def show_post(post_id):
# don't show the about post page
if post_id == 1:
return abort(404)
form = CommentForm()
requested_post = BlogPost.query.get_or_404(post_id)
if not check_admin():
# don't show the hidden post
if requested_post.hidden:
return abort(404)
if not requested_post.views:
requested_post.views = 0
# increment the post views
requested_post.views += 1
db.session.commit()
# if user leave a comment
if form.validate_on_submit():
if current_user.is_authenticated:
comment = Comment(
author_id=current_user.id,
post_id=post_id,
text=form.comment_text.data
)
db.session.add(comment)
db.session.commit()
return redirect(url_for("show_post", post_id=post_id))
# redirect to log in page if not authenticated
flash("You need to log in first before leaving any comments.")
return redirect(url_for("login"))
return render_template("post.html", post=requested_post, form=form, logged_in=current_user.is_authenticated, title=f"{requested_post.title} Arsa Izdihar Islam's Blog")
def get_all_posts():
# get img_url, heading, and subheading for the page
img_url = os.environ.get("HOME_IMG_URL", "https://images.unsplash.com/photo-1519681393784-d120267933ba?ixid=MXwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHw%3D&ixlib=rb-1.2.1&auto=format&fit=crop&w=1950&q=80")
heading = os.environ.get("HOME_HEADING", "Personal Blog of Arsa")
subheading = os.environ.get("HOME_SUBHEADING", "test")
# check for page_number request if there is any
page_number = request.args.get("page_number")
# count total page_number and cut the posts
if not page_number:
page_number = 1
else:
page_number = int(page_number)
posts = BlogPost.query.order_by(BlogPost.id.desc()).all()
if posts:
del posts[-1]
# just show post that isn't hidden
if not check_admin():
posts = [post for post in posts if not post.hidden]
max_page = math.ceil(len(posts) / 5)
next_page = max_page > page_number
prev_page = page_number > 1
return render_template("index.html",
all_posts=posts,
page_number=page_number,
prev_page=prev_page,
next_page=next_page,
logged_in=current_user.is_authenticated,
img_url=img_url,
heading=heading,
subheading=subheading)
def get_files():
"""Get the file that the user owned"""
file_id = request.args.get("file_id")
# delete the file from the database
if file_id:
file_to_delete = File.query.get(file_id)
if file_to_delete.file_owner == current_user or check_admin():
db.session.delete(File.query.get(file_id))
db.session.commit()
# show the file that someone owned even not authenticated
owner_name = request.args.get("owner")
if owner_name:
owner = User.query.filter_by(name=owner_name).first()
if owner:
files = File.query.filter_by(file_owner=owner).order_by("id").all()
return render_template("show_files.html", logged_in=False, files=files)
if current_user.is_authenticated:
files = File.query.filter_by(file_owner=current_user).order_by("id").all()
return render_template("show_files.html", logged_in=True, files=files)
return abort(401)
print(l)
print(a)
val = int(input("Select Offset :> "))
a[val].dump()
def go_offset(self):
self.offset = input("offset :> ")
print("go for %s" % self.offset)
self.proc = self.mw.get_process()
self.address = Address(self.offset, self.proc)
data = self.address.read(type="bytes")
print(int(data))
if __name__ == "__main__":
if check_admin():
tb = TurBoDebugger("ff7")
tb.options()
else:
print("Needs to be run as admin")
import ctypes
import sys
import os
import struct
import admin
import partition
admin.admin_permission() # 관리자 권한 상승 요청 함수
admin.check_admin() # 관리자 권한 여부 확인 함수
if __name__ == '__main__':
handle = open('\\\\.\\PhysicalDrive0', 'rb') # 하드디스크 1을 바이너리 읽기 형식으로 열기
handle.seek(0 * 512) # 현재 위치에서 0으로 이동
mbr = handle.read(0x200) # handle 에서 512Byte 만큼을 읽어와 mbr 변수에 저장
if hex(mbr[510]) == '0x55' and hex(mbr[511]) == '0xaa': # MBR의 Signature 값을 확인 // MBR Signature = 0xAA, 0x55
print("MBR Read Success!")
part_info = [] # 파티션 정보를 저장할 temp list
for i in range(4):
part_info.append(mbr[0x1BE + (i * 0x10): 0x1BE + (i * 0x10) + 0x10]) # 0x1BE부터 시작되는 파티션 테이블의 정보를 part_info 리스트에 저장
for i in range(4):
p = part_info[i]
if hex(p[4]) == '0xF' or hex(p[4]) == '0x5':
partition.ExtendedPartition(p) # 확장 파티션
elif hex(p[4]) != 0:
def index(self):
if check_admin():
return self.render('admin.html')
else:
return redirect(url_for("get_all_posts"))
def is_accessible(self):
return check_admin()