| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 |
- from flask import Flask, request, render_template_string
- import sqlite3
- import pickle
- import os
- app = Flask(__name__)
- app.secret_key = os.urandom(16)
- @app.route('/xss')
- def xss():
- name = request.args.get('name', '')
- return f'<h1>Hello {name}</h1>'
- @app.route('/login', methods=['POST'])
- def login():
- username = request.form['username']
- password = request.form['password']
- conn = sqlite3.connect('test.db')
- cursor = conn.cursor()
- query = f"SELECT * FROM users WHERE username='{username}' AND password='{password}'"
- cursor.execute(query)
- return "Login success" if cursor.fetchone() else "Failed"
- ('/deserialize', methods=['POST'])
- def deserialize():
- data = request.get_data()
- obj = pickle.loads(data)
- return str(obj)
- @app.route('/buffer_overflow')
- def buffer_overflow():
- buffer = ['A'] * 64
- user_input = request.args.get('input', '')
- for i in range(len(user_input)):
- buffer[i] = user_input[i]
- return ''.join(buffer)
- @app.route('/read_file')
- def read_file():
- filename = request.args.get('file', '')
- with open(filename, 'r') as f:
- return f.read()
- if __name__ == '__main__':
- app.run(debug=True)
|
