Chest/CTF-site-project
1
1
Fork 0
Code Issues Pull Requests Activity

feat: sql-task get flag

Browse Source
This commit is contained in:
chest
2025-02-03 00:19:41 +03:00
committed by Sweetbread
parent f102fe8014
commit 5a768a56bf
4 changed files with 70 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.py
+10 -4
View File
@@ -1,6 +1,7 @@
import werkzeug
from flask import Flask, render_template, request, url_for, session, redirect, g, abort
import sqlite3
from random import getrandbits
connection = sqlite3.connect('database.db')
cursor = connection.cursor()
@@ -46,7 +47,7 @@ def sql():
user = cursor.fetchone()
if not user:
return render_template('sql-injection.html', error='Ошибка: неверный логин или пароль')
session['success_login'] = True
session['sql_flag'] = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
return redirect(url_for('success_login'), code=302)
return render_template('sql-injection.html')
@@ -58,10 +59,15 @@ def found():
def decode():
return render_template('decode.html')
@app.route("/success_login")
@app.route("/success_login", methods=('GET', 'POST'))
def success_login():
if session.get('success_login'):
return render_template('success.html')
if request.method == 'POST':
user_flag = request.form['user_flag']
if user_flag == session.get('sql_flag'):
return render_template('success.html', success_flag='.')
return render_template('success.html', error='Ошибка: неверный флаг!')
if flag := session.get('sql_flag'):
return render_template('success.html', flag=flag)
abort(404)
@app.errorhandler(werkzeug.exceptions.NotFound)