Merge pull request #3 from ayala-orca/ayala-orca-patch-3

Create mitre2.py

mitre2.py

@@ -0,0 +1,247 @@
+import datetime
+import re
+import subprocess
+from hashlib import md5
+
+import jwt
+from django.http import HttpResponse, HttpResponseBadRequest, JsonResponse
+from django.shortcuts import redirect, render
+from django.views.decorators.csrf import csrf_exempt
+
+from .models import CSRF_user_tbl
+from .views import authentication_decorator
+
+# import os
+
+## Mitre top1 | CWE:787
+
+# target zone
+FLAG = "NOT_SUPPOSED_TO_BE_ACCESSED"
+
+# target zone end
+
+
+@authentication_decorator
+def mitre_top1(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top1.html')
+
+@authentication_decorator
+def mitre_top2(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top2.html')
+
+@authentication_decorator
+def mitre_top3(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top3.html')
+
+@authentication_decorator
+def mitre_top4(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top4.html')
+
+@authentication_decorator
+def mitre_top5(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top5.html')
+
+@authentication_decorator
+def mitre_top6(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top6.html')
+
+@authentication_decorator
+def mitre_top7(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top7.html')
+
+@authentication_decorator
+def mitre_top8(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top8.html')
+
+@authentication_decorator
+def mitre_top9(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top9.html')
+
+@authentication_decorator
+def mitre_top10(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top10.html')
+
+@authentication_decorator
+def mitre_top11(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top11.html')
+
+@authentication_decorator
+def mitre_top12(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top12.html')
+
+@authentication_decorator
+def mitre_top13(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top13.html')
+
+@authentication_decorator
+def mitre_top14(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top14.html')
+
+@authentication_decorator
+def mitre_top15(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top15.html')
+
+@authentication_decorator
+def mitre_top16(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top16.html')
+
+@authentication_decorator
+def mitre_top17(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top17.html')
+
+@authentication_decorator
+def mitre_top18(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top18.html')
+
+@authentication_decorator
+def mitre_top19(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top19.html')
+
+
+@authentication_decorator
+def mitre_top20(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top20.html')
+
+
+@authentication_decorator
+def mitre_top21(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top21.html')
+
+
+@authentication_decorator
+def mitre_top22(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top22.html')
+
+
+@authentication_decorator
+def mitre_top23(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top23.html')
+
+
+@authentication_decorator
+def mitre_top24(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top24.html')
+
+@authentication_decorator
+def mitre_top25(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/mitre_top25.html')
+
+@authentication_decorator
+def csrf_lab_login(request):
+    if request.method == 'GET':
+        return render(request, 'mitre/csrf_lab_login.html')
+    elif request.method == 'POST':
+        password = request.POST.get('password')
+        username = request.POST.get('username')
+        password = md5(password.encode()).hexdigest()
+        User = CSRF_user_tbl.objects.filter(username=username, password=password)
+        if User:
+            payload ={
+                'username': username,
+                'exp': datetime.datetime.utcnow() + datetime.timedelta(seconds=300),
+                'iat': datetime.datetime.utcnow()
+            }
+            cookie = jwt.encode(payload, 'csrf_vulneribility', algorithm='HS256')
+            response = redirect("/mitre/9/lab/transaction")
+            response.set_cookie('auth_cookiee', cookie)
+            return response
+        else :
+            return redirect('/mitre/9/lab/login')
+
+@authentication_decorator
+@csrf_exempt
+def csrf_transfer_monei(request):
+    if request.method == 'GET':
+        try:
+            cookie = request.COOKIES['auth_cookiee']
+            payload = jwt.decode(cookie, 'csrf_vulneribility', algorithms=['HS256'])
+            username = payload['username']
+            User = CSRF_user_tbl.objects.filter(username=username)
+            if not User:
+                redirect('/mitre/9/lab/login')
+            return render(request, 'mitre/csrf_dashboard.html', {'balance': User[0].balance})
+        except:
+            return redirect('/mitre/9/lab/login')
+
+def csrf_transfer_monei_api(request,recipent,amount):
+    if request.method == "GET":
+        cookie = request.COOKIES['auth_cookiee']
+        payload = jwt.decode(cookie, 'csrf_vulneribility', algorithms=['HS256'])
+        username = payload['username']
+        User = CSRF_user_tbl.objects.filter(username=username)
+        if not User:
+            return redirect('/mitre/9/lab/login')
+        if int(amount) > 0:
+            if int(amount) <= User[0].balance:
+                recipent = CSRF_user_tbl.objects.filter(username=recipent)
+                if recipent:
+                    recipent = recipent[0]
+                    recipent.balance = recipent.balance + int(amount)
+                    recipent.save()
+                    User[0].balance = User[0].balance - int(amount)
+                    User[0].save()
+        return redirect('/mitre/9/lab/transaction') 
+    else:
+        return redirect ('/mitre/9/lab/transaction')
+
+
+# @authentication_decorator
+@csrf_exempt
+def mitre_lab_25_api(request):
+    if request.method == "POST":
+        expression = request.POST.get('expression')
+        result = eval(expression)
+        return JsonResponse({'result': result})
+    else:
+        return redirect('/mitre/25/lab/')
+
+
+@authentication_decorator
+def mitre_lab_25(request):
+    return render(request, 'mitre/mitre_lab_25.html')
+
+@authentication_decorator
+def mitre_lab_17(request):
+    return render(request, 'mitre/mitre_lab_17.html')
+
+def command_out(command):
+    process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    return process.communicate()
+
+
+@csrf_exempt
+def mitre_lab_17_api(request):
+    if request.method == "POST":
+        ip = request.POST.get('ip')
+        command = "nmap " + ip 
+        res, err = command_out(command)
+        res = res.decode()
+        err = err.decode()
+        pattern = "STATE SERVICE.*\\n\\n"
+        ports = re.findall(pattern, res,re.DOTALL)[0][14:-2].split('\n')
+        return JsonResponse({'raw_res': str(res), 'raw_err': str(err), 'ports': ports})