KHepYxHH

· 7 years ago · Dec 15, 2018, 08:44 AM
1from flask import Flask, request, render_template, abort, jsonify, session
2import json, hashlib, os
3FLAG = "FLAG" if not os.path.exists("/opt/flag") else open("/opt/flag").read().strip()
4app = Flask(__name__)
5app.secret_key = 'secret_key'
6class Match:
7    def __init__(self, _id,home,away,score,date,id):
8        self.__prev = _id
9        self.home = home
10        self.home_goal = int(score[0])
11        self.away_goal = int(score[2])
12        self.away = away
13        self.score = score
14        self.date = date
15        self.id = id
16    def getPrev(self):
17        return self.__prev
18
19matchces = """
20W3siaG9tZSI6IlN5cmlhIiwiYXdheSI6IlZpZXRuYW0iLCJzY29yZSI6IjA6MSIsImRhdGUiOiIy
21NyBBdWd1c3QifSx7ImhvbWUiOiJVemJla2lzdGFuIiwiYXdheSI6IlNvdXRoIEtvcmVhIiwic2Nv
22cmUiOiIzOjQiLCJkYXRlIjoiMjcgQXVndXN0ICJ9LAogICAgICAgICAgICAgeyJob21lIjoiU2F1
23ZGkgQXJhYmlhIiwiYXdheSI6IkphcGFuIiwic2NvcmUiOiIxOjIiLCJkYXRlIjoiMjcgQXVndXN0
24In0seyJob21lIjoiVW5pdGVkIEFyYWIgRW1pcmF0ZXMiLCJhd2F5IjoiTm9ydGggS29yZWEiLCJz
25Y29yZSI6IjE6MSIsImRhdGUiOiIyNyBBdWd1c3QifSwKICAgICAgICAgICAgIHsiaG9tZSI6ICJW
26aWV0bmFtIiwgImF3YXkiOiAiU291dGggS29yZWEiLCAic2NvcmUiOiAiMTozIiwgImRhdGUiOiAi
27MjkgQXVndXN0In0seyJob21lIjoiSmFwYW4iLCJhd2F5IjoiVW5pdGVkIEFyYWIgRW1pcmF0ZXMi
28LCJzY29yZSI6IjE6MCIsImRhdGUiOiIyOSBBdWd1c3QifSwKICAgICAgICAgICAgIHsiaG9tZSI6
29ICJWaWV0bmFtIiwgImF3YXkiOiAiVW5pdGVkIEFyYWIgRW1pcmF0ZXMiLCAic2NvcmUiOiAiMTox
30IiwgImRhdGUiOiAiMSBTZXB0ZW1iZXIifSwKICAgICAgICAgICAgIHsiaG9tZSI6ICJTb3V0aCBL
31b3JlYSIsICJhd2F5IjogIkphcGFuIiwgInNjb3JlIjogIjI6MSIsICJkYXRlIjogIjEgU2VwdGVt
32YmVyIn1d
33"""
34def init():
35    Matches = []
36    hm = {}
37    m = Match(None,None,None,"0:0",None,"123" if not os.path.exists("/opt/id") else open("/opt/id").read().strip())
38    Matches.append(m)
39    prev_hash = Matches[0].id
40    hm[m.id] = m
41    for match in matchces:
42        match['__prev'] = prev_hash
43        block_serialized = json.dumps(match, sort_keys=True).encode('utf-8')
44        block_hash = hashlib.sha256(block_serialized).hexdigest()
45        prev_hash = block_hash
46        m =  Match(match['__prev'],match['home'],match['away'],match['score'],match['date'],prev_hash)
47        Matches.append(m)
48        hm[prev_hash] = m
49    return Matches, hm
50
51
52
53def checkVNvodich(rr, hm):
54    try:
55        rr = rr[::-1]
56        r = rr[0]
57        cnt = 0
58        while r.home is not None:
59            print r.home, r.away, r.score, r.getPrev(), r.id
60            r = hm[r.getPrev()]
61            cnt += 1
62            if cnt > 10: # avoid infinity loop
63                break
64        if cnt == 8:
65            if "Vietnam" == rr[0].home and rr[0].home_goal > rr[0].away_goal:
66                return True
67            elif "Vietnam" == rr[0].away and rr[0].home_goal < rr[0].away_goal:
68                return True
69        return False
70    except:
71        return False
72matchces = json.loads(matchces.decode('base64'))
73res, hm = init()
74
75@app.errorhandler(500)
76def custom500(error):
77    return str(error), 500
78
79@app.route('/')
80def index():
81    print res[0].id
82    if "state" not in session.keys():
83        session['state'] = res[-1].id
84    else:
85        if request.args.get('state') is not None and request.args.get('state') == res[0].id: #thay request.args['state'] thanh session['state'] thi co lam dc khong ?
86            global matchces
87            try:
88                matchces = json.loads(request.args.get("data").decode("base64"))
89                rr, hm = init()
90                if checkVNvodich(rr, hm):
91                    return FLAG
92            except:
93                pass
94    return render_template('index.html',res=res)
95
96def getInfo(match, field):
97    val = getattr(match, field, None)
98    if val != None:
99        return val
100    else:
101        return "None"
102
103@app.route("/info/<id>")
104def getinfo(id):
105    match = None
106    for r in res:
107        if r.id == id:
108            match = r
109            break
110    if "field" in request.args.keys():
111        return jsonify(data = getInfo(match,request.args.get("field")))
112    elif match is not None:
113        return jsonify(id=match.id, home=match.home, away=match.away,score= match.score,date=match.date)
114    return jsonify("No data")
115
116@app.route("/files/<path:file>", methods=["GET"])
117def getFile(file):
118    path = app.root_path + "/" + file
119    if not os.path.abspath(path).startswith(app.root_path):
120        return "IFL ??"
121    return open(path,'rb').read()
122
123if __name__ == "__main__":
124    app.run(host="0.0.0.0")