Beispiel #1
0
    async def attendance(self, command, message):
        if command[0] == 'today':
            cursor.execute(
                "SELECT first_name, last_name FROM attendance a "
                "JOIN (SELECT first_name, last_name, discord_user_id FROM oauth_record GROUP BY school_email) o "
                "ON o.discord_user_id=a.discord_user_id WHERE a.time>? AND a.time<?; ",
                (datetime.date.today() - datetime.timedelta(1),
                 datetime.date.today() + datetime.timedelta(1)))
            res = cursor.fetchall()
            if not res:
                return "Nobody has attended today's meeting",
            reply = ''
            for p in res:
                reply += p[0] + ' ' + p[1] + '\n'
            return split_message(reply)
        if command[0] == 'summary':
            reply = ''
            cursor.execute(
                "SELECT first_name, last_name, count() as total, sum(a.effective) as effective FROM attendance a "
                "JOIN (SELECT first_name, last_name, discord_user_id FROM oauth_record GROUP BY school_email) o "
                "ON o.discord_user_id=a.discord_user_id GROUP BY a.discord_user_id ORDER BY effective DESC, total DESC"
            )
            res = cursor.fetchall()
            for first_name, last_name, total, effective in res:
                reply += '{name:<20} {effective:>4} (actual {total:>2})\n'.format(
                    name=first_name + ' ' + last_name,
                    effective=int(effective) if effective %
                    1 == 0 else round(effective, 1),
                    total=total)

            return split_message(reply, '```')
        else:
            return await super().attendance(command, message)
Beispiel #2
0
    async def attendance(self, command, message) -> tuple:
        username = f'{message.author.name}#{message.author.discriminator}'
        if command[0] == 'status':
            cursor.execute(
                'SELECT sum(effective), count() FROM attendance where discord_username=?',
                (username, ))
            res = cursor.fetchone()  # only one row will be returned
            if res[1] == 0:
                return 'You have not attended any meeting this year.',
            if res[0] == res[1]:
                return f"You have attended {res[1]} meeting{'s' if res[1]>1 else ''} this year.",
            return f"You have attended {res[1]} meeting{'s' if res[1]>1 else ''} this year, which count{'s' if res[1]==1 else ''} as {res[0]} meetings with bonuses.",

        elif command[0] == 'list':
            cursor.execute(
                'SELECT time, effective FROM attendance where discord_username=?',
                (username, ))
            res = cursor.fetchall()
            reply = 'You have attended the following meetings:\n'
            for att in res:
                reply += att[0].split()[0]
                if att[1] != 1:
                    reply += f' (counts as {att[1]} meetings)'
                reply += '\n'
            return split_message(reply)
        else:
            return self.unrecognized_command(command[0]),
Beispiel #3
0
async def exploit():
    login = os.urandom(5).hex()
    flag = os.urandom(10).hex() + '=='

    async with API(HOSTNAME) as api:
        pub_key = await get_pub_key(api, login)
        s, h = await put_flag(api, login, flag)

        print('Real signature:', s.hex())
        print('Flag:', flag)

        parts = list(split_message(h, 8, 18))
        signature = split_signature(s, 16 * 2)

        fake_signature = []
        for i in range(len(parts) - 2):
            test_flag = await brute(i, parts)
            test_s, test_h = await put_flag(api, login, test_flag)
            fake_signature.append(split_signature(test_s, 16 * 2)[i])
        fake_signature.extend(split_signature(test_s, 16 * 2)[-2:])
        fake_signature = b''.join(fake_signature)

        print('Fake signature:', fake_signature.hex())
        print('Recovered?', fake_signature == s)
        recovered_flag = await get_flag(api, login, fake_signature.hex(),
                                        h.hex())
        print('Flag from service:', recovered_flag)
Beispiel #4
0
def create_meme(message, text, ban):
    print(ban)
    if ban:
        text = 'nao introsa vc ta banido parça'
    background = random.choice(caveras)
    image = Image.open('blank_cavera/' + background)
    draw = ImageDraw.Draw(image)
    width, height = image.size
    font_size = int(width / 10)
    #print(font_name)
    x, y = (width / 2), 200
    white = 'rgb(255, 255, 255)'
    print(text)
    texts = split_message(text)
    for line in texts:
        font_name = random.choice(fonts)
        font = ImageFont.truetype(font_name,
                                  size=font_size + random.randint(-20, 20))
        a, b, c = random.randint(0, 255), random.randint(0,
                                                         255), random.randint(
                                                             0, 255)
        color = 'rgb(%d, %d, %d)' % (a, b, c)
        diff = len(line) * font_size / 4 + random.randint(-100, 100)
        draw_border(draw, line, font, white, x - diff, y)
        draw.text((x - diff, y), line, fill=color, font=font)
        y += 60
    name = get_random_string(10) + '.png'
    image.save('caveroes/' + name)
    return name
Beispiel #5
0
async def brute(i, parts):
    part = parts[i]
    while True:
        data = os.urandom(10).hex()
        note_hash = md5(dumps({'data': data}).encode()).digest()
        test_parts = list(split_message(note_hash, 8, 18))
        if test_parts[i] == part:
            return data
Beispiel #6
0
    async def email(self, command: list, message: discord.Message) -> list:
        if command[0] == 'list':
            cursor.execute('SELECT DISTINCT school_email FROM oauth_record')
            reply = ''
            for res in cursor.fetchall():
                reply += res[0] + '\n'
        else:
            reply = self.unrecognized_command(command[0])

        return split_message(reply)
Beispiel #7
0
    async def sql(self, command: list, message: discord.Message) -> list:
        command = list(map(lambda s: s.lower(), command))
        try:
            if 'select' not in command or any(
                    kw in command
                    for kw in ('update', 'insert', 'drop', 'alter', 'table',
                               'into', 'create', 'value')):
                reply = "Only SELECT statement is allowed. Please, don't try to break the server...because you will."
            else:
                cursor.execute(' '.join(command))
                reply = str(' '.join(col[0] for col in cursor.description) +
                            '\n' + '\n'.join(map(str, (cursor.fetchall()))))
        except:
            reply = str(traceback.format_exc())

        return split_message(reply, enclose_in='```')
Beispiel #8
0
 async def attendance(self, command, message):
     if command[0] == 'today':
         cursor.execute(
             "SELECT first_name, last_name FROM attendance a "
             "JOIN (SELECT first_name, last_name, discord_username FROM oauth_record GROUP BY school_email) o "
             "ON o.discord_username=a.discord_username WHERE a.time>? AND a.time<?; ",
             (datetime.date.today() - datetime.timedelta(1),
              datetime.date.today() + datetime.timedelta(1)))
         res = cursor.fetchall()
         if not res:
             return "Nobody has attended today's meeting",
         reply = ''
         for p in res:
             reply += p[0] + ' ' + p[1] + '\n'
         return split_message(reply)
     else:
         return await super().attendance(command, message)
Beispiel #9
0
    async def meeting(self, command: list, message: discord.Message) -> list:
        global attendance_key, effective_meeting_count
        if command[0] == 'begin':
            attendance_key = secrets.token_hex(3)
            try:
                effective_meeting_count = int(command[1])
            except (IndexError, ValueError):
                pass

            reply = 'Attendance key: `%s`' % attendance_key
        elif command[0] == 'end':
            attendance_key = secrets.token_hex(64)
            effective_meeting_count = 1
            reply = 'Meeting is over. Attendance key revoked.'
        else:
            reply = self.unrecognized_command(command[0])
        return split_message(reply)
Beispiel #10
0
def split(message):
    global category_2
    global categories
    global category
    with open('categories', 'r') as configfile:
        categories = json.load(configfile)
    price, category, category_3 = utils.split_message(message.text)
    spending['date'] = date
    spending['price'] = price
    spending['category'] = category
    spending['category_3'] = category_3

    category_2 = utils.define_category_2(category, categories)
    if not category_2:
        bot.send_message(
            message.chat.id,
            'Такой траты еще не было, создай новую категорию (/create) '
            'или добавь в существующую (/add)!')
        bot.register_next_step_handler_by_chat_id(message, define_next_step)
    else:
        spending['category_2'] = category_2
        utils.insert(spending['date'], spending['price'], spending['category'],
                     spending['category_2'], spending['category_3'],
                     config.database_name)