Beispiel #1
0
def board_list(board, page):
    if (board not in boards or security.check_hack(board)
            or not security.is_valid(r'[a-zA-Z0-9_-]+', board)
            or page > maxint):
        return abort(400, '')

    return render_template(board + '.html', board=board, page=page)
Beispiel #2
0
def board_read(board, no):
    if (board not in boards or security.check_hack(board)
            or not security.is_valid(r'[a-zA-Z0-9_-]+', board) or no > maxint):
        return abort(400, '')
    article = get_article(board, no)
    if not article:
        return abort(404)

    # Check permission on qna board
    if board == 'qna':
        if not article.get('pinned'):
            user_id = get_user_info(['id'], {
                'uid': article.get('uid')
            }).get('id')
            is_writer = (session.get('user_id') == user_id)
            if not session.get('is_logged'):
                return abort(403, 'You are not logged in!')
            if (not session.get('is_admin')
                    and request.remote_addr != '127.0.0.1' and not is_writer):
                return abort(403, 'You are not admin!')

    # Admin cannot see forum board articles
    if board == 'forum' and session.get('is_admin'):
        article['content'] = 'CANNOT LOAD CONTENT BY SECURITY ISSUE'

    return render_template('board_read.html', article=article, board=board)
Beispiel #3
0
def send():
    if not session.get('is_logged'):
        return abort(403, 'Login please')
    to = request.args.get('to')
    if not to:
        to = ''
    elif (len(to) > 128 or not security.is_valid(r'^@?[a-zA-Z0-9_-]+$', to)):
        return abort(400, '')

    return render_template('message_send.html', to=to)
Beispiel #4
0
def join_check():
    user_id = request.form['user_id'].strip()[:0x80]
    user_name = request.form['user_name'].strip()[:0x20]
    user_pw = request.form['user_pw'].strip()[:0x80]

    if security.check_hack(user_id, user_name, user_pw):
        return abort(400, '')

    ref = request.referrer if request.referrer else '/'
    if not all(
            security.is_valid(r'^[a-zA-Z0-9_-]+$', item)
            for item in [user_id, user_name, user_pw]):
        return render_template('redirect.html',
                               script="""
      <script>
        alert('ID, NAME, PW should be alpha-numeric: [a-zA-Z0-9_-]');
        location.href = '%s';
      </script>
    """ % (escape(ref))), 400

    user_pw = security.crypt(user_pw)
    ip = request.remote_addr

    try:
        insert_user(user_id, user_name, user_pw, ip)
    except:
        return render_template('redirect.html',
                               script="""
      <script>
        alert('ID Already exists!');
        location.href = '%s';
      </script>
    """ % (escape(ref))), 403

    return render_template('redirect.html',
                           script="""
    <script>alert('Welcome %s!');location.href='/login';</script>
  """ % (escape(user_name)))
Beispiel #5
0
def send_check():
    if not session.get('is_logged'):
        return abort(403, 'Login please')

    title = request.form['title'] if request.form.get('title') else 'Untitled'
    content = request.form['content']

    if session.get('user_id') != 'admin':
        content = content.replace('<', '&lt;').replace('>', '&gt;')

    if security.check_hack(title, content):
        return abort(400, '')

    target = request.form['to']
    target_type = ''

    if target[:1] == '@':  # If target identifier is name
        target = target[1:]
        target_type = 'name'
    else:
        target_type = 'id'
    cond = {target_type: target}

    target_info = get_user_info(['uid', 'id', 'name'], cond)
    target_uid = target_info.get('uid')
    if not target_uid:
        return abort(403, 'User not found!')

    sender_result = get_user_info(['uid'], {'id': session.get('user_id')})
    sender_uid = sender_result.get('uid')
    ip = request.remote_addr

    if sender_uid == target_uid:
        return abort(400, 'You cannot send a message to yourself!')

    send_message(sender_uid, target_uid, title, content, ip)

    return render_template('redirect.html',
                           script="""
    <script>
      alert('Send success!');
      location.href = '/message';
    </script>
   """)
Beispiel #6
0
def login_check():
    user_id = request.form['user_id'].strip()
    user_pw = request.form['user_pw'].strip()

    if security.check_hack(user_id, user_pw):
        return abort(400, '')

    if validate_login(user_id, user_pw):
        session['is_logged'] = True
        session['user_id'] = user_id

        name = get_user_info(['name'], {'id': user_id}).get('name')
        session['user_name'] = name

        if user_id == 'admin' and request.remote_addr == '127.0.0.1':
            session['is_admin'] = True

        return redirect('/', code=302)
    else:
        return render_template('redirect.html',
                               script="""
      <script>alert('ID, PW not match!');history.back();</script>
    """), 403
Beispiel #7
0
def message():
    if not session.get('is_logged'):
        return abort(403, 'Login please')
    return render_template('message.html')
Beispiel #8
0
def about():
    return render_template('about.html')
Beispiel #9
0
def service_unavailable(error):
    return render_template('503.html', error=error), 503
Beispiel #10
0
def not_found(error):
    return render_template('404.html', error=error), 404
Beispiel #11
0
def not_allowed(error):
    return render_template('403.html', error=error), 403
Beispiel #12
0
def bad_request(error):
    return render_template('400.html', error=error), 400
Beispiel #13
0
def main():
    return render_template('home.html', chrome_version=get_chrome_version())
Beispiel #14
0
def pricing():
    return render_template('pricing.html')
Beispiel #15
0
def join():
    return render_template('join.html')
Beispiel #16
0
def login():
    return render_template('login.html')
Beispiel #17
0
def board_write_check(board):
    if board not in boards:
        return abort(400, '')

    if not session.get('is_logged'):
        return render_template('redirect.html',
                               script="""
      <script>
        alert('You are not logged in!');
        location = '/login';
      </script>
    """), 403
    # Notice board admin only
    if (board == 'notice' and
        (session.get('user_id') != 'admin' or not session.get('is_admin')
         or request.remote_addr != '127.0.0.1')):
        return abort(403, 'Not that easy LOL')

    title = request.form['title'].replace('<', '').replace('>', '')
    content = request.form['content']

    uid = get_user_info(['uid'], {'id': session.get('user_id')}).get('uid')

    # Limit qna board content length
    if board == 'qna' and len(content) > 180:
        return abort(400, 'Contents length limited to 180 characters!')

    # Abort if input contains malicious payloads
    if security.check_hack(title, content):
        return abort(400, '')
    content = security.purify(content)

    if not uid:
        return abort(400, 'What the hell??')

    ip = request.remote_addr
    write_article(board, title, content, uid, ip)

    # Make bot check article
    if board == 'qna':
        from app import run_bot

        result = run_bot.delay()
        #result.wait()

    # Send flag if hacked
    if (board == 'notice' and title[:10].lower() == 'hacked by '):
        sender_uid = get_user_info(['uid'], {'id': 'admin'}).get('uid')

        target_id = title.lower().split()[-1]
        target_uid = get_user_info(['uid'], {'id': target_id}).get('uid')

        if sender_uid and target_uid:
            flag = giveme_flag()
            html = '''
        <img src="https://i.imgur.com/GYso5uF.jpg" class="img-fluid">
        <br>
        <p>%s</p>
      ''' % (flag)
            send_message(sender_uid, target_uid, 'HERE IS YOUR FLAG!', html,
                         ip)

    return redirect('/' + board, code=302)
Beispiel #18
0
def board_write(board):
    if board not in boards:
        return abort(400, '')
    return render_template('board_write.html', board=board)