-
Notifications
You must be signed in to change notification settings - Fork 3
/
flask-vuln.py
75 lines (58 loc) · 1.66 KB
/
flask-vuln.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from flask import Flask, request, redirect
import re
app = Flask(__name__)
def template(fname):
name=request.args.get('name','')
with open(fname, 'r') as myfile:
data=myfile.read().replace('\n', '')
content=re.sub('\$name', name, data)
return content
@app.route("/")
def xss():
return template('index.html')
# Notice: this may be extremely dangerous if you are running this on your own computer.
@app.route("/bonus")
def bonus():
fname = request.args.get('name')
fname = re.sub('[\/*?]','',fname)
with open(fname, 'r') as myfile:
data=myfile.read().replace('\n', '')
return data
@app.route("/xss5")
def xss5():
return template('xss5.html')
@app.route("/myson")
def myson():
jsonni = request.args.get('name')
jsonni = re.sub('[":{},]','',jsonni)
return '{"name": "' + jsonni + '"}'
@app.route("/xss1")
def xss1():
f = '<html><body>Mighty ' + request.args.get('name') + ', compose your email now:'
g = """
<form>To: <input type='text'></input><br>
Subject: <input type='text'></input><br>
Content: <textarea></textarea><br>
<input type="button" value="Send!"/>
</form></body></html>
"""
return f + g
@app.route("/xss2")
def xss2():
return template('xss2.html')
@app.route("/xss3")
def xss3():
return template('xss3.html')
@app.route("/xss4")
def xss4():
return template('xss4.html')
@app.route("/deepest-secret")
def innermystery():
return template('innermystery.txt')
@app.route("/mystery")
def mystery():
return redirect(request.args.get('name'), code=302)
if __name__ == "__main__":
app.run(host='0.0.0.0')