每日思考一遍人生,还是要学习的
0x01 web
1、计算器-1
源码:
1 #!/usr/bin/env python3 2 # -*- coding: utf-8 -*- 3 from flask import Flask, render_template, request,session 4 from config import black_list,create 5 import os 6 app = Flask(__name__) 7 app.config['SECRET_KEY'] = os.urandom(24) 8 ## flag is in /flag try to get it 9 @app.route('/', methods=['GET', 'POST']) 10 def index(): 11 def filter(string): 12 for black_word in black_list: 13 if black_word in string: 14 return "hack" 15 return string 16 if request.method == 'POST': 17 input = request.form['input'] 18 create_question = create() 19 input_question = session.get('question') 20 session['question'] = create_question 21 if input_question==None: 22 return render_template('index.html', answer="Invalid session please try again!", question=create_question) 23 if filter(input)=="hack": 24 return render_template('index.html', answer="hack", question=create_question) 25 try: calc_result = str((eval(input_question + "=" + str(input)))) 26 if calc_result == 'True': 27 result = "Congratulations" 28 elif calc_result == 'False': 29 result = "Error" 30 else: 31 result = "Invalid" 32 except: 33 result = "Invalid" 34 return render_template('index.html', answer=result,question=create_question) 35 36 if request.method == 'GET': 37 create_question = create() 38 session['question'] = create_question 39 return render_template('index.html',question=create_question) 40 41 @app.route('/source') 42 def source(): 43 return open("app.py", "r").read() 44 if __name__ == '__main__': 45 app.run(host="0.0.0.0", debug=False)