async def attendance(self, command, message): if command[0] == 'today': cursor.execute( "SELECT first_name, last_name FROM attendance a " "JOIN (SELECT first_name, last_name, discord_user_id FROM oauth_record GROUP BY school_email) o " "ON o.discord_user_id=a.discord_user_id WHERE a.time>? AND a.time<?; ", (datetime.date.today() - datetime.timedelta(1), datetime.date.today() + datetime.timedelta(1))) res = cursor.fetchall() if not res: return "Nobody has attended today's meeting", reply = '' for p in res: reply += p[0] + ' ' + p[1] + '\n' return split_message(reply) if command[0] == 'summary': reply = '' cursor.execute( "SELECT first_name, last_name, count() as total, sum(a.effective) as effective FROM attendance a " "JOIN (SELECT first_name, last_name, discord_user_id FROM oauth_record GROUP BY school_email) o " "ON o.discord_user_id=a.discord_user_id GROUP BY a.discord_user_id ORDER BY effective DESC, total DESC" ) res = cursor.fetchall() for first_name, last_name, total, effective in res: reply += '{name:<20} {effective:>4} (actual {total:>2})\n'.format( name=first_name + ' ' + last_name, effective=int(effective) if effective % 1 == 0 else round(effective, 1), total=total) return split_message(reply, '```') else: return await super().attendance(command, message)
async def attendance(self, command, message) -> tuple: username = f'{message.author.name}#{message.author.discriminator}' if command[0] == 'status': cursor.execute( 'SELECT sum(effective), count() FROM attendance where discord_username=?', (username, )) res = cursor.fetchone() # only one row will be returned if res[1] == 0: return 'You have not attended any meeting this year.', if res[0] == res[1]: return f"You have attended {res[1]} meeting{'s' if res[1]>1 else ''} this year.", return f"You have attended {res[1]} meeting{'s' if res[1]>1 else ''} this year, which count{'s' if res[1]==1 else ''} as {res[0]} meetings with bonuses.", elif command[0] == 'list': cursor.execute( 'SELECT time, effective FROM attendance where discord_username=?', (username, )) res = cursor.fetchall() reply = 'You have attended the following meetings:\n' for att in res: reply += att[0].split()[0] if att[1] != 1: reply += f' (counts as {att[1]} meetings)' reply += '\n' return split_message(reply) else: return self.unrecognized_command(command[0]),
async def exploit(): login = os.urandom(5).hex() flag = os.urandom(10).hex() + '==' async with API(HOSTNAME) as api: pub_key = await get_pub_key(api, login) s, h = await put_flag(api, login, flag) print('Real signature:', s.hex()) print('Flag:', flag) parts = list(split_message(h, 8, 18)) signature = split_signature(s, 16 * 2) fake_signature = [] for i in range(len(parts) - 2): test_flag = await brute(i, parts) test_s, test_h = await put_flag(api, login, test_flag) fake_signature.append(split_signature(test_s, 16 * 2)[i]) fake_signature.extend(split_signature(test_s, 16 * 2)[-2:]) fake_signature = b''.join(fake_signature) print('Fake signature:', fake_signature.hex()) print('Recovered?', fake_signature == s) recovered_flag = await get_flag(api, login, fake_signature.hex(), h.hex()) print('Flag from service:', recovered_flag)
def create_meme(message, text, ban): print(ban) if ban: text = 'nao introsa vc ta banido parça' background = random.choice(caveras) image = Image.open('blank_cavera/' + background) draw = ImageDraw.Draw(image) width, height = image.size font_size = int(width / 10) #print(font_name) x, y = (width / 2), 200 white = 'rgb(255, 255, 255)' print(text) texts = split_message(text) for line in texts: font_name = random.choice(fonts) font = ImageFont.truetype(font_name, size=font_size + random.randint(-20, 20)) a, b, c = random.randint(0, 255), random.randint(0, 255), random.randint( 0, 255) color = 'rgb(%d, %d, %d)' % (a, b, c) diff = len(line) * font_size / 4 + random.randint(-100, 100) draw_border(draw, line, font, white, x - diff, y) draw.text((x - diff, y), line, fill=color, font=font) y += 60 name = get_random_string(10) + '.png' image.save('caveroes/' + name) return name
async def brute(i, parts): part = parts[i] while True: data = os.urandom(10).hex() note_hash = md5(dumps({'data': data}).encode()).digest() test_parts = list(split_message(note_hash, 8, 18)) if test_parts[i] == part: return data
async def email(self, command: list, message: discord.Message) -> list: if command[0] == 'list': cursor.execute('SELECT DISTINCT school_email FROM oauth_record') reply = '' for res in cursor.fetchall(): reply += res[0] + '\n' else: reply = self.unrecognized_command(command[0]) return split_message(reply)
async def sql(self, command: list, message: discord.Message) -> list: command = list(map(lambda s: s.lower(), command)) try: if 'select' not in command or any( kw in command for kw in ('update', 'insert', 'drop', 'alter', 'table', 'into', 'create', 'value')): reply = "Only SELECT statement is allowed. Please, don't try to break the server...because you will." else: cursor.execute(' '.join(command)) reply = str(' '.join(col[0] for col in cursor.description) + '\n' + '\n'.join(map(str, (cursor.fetchall())))) except: reply = str(traceback.format_exc()) return split_message(reply, enclose_in='```')
async def attendance(self, command, message): if command[0] == 'today': cursor.execute( "SELECT first_name, last_name FROM attendance a " "JOIN (SELECT first_name, last_name, discord_username FROM oauth_record GROUP BY school_email) o " "ON o.discord_username=a.discord_username WHERE a.time>? AND a.time<?; ", (datetime.date.today() - datetime.timedelta(1), datetime.date.today() + datetime.timedelta(1))) res = cursor.fetchall() if not res: return "Nobody has attended today's meeting", reply = '' for p in res: reply += p[0] + ' ' + p[1] + '\n' return split_message(reply) else: return await super().attendance(command, message)
async def meeting(self, command: list, message: discord.Message) -> list: global attendance_key, effective_meeting_count if command[0] == 'begin': attendance_key = secrets.token_hex(3) try: effective_meeting_count = int(command[1]) except (IndexError, ValueError): pass reply = 'Attendance key: `%s`' % attendance_key elif command[0] == 'end': attendance_key = secrets.token_hex(64) effective_meeting_count = 1 reply = 'Meeting is over. Attendance key revoked.' else: reply = self.unrecognized_command(command[0]) return split_message(reply)
def split(message): global category_2 global categories global category with open('categories', 'r') as configfile: categories = json.load(configfile) price, category, category_3 = utils.split_message(message.text) spending['date'] = date spending['price'] = price spending['category'] = category spending['category_3'] = category_3 category_2 = utils.define_category_2(category, categories) if not category_2: bot.send_message( message.chat.id, 'Такой траты еще не было, создай новую категорию (/create) ' 'или добавь в существующую (/add)!') bot.register_next_step_handler_by_chat_id(message, define_next_step) else: spending['category_2'] = category_2 utils.insert(spending['date'], spending['price'], spending['category'], spending['category_2'], spending['category_3'], config.database_name)