#!/usr/bin/python import os import cgi import cgitb cgitb.enable(context=10) if os.environ.has_key('QUERY_STRING'): os.environ['QUERY_STRING'] = '' fields = cgi.FieldStorage() print 'Content-Type: text/html' print '' print ''' <html> <head> <title>4</title> <link rel="stylesheet" type="text/css" href=",ctf.css" media="all" /> </head> <body> <div id="wrapper"> <div id="content"> <h1>Web Application Challenge 4</h1> <p>Through some manipulation or interpretation of this CGI script and the HTML page(s) that it generates, a 10 character key can be found.</p> <p><strong>Find the key!</strong></p> <div class="vertsep"></div> ''' PRODUCT_NAME = "Unidentifiable garbage" def purchase_success(quantity): print ''' <p>Congratulations, your order for %d "%s" has been placed.</p> ''' % (quantity, PRODUCT_NAME) # key = 765JBo4B54 if fields.has_key('quantity') and fields.has_key('product') and fields['product'].value == PRODUCT_NAME: product = fields['product'].value quantity = int(fields['quantity'].value) purchase_success(quantity) else: print ''' <h2>SALE: %s</h2> <p>Use the order form below to place an order.</p> <form method="post" action="4.cgi"> How many would you like? <select name="quantity"> <option value="12">12</option> <option value="24">24</option> <option value="48">48</option> </select> <br /><br /> <input type="submit" value="Order!" /> <input type="hidden" name="product" value="%s" /> </form> ''' % (PRODUCT_NAME, PRODUCT_NAME) print ''' </div> <div id="footer"> <p>Copyright © 2009 LANS, LLC.</p> </div> </div> </body> </html> '''