Mission
Customer Security Ltd has hired you to test the security of their internal management system. Your task is to find vulnerabilities in the application and break into the system.
The client also agreed to send you part of the system source code, but not everything.
#!/usr/bin/python3
# Kirjasto tietokannan hallintaan
from moduulit import tietokanta
# Flask verkkosivu kirjastot
from flask import Flask, render_template, redirect, request
from flask import make_response
app = Flask(__name__)
haku = tietokanta.Haku()
@app.route("/")
def juuri():
# Haetaan tunniste evaste
tunniste = request.cookies.get('tunniste')
# Jos tunniste on oikea, kayttaja on kirjautunut
if tunniste == "ADMIN1":
# Haetaan hallintanakyman tiedot
tiedot = haku.haeTiedot()
return render_template("hallinta.html", tiedot=tiedot)
# Muuten ohjataan kirjautumaan
else:
return redirect("/login")
@app.route("/login", methods=["GET","POST"])
def kirjaudu():
if request.method == "GET":
failed = request.args.get("vaarin")
return render_template("kirjaudu.html", failed=failed)
elif request.method == "POST":
# Varmistetaan, etta tunnukset ovat oikein
kayttaja = request.form.get("kayttaja")
salasana = request.form.get("salasana")
oikein = haku.varmistaTunnus(kayttaja, salasana)
if oikein:
# asetetaan istuntotunniste
vastaus = make_response("blank.html")
vastaus.set_cookie("tunniste", "ADMIN1")
return vastaus
else:
return redirect("/login?vaarin=kylla")
if __name__ == '__main__':
app.run(debug=False, host='0.0.0.0')If the task feels difficult and doesn't seem to be solvable, we recommend also exploring the Python programming as well as Web development basics -course.
Hint
Exercises
Flag
Find the flag from the lab environment and enter it below.
Ready to become an ethical hacker?
Start today.
As a member of Hakatemia you get unlimited access to Hakatemia modules, exercises and tools, and you get access to the Hakatemia Discord channel where you can ask for help from both instructors and other Hakatemia members.