Skip to content

Commit

Permalink
simplify sql
Browse files Browse the repository at this point in the history
  • Loading branch information
@zardus
zardus committed Sep 2, 2024
1 parent 0661b9d commit 7e332fa
Show file tree
Hide file tree
Showing 12 changed files with 15 additions and 15 deletions.
2 changes: 1 addition & 1 deletion web-security/auth-bypass-cookie/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [os.urandom(8)])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [os.urandom(8)])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")

Expand Down
4 changes: 2 additions & 2 deletions web-security/level-10/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ flag = open("/flag").read().strip() if os.getuid() == 0 else "pwn.college{fake_f

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS posts AS SELECT ? AS content, "admin" AS author, FALSE AS published""", [flag])
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [flag])
db.execute("""CREATE TABLE posts AS SELECT ? AS content, "admin" AS author, FALSE AS published""", [flag])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [flag])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")
db.execute("""INSERT INTO users SELECT "hacker" as username, "1337" as password""")
Expand Down
2 changes: 1 addition & 1 deletion web-security/level-3/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [os.urandom(8)])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [os.urandom(8)])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")

Expand Down
2 changes: 1 addition & 1 deletion web-security/level-4/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [os.urandom(8)])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [os.urandom(8)])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")

Expand Down
2 changes: 1 addition & 1 deletion web-security/level-5/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [open("/flag").read()])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [open("/flag").read()])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")

Expand Down
2 changes: 1 addition & 1 deletion web-security/level-6/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ class TemporaryDB:
db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
user_table = f"users_{random.randrange(2**32, 2**33)}"
db.execute(f"""CREATE TABLE IF NOT EXISTS {user_table} AS SELECT "admin" AS username, ? as password""", [open("/flag").read()])
db.execute(f"""CREATE TABLE {user_table} AS SELECT "admin" AS username, ? as password""", [open("/flag").read()])
# https://www.sqlite.org/lang_insert.html
db.execute(f"""INSERT INTO {user_table} SELECT "guest" as username, "password" as password""")

Expand Down
2 changes: 1 addition & 1 deletion web-security/level-7/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [open("/flag").read()])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [open("/flag").read()])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")

Expand Down
2 changes: 1 addition & 1 deletion web-security/sqli-pin/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as pin""", [random.randrange(2**32, 2**63)])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as pin""", [random.randrange(2**32, 2**63)])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, 1337 as pin""")

Expand Down
4 changes: 2 additions & 2 deletions web-security/xss-exfil-cookie/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ flag = open("/flag").read().strip() if os.geteuid() == 0 else "pwn.college{fake_

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS posts AS SELECT ? AS content, "admin" AS author, FALSE AS published""", [flag])
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [flag[-10:]])
db.execute("""CREATE TABLE posts AS SELECT ? AS content, "admin" AS author, FALSE AS published""", [flag])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [flag[-10:]])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")
db.execute("""INSERT INTO users SELECT "hacker" as username, "1337" as password""")
Expand Down
4 changes: 2 additions & 2 deletions web-security/xss-rf-post/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ flag = open("/flag").read().strip() if os.getuid() == 0 else "pwn.college{fake_f

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS posts AS SELECT ? AS content, "admin" AS author, FALSE AS published""", [flag])
db.execute("""CREATE TABLE IF NOT EXISTS users AS SELECT "admin" AS username, ? as password""", [flag])
db.execute("""CREATE TABLE posts AS SELECT ? AS content, "admin" AS author, FALSE AS published""", [flag])
db.execute("""CREATE TABLE users AS SELECT "admin" AS username, ? as password""", [flag])
# https://www.sqlite.org/lang_insert.html
db.execute("""INSERT INTO users SELECT "guest" as username, "password" as password""")
db.execute("""INSERT INTO users SELECT "hacker" as username, "1337" as password""")
Expand Down
2 changes: 1 addition & 1 deletion web-security/xss-stored-alert/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS posts AS SELECT "First Post!" AS content""")
db.execute("""CREATE TABLE posts AS SELECT "First Post!" AS content""")

@app.route("/", methods=["POST"])
def challenge_post():
Expand Down
2 changes: 1 addition & 1 deletion web-security/xss-stored-html/server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class TemporaryDB:

db = TemporaryDB()
# https://www.sqlite.org/lang_createtable.html
db.execute("""CREATE TABLE IF NOT EXISTS posts AS SELECT "First Post!" AS content""")
db.execute("""CREATE TABLE posts AS SELECT "First Post!" AS content""")

@app.route("/", methods=["POST"])
def challenge_post():
Expand Down

0 comments on commit 7e332fa

Please sign in to comment.