forked from wonderkun/CTF_web
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
207 changed files
with
42,377 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| FROM 0kami/web:apache2_php5_auto | ||
|
|
||
| MAINTAINER wh1t3P1g <https://github.com/0kami> | ||
|
|
||
| COPY source /var/www/html | ||
| COPY flag /etc | ||
|
|
||
| RUN chmod -R 755 /var/www/html \ | ||
| && chmod -R 777 /var/www/html/runtime \ | ||
| && chmod -R 777 /var/www/html/public \ | ||
| && chmod 777 /var/www/html/application/database.php \ | ||
| && rm /var/www/html/index.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| version: "3" | ||
| services: | ||
| web1: | ||
| build: "." | ||
| ports: | ||
| - "80:80" | ||
| links: | ||
| - mysql | ||
| depends_on: | ||
| - mysql | ||
| mysql: | ||
| image: "mysql:5.6" | ||
| environment: | ||
| MYSQL_ROOT_PASSWORD: "465b236607c695f3" # 修改数据库密码 | ||
| TZ: 'Asia/Shanghai' | ||
| command: ['mysqld', '--character-set-server=utf8'] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| purple{Th1nkPhp_1s_v4rY_S4f3} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| <IfModule mod_rewrite.c> | ||
| Options +FollowSymlinks | ||
| RewriteEngine On | ||
|
|
||
| RewriteCond %{REQUEST_FILENAME} !-d | ||
| RewriteCond %{REQUEST_FILENAME} !-f | ||
| RewriteRule ^(.*)$ index.php/$1 [QSA,PT,L] | ||
| </IfModule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| deny from all |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| <?php | ||
| // +---------------------------------------------------------------------- | ||
| // | ThinkPHP [ WE CAN DO IT JUST THINK ] | ||
| // +---------------------------------------------------------------------- | ||
| // | Copyright (c) 2006-2016 http://thinkphp.cn All rights reserved. | ||
| // +---------------------------------------------------------------------- | ||
| // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) | ||
| // +---------------------------------------------------------------------- | ||
| // | Author: yunwuxin <[email protected]> | ||
| // +---------------------------------------------------------------------- | ||
|
|
||
| return []; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,135 @@ | ||
| <?php | ||
| // +---------------------------------------------------------------------- | ||
| // | ThinkPHP [ WE CAN DO IT JUST THINK ] | ||
| // +---------------------------------------------------------------------- | ||
| // | Copyright (c) 2006-2016 http://thinkphp.cn All rights reserved. | ||
| // +---------------------------------------------------------------------- | ||
| // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) | ||
| // +---------------------------------------------------------------------- | ||
| // | Author: 流年 <[email protected]> | ||
| // +---------------------------------------------------------------------- | ||
|
|
||
| // 应用公共文件 | ||
| define('CS',md5(base64_encode($_SERVER['HTTP_HOST']))); | ||
|
|
||
| function init(){ | ||
| $args[] = 'mysql'; | ||
| $args[] = 'mysql'; | ||
| $args[] = 'root'; | ||
| $args[] = '465b236607c695f3'; | ||
| $args[] = '3306'; | ||
| if(check_database_connection($args)){ | ||
| file_put_contents('public/init.lock','1'); | ||
| } | ||
| } | ||
|
|
||
| function generate_database_file($request){ | ||
|
|
||
| $tpl = file_get_contents("application/install/config.tpl"); | ||
| $tpl = str_replace("[type]",$request->post('dbtype','','htmlspecialchars'),$tpl); | ||
| $tpl = str_replace("[hostname]",$request->post('dbhost','','htmlspecialchars'),$tpl); | ||
| $tpl = str_replace("[username]",$request->post('dbuser','','htmlspecialchars'),$tpl); | ||
| $tpl = str_replace("[password]",$request->post('dbpass','','htmlspecialchars'),$tpl); | ||
| $tpl = str_replace("[hostport]",$request->post('dbport','','htmlspecialchars'),$tpl); | ||
| file_put_contents("application/database.php",$tpl); | ||
| file_put_contents("public/install.lock","1"); | ||
|
|
||
| } | ||
|
|
||
| function check_database_connection($args){ | ||
|
|
||
| try{ | ||
| $db = new mysqli($args[1],$args[2],$args[3]); | ||
| $db->query("CREATE DATABASE IF NOT EXISTS `thinkphp`;"); | ||
| $db = \think\Db::connect([ | ||
| // 数据库类型 | ||
| 'type' => $args[0], | ||
| // 数据库连接DSN配置 | ||
| 'dsn' => '', | ||
| // 服务器地址 | ||
| 'hostname' => $args[1], | ||
| // 数据库名 | ||
| 'database' => 'thinkphp', | ||
| // 数据库用户名 | ||
| 'username' => $args[2], | ||
| // 数据库密码 | ||
| 'password' => $args[3], | ||
| // 数据库连接端口 | ||
| 'hostport' => $args[4], | ||
| // 数据库连接参数 | ||
| 'params' => [], | ||
| // 数据库编码默认采用utf8 | ||
| 'charset' => 'utf8', | ||
| // 数据库表前缀 | ||
| 'prefix' => 'think_', | ||
| ]); | ||
| $db->execute("DROP TABLE IF EXISTS `think_notes`;"); | ||
| $db->execute("CREATE TABLE `think_notes` ( | ||
| `userid` int(11) DEFAULT NULL, | ||
| `content` varchar(255) DEFAULT NULL, | ||
| `id` int(11) NOT NULL AUTO_INCREMENT, | ||
| PRIMARY KEY (`id`) | ||
| ) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;"); | ||
| $db->execute("DROP TABLE IF EXISTS `think_users`;"); | ||
| $db->execute("CREATE TABLE `think_users` ( | ||
| `username` varchar(255) DEFAULT NULL, | ||
| `password` varchar(255) DEFAULT NULL, | ||
| `id` int(11) NOT NULL AUTO_INCREMENT, | ||
| PRIMARY KEY (`id`) | ||
| ) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=utf8;"); | ||
| return true; | ||
| }catch(\Exception $e){ | ||
| return false; | ||
| } | ||
| } | ||
|
|
||
|
|
||
| function getSessionUser() | ||
| { | ||
| $info = decode(\think\Cookie::get('info')); | ||
| if(is_array($info) && isset($info['username']) && isset($info['password'])){ | ||
| $user = \think\Db::name('users') | ||
| ->where('username','=',$info['username']) | ||
| ->where('password','=',$info['password']) | ||
| ->find(); | ||
| \think\Session::set('privilege',$user['id']); | ||
| \think\Session::set('username',$user['username']); | ||
| \think\Cookie::set('info',encode($user)); | ||
| return $user['id']; | ||
| } | ||
| unset($info); | ||
| return null; | ||
| } | ||
|
|
||
| function decode($info) | ||
| { | ||
| $key = CS; | ||
| $info = urldecode($info); | ||
| $kl = strlen($key); | ||
| $il = strlen($info); | ||
| for($i = 0; $i < $il; $i++) | ||
| { | ||
| $p = $i%$kl; | ||
| $info[$i] = chr(ord($info[$i])-ord($key[$p])); | ||
| } | ||
| $info = unserialize($info); | ||
| return $info; | ||
| } | ||
|
|
||
| function encode($info) | ||
| { | ||
| $info = serialize($info); | ||
| $key = CS; | ||
| $kl = strlen($key); | ||
| $il = strlen($info); | ||
| for($i = 0; $i < $il; $i++) | ||
| { | ||
| $p = $i%$kl; | ||
| $info[$i] = chr(ord($info[$i])+ord($key[$p])); | ||
| } | ||
| return urlencode($info); | ||
| } | ||
|
|
||
| if(!file_exists('public/init.lock')){ | ||
| init(); | ||
| } |
Oops, something went wrong.