Skip to content

Commit 6f236b5

Browse files
XychicCyberSoc-York
Xychic
authored and
CyberSoc-York
committed
Add more challenges
1 parent 203403e commit 6f236b5

File tree

7 files changed

+410
-11
lines changed

7 files changed

+410
-11
lines changed

index.js

Lines changed: 73 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
"use strict";
22
const express = require("express");
33
const path = require("path");
4+
const mysql = require('mysql');
45
const { exec } = require("child_process");
56

67
const app = express();
@@ -9,6 +10,37 @@ const PORT = process.env.PORT || 3000;
910

1011
const pagesDir = path.join(__dirname, "public/");
1112

13+
let connection2 = mysql.createConnection({
14+
host: 'localhost',
15+
user: 'web2',
16+
password: 'HyXrA56ESnzUKrW',
17+
database: 'web2'
18+
19+
});
20+
21+
connection2.connect(function(err) {
22+
if (err) {
23+
return console.error('error: ' + err.message);
24+
}
25+
26+
console.log('Web2 connected to the MySQL server.');
27+
});
28+
29+
let connection3 = mysql.createConnection({
30+
host: 'localhost',
31+
user: 'web3',
32+
password: 'wi8228Sc',
33+
database: 'web3'
34+
});
35+
36+
connection3.connect(function(err) {
37+
if (err) {
38+
return console.error('error: ' + err.message);
39+
}
40+
41+
console.log('Web3 connected to the MySQL server.');
42+
});
43+
1244
app.use(
1345
express.static(path.join(__dirname, "public")),
1446
express.urlencoded({ extended: true })
@@ -18,8 +50,16 @@ app.get("/1", (_, res) => {
1850
return res.sendFile(path.join(pagesDir, "web1.html"));
1951
});
2052

53+
app.get("/2", (_, res) => {
54+
return res.sendFile(path.join(pagesDir, "web2.html"));
55+
});
56+
57+
app.get("/3", (_, res) => {
58+
return res.sendFile(path.join(pagesDir, "web3.html"));
59+
});
60+
2161
app.post("/api", (req, res) => {
22-
const ipAddress = req.body.ipaddress;
62+
const ipAddress = req.body.ipaddress.replaceAll("'", "");
2363

2464
exec(`runuser -l web_user -c '/bin/rbash -r -c "ping -c 1 ${ipAddress}"'`,
2565
(err, stdout, stderr) => {
@@ -29,7 +69,38 @@ app.post("/api", (req, res) => {
2969
return res.send(stdout);
3070

3171
}
32-
);
72+
});
73+
});
74+
75+
app.post("/api2", (req, res) => {
76+
const item = req.body.item;
77+
78+
connection2.query(`SELECT * FROM Products WHERE item_name LIKE "%${item}%";`, function (err, result, fields) {
79+
if (err) {
80+
console.error('error: ' + err.message);
81+
return res.send(err.message);
82+
} else {
83+
return res.send(result);
84+
}
85+
});
86+
87+
});
88+
89+
app.post("/api3", (req, res) => {
90+
const key = req.body.key;
91+
92+
connection3.query(`SELECT * FROM SECRETS WHERE name='flag' AND value='${key}';`, function (err, result, fields) {
93+
if (err) {
94+
return res.send(err);
95+
} else {
96+
if (result.length === 0) {
97+
return res.send(`"${key}" is not the flag`)
98+
} else {
99+
return res.send(`"${key}" is the flag! Well done!`);
100+
}
101+
}
102+
});
103+
33104
});
34105

35106
app.listen(3000);

package-lock.json

Lines changed: 137 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,8 @@
55
"main": "index.js",
66
"license": "MIT",
77
"dependencies": {
8-
"express": "^4.17.1"
8+
"express": "^4.17.1",
9+
"mysql": "^2.18.1"
910
},
1011
"scripts": {
1112
"start": "node index.js"

0 commit comments

Comments
 (0)