summaryrefslogtreecommitdiffstats
path: root/iv/orodja/napad/nadzor.py
diff options
context:
space:
mode:
authorAnton Luka Šijanec <anton@sijanec.eu>2024-09-04 01:10:18 +0200
committerAnton Luka Šijanec <anton@sijanec.eu>2024-09-04 01:10:18 +0200
commit5a21bf8a591721b2e55927902309daf73248be84 (patch)
treefbf924e0e57a6f084a3a054c2512e75df8af7bea /iv/orodja/napad/nadzor.py
parentmaking submission safe again ): separating rce to another process (diff)
downloadr-5a21bf8a591721b2e55927902309daf73248be84.tar
r-5a21bf8a591721b2e55927902309daf73248be84.tar.gz
r-5a21bf8a591721b2e55927902309daf73248be84.tar.bz2
r-5a21bf8a591721b2e55927902309daf73248be84.tar.lz
r-5a21bf8a591721b2e55927902309daf73248be84.tar.xz
r-5a21bf8a591721b2e55927902309daf73248be84.tar.zst
r-5a21bf8a591721b2e55927902309daf73248be84.zip
Diffstat (limited to 'iv/orodja/napad/nadzor.py')
-rwxr-xr-xiv/orodja/napad/nadzor.py36
1 files changed, 36 insertions, 0 deletions
diff --git a/iv/orodja/napad/nadzor.py b/iv/orodja/napad/nadzor.py
new file mode 100755
index 0000000..515aa3e
--- /dev/null
+++ b/iv/orodja/napad/nadzor.py
@@ -0,0 +1,36 @@
+#!/usr/bin/python3
+from flask import Flask, render_template, request
+import os
+import sqlite3
+import sys
+
+
+app = Flask(__name__)
+
+@app.route("/", methods=["GET"])
+def frontend():
+ return render_template("frontend.html")
+
+@app.route("/sql", methods=["POST"])
+def sql():
+ with sqlite3.connect(os.getenv("SUBMISSION_DB", "flags.db")) as db:
+ db.setconfig(sqlite3.SQLITE_DBCONFIG_DEFENSIVE, True)
+ rows = []
+ for row in db.execute(request.data.decode()):
+ columns = []
+ for column in row:
+ if type(column) == bytes:
+ columns.append(column.decode("utf-8", errors="surrogateescape"))
+ else:
+ columns.append(column)
+ rows.append(columns)
+ return rows
+
+if __name__ == "__main__":
+ port = 21503
+ host = "::"
+ if len(sys.argv) > 1:
+ port = int(sys.argv[1])
+ if len(sys.argv) > 2:
+ host = sys.argv[2]
+ app.run(port=port, debug=True, host=host)