
|
||||||
|
('fbase', "0K3RgtC+INCx0LDQt9Cw"),
|
||||||
|
('fhex', "Hex в картинках"),
|
||||||
|
('fhash', "Зачем Cat нужен hash"),
|
||||||
|
) %}
|
||||||
|
<a href="{{ url_for(name) }}" class="btn1">{{ descr }}</a>
|
||||||
|
{%- endfor %}
|
||||||
|
</div>
|
||||||
|
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
@ -1,6 +1,20 @@
|
|||||||
<html lang="ru">
|
<html lang="ru">
|
||||||
{% include '_head.html' %}
|
{% include '_head.html' %}
|
||||||
<body>
|
<body>
|
||||||
{% include '_header.html' %}
|
{% include '_header.html' %}
|
||||||
{% include '_sidenav.html' %}
|
{% include '_mainsidenav.html' %}
|
||||||
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
<div class="container">
|
||||||
|
<div class="small info1 capsule-window">
|
||||||
|
<p class="simpletext">< Задания категории OSINT ></p>
|
||||||
|
<nav class="navbtn">
|
||||||
|
{%- for name, descr in (
|
||||||
|
('osintquestions', "Чур ответы не гуглить!"),
|
||||||
|
('osintgeoguessr', "Профессионал Яндекс-карт"),
|
||||||
|
('osintrht', "Реально сложный таск"),
|
||||||
|
) %}
|
||||||
|
<a href="{{ url_for(name) }}" class="btn1">{{ descr }}</a>
|
||||||
|
{%- endfor %}
|
||||||
|
</div>
|
||||||
|
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
6
templates/osint-questions.html
Normal file
6
templates/osint-questions.html
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{% extends '_task.html' %}
|
||||||
|
{% include '_osintsidenav.html' %}
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
|
||||||
|
{% endblock %}
|
||||||
@ -1,5 +1,5 @@
|
|||||||
{% extends '_task.html' %}
|
{% extends '_task.html' %}
|
||||||
|
{% include '_websidenav.html' %}
|
||||||
{% block content %}
|
{% block content %}
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<div id="popup" class="sql-guide capsule-window">
|
<div id="popup" class="sql-guide capsule-window">
|
||||||
@ -35,4 +35,3 @@ cursor.execute(f'SELECT * FROM Users WHERE login == "{login}" AND password == "{
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
D
|
|
||||||
@ -1,4 +1,5 @@
|
|||||||
{% extends '_task.html' %}
|
{% extends '_task.html' %}
|
||||||
|
{% include '_forensicsidenav.html' %}
|
||||||
{% block content %}
|
{% block content %}
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="capsule-window info1">
|
<div class="capsule-window info1">
|
||||||
|
|||||||
@ -1,6 +1,22 @@
|
|||||||
<html lang="ru">
|
<html lang="ru">
|
||||||
{% include '_head.html' %}
|
{% include '_head.html' %}
|
||||||
<body>
|
<body>
|
||||||
{% include '_header.html' %}
|
{% include '_header.html' %}
|
||||||
{% include '_sidenav.html' %}
|
{% include '_mainsidenav.html' %}
|
||||||
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
<div class="container">
|
||||||
|
<div class="small info1 capsule-window">
|
||||||
|
<p class="simpletext">< Задания категории Web ></p>
|
||||||
|
<nav class="navbtn">
|
||||||
|
{%- for name, descr in (
|
||||||
|
('websql', "SQL-инъекция"),
|
||||||
|
('webidor', "Уязвимость IDOR"),
|
||||||
|
('webpt', "Уязвимость Path Traversal"),
|
||||||
|
('webssti', "Уязвимость SSTI"),
|
||||||
|
('webpsguide', "Немного о PortSwigger"),
|
||||||
|
) %}
|
||||||
|
<a href="{{ url_for(name) }}" class="btn1">{{ descr }}</a>
|
||||||
|
{%- endfor %}
|
||||||
|
</div>
|
||||||
|
<img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
Loading…
x
Reference in New Issue
Block a user