$ nikto -h http://188.166.168.204:30287/
+ Server: Werkzeug/1.0.1 Python/2.7.17
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Allowed HTTP Methods: HEAD, OPTIONS, GET
+ 7929 requests: 12 error(s) and 4 item(s) reported on remote host
$ dirb http://206.189.121.131:32402/
---- Scanning URL: http://206.189.121.131:32402/ ----
+ http://206.189.121.131:32402/debug (CODE:200|SIZE:1989)
PHPSESSID:"Tzo5OiJQYWdlTW9kZWwiOjE6e3M6NDoiZmlsZSI7czoxNToiL3d3dy9pbmRleC5odG1sIjt9"
O:9:"PageModel":1:{s:4:"file";s:15:"/www/index.html";}
session:".eJyrVsrMSy9KTclMzStRsqpWUkhSslJKzC0xSDTKMU12zzBITre1VarVUcpNTSwuLUrNBaorhiv0DQks8g8EKagFAHZ9F4U.YJVK2g.bTugHHBejj9PAauvCwc1HnX3eWw"
{"ingredient":{" b":"amt0a2l5cGh0cg=="},"measurements":{" b":"MTQrOQ=="}}
amt0a2l5cGh0cg== / jktkiyphtr ; MTQrOQ== / 14+9
http://206.189.121.131:32402/debug
from flask import Flask, Response, session, render_template
import functools, random, string, os, re
app = Flask(__name__)
app.config['SECRET_KEY'] = os.environ.get('SECRET_KEY', 'tlci0GhK8n5A18K1GTx6KPwfYjuuftWw')
def calc(recipe):
global garage
builtins, garage = {'__builtins__': None}, {}
try: exec(recipe, builtins, garage)
except: pass
def GFW(func): # Great Firewall of the observable universe and it's infinite timelines
@functools.wraps(func)
def federation(*args, **kwargs):
ingredient = session.get('ingredient', None)
measurements = session.get('measurements', None)
recipe = '%s = %s' % (ingredient, measurements)
if ingredient and measurements and len(recipe) >= 20:
regex = re.compile('|'.join(map(re.escape, ['[', '(', '_', '.'])))
matches = regex.findall(recipe)
if matches:
return render_template('index.html', blacklisted='Morty you dumbass: ' + ', '.join(set(matches)))
if len(recipe) > 300:
return func(*args, **kwargs) # ionic defibulizer can't handle more bytes than that
calc(recipe)
# return render_template('index.html', calculations=garage[ingredient])
return func(*args, **kwargs) # rick deterrent
ingredient = session['ingredient'] = ''.join(random.choice(string.lowercase) for _ in xrange(10))
measurements = session['measurements'] = ''.join(map(str, [random.randint(1, 69), random.choice(['+', '-', '*']), random.randint(1,69)]))
calc('%s = %s' % (ingredient, measurements))
return render_template('index.html', calculations=garage[ingredient])
return federation
@app.route('/')
@GFW
def index():
return render_template('index.html')
@app.route('/debug')
def debug():
return Response(open(__file__).read(), mimetype='text/plain')
if __name__ == '__main__':
app.run('0.0.0.0', port=1337)