Day 13 started
This commit is contained in:
parent
3cdd94b727
commit
f36aa42aa9
@ -20,14 +20,15 @@ def registerUser():
|
|||||||
return
|
return
|
||||||
|
|
||||||
print("Server returned %d %s" % (res.status_code, res.reason))
|
print("Server returned %d %s" % (res.status_code, res.reason))
|
||||||
print(res.text)
|
print(data)
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
||||||
def getFlag():
|
def getFlag():
|
||||||
payload = {
|
payload = {
|
||||||
"user": {
|
"user": {
|
||||||
"username": USERNAME,
|
"username": "Santa",
|
||||||
"platinum": True
|
"password": PASSWORD,
|
||||||
|
"platinum": False
|
||||||
},
|
},
|
||||||
"exp": time.time() + 60*60
|
"exp": time.time() + 60*60
|
||||||
}
|
}
|
||||||
@ -42,5 +43,6 @@ def getFlag():
|
|||||||
data = res.text
|
data = res.text
|
||||||
print(json.loads(data)["joke"])
|
print(json.loads(data)["joke"])
|
||||||
|
|
||||||
registerUser()
|
if __name__ == "__main__":
|
||||||
getFlag()
|
registerUser()
|
||||||
|
getFlag()
|
||||||
|
|||||||
59
Day 13/NotesBean.java
Normal file
59
Day 13/NotesBean.java
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
package com.jwt.jsf.bean;
|
||||||
|
import org.apache.commons.collections4.trie.PatriciaTrie;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.InputStream;
|
||||||
|
import java.io.Serializable;
|
||||||
|
import java.io.StringWriter;
|
||||||
|
|
||||||
|
import javax.faces.bean.ManagedBean;
|
||||||
|
import javax.faces.bean.SessionScoped;
|
||||||
|
import static org.apache.commons.lang3.StringEscapeUtils.unescapeJava;
|
||||||
|
import org.apache.commons.io.IOUtils;
|
||||||
|
|
||||||
|
@ManagedBean(name="notesBean")
|
||||||
|
@SessionScoped
|
||||||
|
public class NotesBean implements Serializable {
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
private PatriciaTrie<Integer> trie = init();
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
private static final String securitytoken = "auth_token_4835989";
|
||||||
|
|
||||||
|
public NotesBean() {
|
||||||
|
super();
|
||||||
|
init();
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getTrie() throws IOException {
|
||||||
|
if(isAdmin(trie)) {
|
||||||
|
InputStream in=getStreamFromResourcesFolder("data/flag.txt");
|
||||||
|
StringWriter writer = new StringWriter();
|
||||||
|
IOUtils.copy(in, writer, "UTF-8");
|
||||||
|
String flag = writer.toString();
|
||||||
|
|
||||||
|
return flag;
|
||||||
|
}
|
||||||
|
return "INTRUSION WILL BE REPORTED!";
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTrie(String note) {
|
||||||
|
trie.put(unescapeJava(note), 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
private static PatriciaTrie<Integer> init(){
|
||||||
|
PatriciaTrie<Integer> trie = new PatriciaTrie<Integer>();
|
||||||
|
trie.put(securitytoken,0);
|
||||||
|
return trie;
|
||||||
|
}
|
||||||
|
|
||||||
|
private static boolean isAdmin(PatriciaTrie<Integer> trie){
|
||||||
|
return !trie.containsKey(securitytoken);
|
||||||
|
}
|
||||||
|
|
||||||
|
private static InputStream getStreamFromResourcesFolder(String filePath) {
|
||||||
|
return Thread.currentThread().getContextClassLoader().getResourceAsStream(filePath);
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user