├── .gitignore ├── README.md └── profiler ├── .gitignore ├── Dockerfile ├── app.js ├── bin └── www ├── package-lock.json ├── package.json ├── public └── stylesheets │ └── style.css ├── routes └── index.js └── views ├── error.hbs ├── index.hbs └── layout.hbs /.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | logs 3 | *.log 4 | npm-debug.log* 5 | yarn-debug.log* 6 | yarn-error.log* 7 | lerna-debug.log* 8 | 9 | # Diagnostic reports (https://nodejs.org/api/report.html) 10 | report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json 11 | 12 | # Runtime data 13 | pids 14 | *.pid 15 | *.seed 16 | *.pid.lock 17 | 18 | # Directory for instrumented libs generated by jscoverage/JSCover 19 | lib-cov 20 | 21 | # Coverage directory used by tools like istanbul 22 | coverage 23 | *.lcov 24 | 25 | # nyc test coverage 26 | .nyc_output 27 | 28 | # Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) 29 | .grunt 30 | 31 | # Bower dependency directory (https://bower.io/) 32 | bower_components 33 | 34 | # node-waf configuration 35 | .lock-wscript 36 | 37 | # Compiled binary addons (https://nodejs.org/api/addons.html) 38 | build/Release 39 | 40 | node_modules/ 41 | jspm_packages/ 42 | jspm_packages/ 43 | 44 | # TypeScript v1 declaration files 45 | typings/ 46 | 47 | # TypeScript cache 48 | *.tsbuildinfo 49 | 50 | # Optional npm cache directory 51 | .npm 52 | 53 | # Optional eslint cache 54 | .eslintcache 55 | 56 | # Microbundle cache 57 | .rpt2_cache/ 58 | .rts2_cache_cjs/ 59 | .rts2_cache_es/ 60 | .rts2_cache_umd/ 61 | 62 | # Optional REPL history 63 | .node_repl_history 64 | 65 | # Output of 'npm pack' 66 | *.tgz 67 | 68 | # Yarn Integrity file 69 | .yarn-integrity 70 | 71 | # dotenv environment variables file 72 | .env 73 | .env.test 74 | 75 | # parcel-bundler cache (https://parceljs.org/) 76 | .cache 77 | 78 | # Next.js build output 79 | .next 80 | 81 | # Nuxt.js build / generate output 82 | .nuxt 83 | dist 84 | 85 | # Gatsby files 86 | .cache/ 87 | # Comment in the public line in if your project uses Gatsby and *not* Next.js 88 | # https://nextjs.org/blog/next-9-1#public-directory-support 89 | # public 90 | 91 | # vuepress build output 92 | .vuepress/dist 93 | 94 | # Serverless directories 95 | .serverless/ 96 | 97 | # FuseBox cache 98 | .fusebox/ 99 | 100 | # DynamoDB Local files 101 | .dynamodb/ 102 | 103 | # TernJS port file 104 | .tern-port 105 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Web-CTF-Challenges 2 | Collection of quirky behaviours of code and the CTF challenges that I made around them. 3 | 4 | ## Challenges 5 | 6 | |Challenge|Difficulty|Topic|Solves|Solution| 7 | | ------------- | ------------- |------------- | ------------- |------------- | 8 | | [Profiler](https://github.com/CaptainFreak/Web-CTF-Challenges/tree/main/profiler) | **★★★★★** | NodeJs, ExpressJs, HandleBars | 4 | [Link](https://blog.shoebpatel.com/2021/01/23/The-Secret-Parameter-LFR-and-Potential-RCE-in-NodeJS-Apps/) 9 | -------------------------------------------------------------------------------- /profiler/.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | logs 3 | *.log 4 | npm-debug.log* 5 | yarn-debug.log* 6 | yarn-error.log* 7 | lerna-debug.log* 8 | 9 | # Diagnostic reports (https://nodejs.org/api/report.html) 10 | report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json 11 | 12 | # Runtime data 13 | pids 14 | *.pid 15 | *.seed 16 | *.pid.lock 17 | 18 | # Directory for instrumented libs generated by jscoverage/JSCover 19 | lib-cov 20 | 21 | # Coverage directory used by tools like istanbul 22 | coverage 23 | *.lcov 24 | 25 | # nyc test coverage 26 | .nyc_output 27 | 28 | # Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) 29 | .grunt 30 | 31 | # Bower dependency directory (https://bower.io/) 32 | bower_components 33 | 34 | # node-waf configuration 35 | .lock-wscript 36 | 37 | # Compiled binary addons (https://nodejs.org/api/addons.html) 38 | build/Release 39 | 40 | # Dependency directories 41 | node_modules/ 42 | jspm_packages/ 43 | 44 | # TypeScript v1 declaration files 45 | typings/ 46 | 47 | # TypeScript cache 48 | *.tsbuildinfo 49 | 50 | # Optional npm cache directory 51 | .npm 52 | 53 | # Optional eslint cache 54 | .eslintcache 55 | 56 | # Microbundle cache 57 | .rpt2_cache/ 58 | .rts2_cache_cjs/ 59 | .rts2_cache_es/ 60 | .rts2_cache_umd/ 61 | 62 | # Optional REPL history 63 | .node_repl_history 64 | 65 | # Output of 'npm pack' 66 | *.tgz 67 | 68 | # Yarn Integrity file 69 | .yarn-integrity 70 | 71 | # dotenv environment variables file 72 | .env 73 | .env.test 74 | 75 | # parcel-bundler cache (https://parceljs.org/) 76 | .cache 77 | 78 | # Next.js build output 79 | .next 80 | 81 | # Nuxt.js build / generate output 82 | .nuxt 83 | dist 84 | 85 | # Gatsby files 86 | .cache/ 87 | # Comment in the public line in if your project uses Gatsby and *not* Next.js 88 | # https://nextjs.org/blog/next-9-1#public-directory-support 89 | # public 90 | 91 | # vuepress build output 92 | .vuepress/dist 93 | 94 | # Serverless directories 95 | .serverless/ 96 | 97 | # FuseBox cache 98 | .fusebox/ 99 | 100 | # DynamoDB Local files 101 | .dynamodb/ 102 | 103 | # TernJS port file 104 | .tern-port 105 | -------------------------------------------------------------------------------- /profiler/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node 2 | 3 | RUN mkdir -p /usr/src/app 4 | WORKDIR /usr/src/app 5 | 6 | COPY . /usr/src/app/ 7 | RUN npm install 8 | 9 | EXPOSE 9090 10 | CMD npm start -------------------------------------------------------------------------------- /profiler/app.js: -------------------------------------------------------------------------------- 1 | var createError = require('http-errors'); 2 | var express = require('express'); 3 | var path = require('path'); 4 | var cookieParser = require('cookie-parser'); 5 | var logger = require('morgan'); 6 | 7 | const hbs = require('hbs') 8 | 9 | var indexRouter = require('./routes/index'); 10 | 11 | var app = express(); 12 | 13 | // view engine setup 14 | app.set('views', path.join(__dirname, 'views')); 15 | app.set('view engine', 'hbs'); 16 | 17 | app.use(logger('dev')); 18 | app.use(express.json()); 19 | app.use(express.urlencoded({ extended: false })); 20 | app.use(cookieParser()); 21 | app.use(express.static(path.join(__dirname, 'public'))); 22 | 23 | app.use('/', indexRouter); 24 | 25 | // catch 404 and forward to error handler 26 | app.use(function(req, res, next) { 27 | next(createError(404)); 28 | }); 29 | 30 | // error handler 31 | app.use(function(err, req, res, next) { 32 | // set locals, only providing error in development 33 | res.locals.message = err.message; 34 | res.locals.error = req.app.get('env') === 'development' ? err : {}; 35 | 36 | // render the error page 37 | res.status(err.status || 500); 38 | res.render('error'); 39 | }); 40 | 41 | module.exports = app; 42 | -------------------------------------------------------------------------------- /profiler/bin/www: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env node 2 | 3 | /** 4 | * Module dependencies. 5 | */ 6 | 7 | var app = require('../app'); 8 | var debug = require('debug')('app:server'); 9 | var http = require('http'); 10 | 11 | /** 12 | * Get port from environment and store in Express. 13 | */ 14 | 15 | var port = normalizePort(process.env.PORT || '9090'); 16 | app.set('port', port); 17 | 18 | /** 19 | * Create HTTP server. 20 | */ 21 | 22 | var server = http.createServer(app); 23 | 24 | /** 25 | * Listen on provided port, on all network interfaces. 26 | */ 27 | 28 | server.listen(port); 29 | server.on('error', onError); 30 | server.on('listening', onListening); 31 | 32 | /** 33 | * Normalize a port into a number, string, or false. 34 | */ 35 | 36 | function normalizePort(val) { 37 | var port = parseInt(val, 10); 38 | 39 | if (isNaN(port)) { 40 | // named pipe 41 | return val; 42 | } 43 | 44 | if (port >= 0) { 45 | // port number 46 | return port; 47 | } 48 | 49 | return false; 50 | } 51 | 52 | /** 53 | * Event listener for HTTP server "error" event. 54 | */ 55 | 56 | function onError(error) { 57 | if (error.syscall !== 'listen') { 58 | throw error; 59 | } 60 | 61 | var bind = typeof port === 'string' 62 | ? 'Pipe ' + port 63 | : 'Port ' + port; 64 | 65 | // handle specific listen errors with friendly messages 66 | switch (error.code) { 67 | case 'EACCES': 68 | console.error(bind + ' requires elevated privileges'); 69 | process.exit(1); 70 | break; 71 | case 'EADDRINUSE': 72 | console.error(bind + ' is already in use'); 73 | process.exit(1); 74 | break; 75 | default: 76 | throw error; 77 | } 78 | } 79 | 80 | /** 81 | * Event listener for HTTP server "listening" event. 82 | */ 83 | 84 | function onListening() { 85 | var addr = server.address(); 86 | var bind = typeof addr === 'string' 87 | ? 'pipe ' + addr 88 | : 'port ' + addr.port; 89 | debug('Listening on ' + bind); 90 | } 91 | -------------------------------------------------------------------------------- /profiler/package-lock.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "app", 3 | "version": "0.0.0", 4 | "lockfileVersion": 1, 5 | "requires": true, 6 | "dependencies": { 7 | "accepts": { 8 | "version": "1.3.7", 9 | "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.7.tgz", 10 | "integrity": "sha512-Il80Qs2WjYlJIBNzNkK6KYqlVMTbZLXgHx2oT0pU/fjRHyEp+PEfEPY0R3WCwAGVOtauxh1hOxNgIf5bv7dQpA==", 11 | "requires": { 12 | "mime-types": "~2.1.24", 13 | "negotiator": "0.6.2" 14 | } 15 | }, 16 | "array-flatten": { 17 | "version": "1.1.1", 18 | "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", 19 | "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI=" 20 | }, 21 | "basic-auth": { 22 | "version": "2.0.1", 23 | "resolved": "https://registry.npmjs.org/basic-auth/-/basic-auth-2.0.1.tgz", 24 | "integrity": "sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==", 25 | "requires": { 26 | "safe-buffer": "5.1.2" 27 | } 28 | }, 29 | "body-parser": { 30 | "version": "1.18.3", 31 | "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.18.3.tgz", 32 | "integrity": "sha1-WykhmP/dVTs6DyDe0FkrlWlVyLQ=", 33 | "requires": { 34 | "bytes": "3.0.0", 35 | "content-type": "~1.0.4", 36 | "debug": "2.6.9", 37 | "depd": "~1.1.2", 38 | "http-errors": "~1.6.3", 39 | "iconv-lite": "0.4.23", 40 | "on-finished": "~2.3.0", 41 | "qs": "6.5.2", 42 | "raw-body": "2.3.3", 43 | "type-is": "~1.6.16" 44 | } 45 | }, 46 | "bytes": { 47 | "version": "3.0.0", 48 | "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz", 49 | "integrity": "sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg=" 50 | }, 51 | "content-disposition": { 52 | "version": "0.5.2", 53 | "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.2.tgz", 54 | "integrity": "sha1-DPaLud318r55YcOoUXjLhdunjLQ=" 55 | }, 56 | "content-type": { 57 | "version": "1.0.4", 58 | "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", 59 | "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==" 60 | }, 61 | "cookie": { 62 | "version": "0.4.0", 63 | "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz", 64 | "integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg==" 65 | }, 66 | "cookie-parser": { 67 | "version": "1.4.5", 68 | "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.5.tgz", 69 | "integrity": "sha512-f13bPUj/gG/5mDr+xLmSxxDsB9DQiTIfhJS/sqjrmfAWiAN+x2O4i/XguTL9yDZ+/IFDanJ+5x7hC4CXT9Tdzw==", 70 | "requires": { 71 | "cookie": "0.4.0", 72 | "cookie-signature": "1.0.6" 73 | } 74 | }, 75 | "cookie-signature": { 76 | "version": "1.0.6", 77 | "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", 78 | "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw=" 79 | }, 80 | "debug": { 81 | "version": "2.6.9", 82 | "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", 83 | "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", 84 | "requires": { 85 | "ms": "2.0.0" 86 | } 87 | }, 88 | "depd": { 89 | "version": "1.1.2", 90 | "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", 91 | "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=" 92 | }, 93 | "destroy": { 94 | "version": "1.0.4", 95 | "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz", 96 | "integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA=" 97 | }, 98 | "ee-first": { 99 | "version": "1.1.1", 100 | "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", 101 | "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" 102 | }, 103 | "encodeurl": { 104 | "version": "1.0.2", 105 | "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", 106 | "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=" 107 | }, 108 | "escape-html": { 109 | "version": "1.0.3", 110 | "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", 111 | "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg=" 112 | }, 113 | "etag": { 114 | "version": "1.8.1", 115 | "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz", 116 | "integrity": "sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=" 117 | }, 118 | "express": { 119 | "version": "4.16.4", 120 | "resolved": "https://registry.npmjs.org/express/-/express-4.16.4.tgz", 121 | "integrity": "sha512-j12Uuyb4FMrd/qQAm6uCHAkPtO8FDTRJZBDd5D2KOL2eLaz1yUNdUB/NOIyq0iU4q4cFarsUCrnFDPBcnksuOg==", 122 | "requires": { 123 | "accepts": "~1.3.5", 124 | "array-flatten": "1.1.1", 125 | "body-parser": "1.18.3", 126 | "content-disposition": "0.5.2", 127 | "content-type": "~1.0.4", 128 | "cookie": "0.3.1", 129 | "cookie-signature": "1.0.6", 130 | "debug": "2.6.9", 131 | "depd": "~1.1.2", 132 | "encodeurl": "~1.0.2", 133 | "escape-html": "~1.0.3", 134 | "etag": "~1.8.1", 135 | "finalhandler": "1.1.1", 136 | "fresh": "0.5.2", 137 | "merge-descriptors": "1.0.1", 138 | "methods": "~1.1.2", 139 | "on-finished": "~2.3.0", 140 | "parseurl": "~1.3.2", 141 | "path-to-regexp": "0.1.7", 142 | "proxy-addr": "~2.0.4", 143 | "qs": "6.5.2", 144 | "range-parser": "~1.2.0", 145 | "safe-buffer": "5.1.2", 146 | "send": "0.16.2", 147 | "serve-static": "1.13.2", 148 | "setprototypeof": "1.1.0", 149 | "statuses": "~1.4.0", 150 | "type-is": "~1.6.16", 151 | "utils-merge": "1.0.1", 152 | "vary": "~1.1.2" 153 | }, 154 | "dependencies": { 155 | "cookie": { 156 | "version": "0.3.1", 157 | "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.3.1.tgz", 158 | "integrity": "sha1-5+Ch+e9DtMi6klxcWpboBtFoc7s=" 159 | } 160 | } 161 | }, 162 | "finalhandler": { 163 | "version": "1.1.1", 164 | "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz", 165 | "integrity": "sha512-Y1GUDo39ez4aHAw7MysnUD5JzYX+WaIj8I57kO3aEPT1fFRL4sr7mjei97FgnwhAyyzRYmQZaTHb2+9uZ1dPtg==", 166 | "requires": { 167 | "debug": "2.6.9", 168 | "encodeurl": "~1.0.2", 169 | "escape-html": "~1.0.3", 170 | "on-finished": "~2.3.0", 171 | "parseurl": "~1.3.2", 172 | "statuses": "~1.4.0", 173 | "unpipe": "~1.0.0" 174 | } 175 | }, 176 | "foreachasync": { 177 | "version": "3.0.0", 178 | "resolved": "https://registry.npmjs.org/foreachasync/-/foreachasync-3.0.0.tgz", 179 | "integrity": "sha1-VQKYfchxS+M5IJfzLgBxyd7gfPY=" 180 | }, 181 | "forwarded": { 182 | "version": "0.1.2", 183 | "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz", 184 | "integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ=" 185 | }, 186 | "fresh": { 187 | "version": "0.5.2", 188 | "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", 189 | "integrity": "sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac=" 190 | }, 191 | "handlebars": { 192 | "version": "4.3.5", 193 | "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.3.5.tgz", 194 | "integrity": "sha512-I16T/l8X9DV3sEkY9sK9lsPRgDsj82ayBY/4pAZyP2BcX5WeRM3O06bw9kIs2GLrHvFB/DNzWWJyFvof8wQGqw==", 195 | "requires": { 196 | "neo-async": "^2.6.0", 197 | "optimist": "^0.6.1", 198 | "source-map": "^0.6.1", 199 | "uglify-js": "^3.1.4" 200 | } 201 | }, 202 | "hbs": { 203 | "version": "4.0.6", 204 | "resolved": "https://registry.npmjs.org/hbs/-/hbs-4.0.6.tgz", 205 | "integrity": "sha512-KFt3Y4zOvVQOp84TmqVaFTpBTYO1sVenBoBY712MI3vPkKxVoO6AsuEyDayIRPRAHRYZHHWnmc4spFa8fhQpLw==", 206 | "requires": { 207 | "handlebars": "4.3.5", 208 | "walk": "2.3.14" 209 | } 210 | }, 211 | "http-errors": { 212 | "version": "1.6.3", 213 | "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz", 214 | "integrity": "sha1-i1VoC7S+KDoLW/TqLjhYC+HZMg0=", 215 | "requires": { 216 | "depd": "~1.1.2", 217 | "inherits": "2.0.3", 218 | "setprototypeof": "1.1.0", 219 | "statuses": ">= 1.4.0 < 2" 220 | } 221 | }, 222 | "iconv-lite": { 223 | "version": "0.4.23", 224 | "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.23.tgz", 225 | "integrity": "sha512-neyTUVFtahjf0mB3dZT77u+8O0QB89jFdnBkd5P1JgYPbPaia3gXXOVL2fq8VyU2gMMD7SaN7QukTB/pmXYvDA==", 226 | "requires": { 227 | "safer-buffer": ">= 2.1.2 < 3" 228 | } 229 | }, 230 | "inherits": { 231 | "version": "2.0.3", 232 | "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", 233 | "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" 234 | }, 235 | "ipaddr.js": { 236 | "version": "1.9.1", 237 | "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", 238 | "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==" 239 | }, 240 | "json-beautify": { 241 | "version": "1.1.1", 242 | "resolved": "https://registry.npmjs.org/json-beautify/-/json-beautify-1.1.1.tgz", 243 | "integrity": "sha512-17j+Hk2lado0xqKtUcyAjK0AtoHnPSIgktWRsEXgdFQFG9UnaGw6CHa0J7xsvulxRpFl6CrkDFHght1p5ZJc4A==" 244 | }, 245 | "media-typer": { 246 | "version": "0.3.0", 247 | "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", 248 | "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" 249 | }, 250 | "merge-descriptors": { 251 | "version": "1.0.1", 252 | "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", 253 | "integrity": "sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E=" 254 | }, 255 | "methods": { 256 | "version": "1.1.2", 257 | "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", 258 | "integrity": "sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4=" 259 | }, 260 | "mime": { 261 | "version": "1.4.1", 262 | "resolved": "https://registry.npmjs.org/mime/-/mime-1.4.1.tgz", 263 | "integrity": "sha512-KI1+qOZu5DcW6wayYHSzR/tXKCDC5Om4s1z2QJjDULzLcmf3DvzS7oluY4HCTrc+9FiKmWUgeNLg7W3uIQvxtQ==" 264 | }, 265 | "mime-db": { 266 | "version": "1.45.0", 267 | "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.45.0.tgz", 268 | "integrity": "sha512-CkqLUxUk15hofLoLyljJSrukZi8mAtgd+yE5uO4tqRZsdsAJKv0O+rFMhVDRJgozy+yG6md5KwuXhD4ocIoP+w==" 269 | }, 270 | "mime-types": { 271 | "version": "2.1.28", 272 | "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.28.tgz", 273 | "integrity": "sha512-0TO2yJ5YHYr7M2zzT7gDU1tbwHxEUWBCLt0lscSNpcdAfFyJOVEpRYNS7EXVcTLNj/25QO8gulHC5JtTzSE2UQ==", 274 | "requires": { 275 | "mime-db": "1.45.0" 276 | } 277 | }, 278 | "minimist": { 279 | "version": "0.0.10", 280 | "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz", 281 | "integrity": "sha1-3j+YVD2/lggr5IrRoMfNqDYwHc8=" 282 | }, 283 | "morgan": { 284 | "version": "1.9.1", 285 | "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.9.1.tgz", 286 | "integrity": "sha512-HQStPIV4y3afTiCYVxirakhlCfGkI161c76kKFca7Fk1JusM//Qeo1ej2XaMniiNeaZklMVrh3vTtIzpzwbpmA==", 287 | "requires": { 288 | "basic-auth": "~2.0.0", 289 | "debug": "2.6.9", 290 | "depd": "~1.1.2", 291 | "on-finished": "~2.3.0", 292 | "on-headers": "~1.0.1" 293 | } 294 | }, 295 | "ms": { 296 | "version": "2.0.0", 297 | "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", 298 | "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" 299 | }, 300 | "negotiator": { 301 | "version": "0.6.2", 302 | "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz", 303 | "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==" 304 | }, 305 | "neo-async": { 306 | "version": "2.6.2", 307 | "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.2.tgz", 308 | "integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==" 309 | }, 310 | "on-finished": { 311 | "version": "2.3.0", 312 | "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", 313 | "integrity": "sha1-IPEzZIGwg811M3mSoWlxqi2QaUc=", 314 | "requires": { 315 | "ee-first": "1.1.1" 316 | } 317 | }, 318 | "on-headers": { 319 | "version": "1.0.2", 320 | "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", 321 | "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==" 322 | }, 323 | "optimist": { 324 | "version": "0.6.1", 325 | "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", 326 | "integrity": "sha1-2j6nRob6IaGaERwybpDrFaAZZoY=", 327 | "requires": { 328 | "minimist": "~0.0.1", 329 | "wordwrap": "~0.0.2" 330 | } 331 | }, 332 | "parseurl": { 333 | "version": "1.3.3", 334 | "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", 335 | "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==" 336 | }, 337 | "path-to-regexp": { 338 | "version": "0.1.7", 339 | "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", 340 | "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" 341 | }, 342 | "proxy-addr": { 343 | "version": "2.0.6", 344 | "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.6.tgz", 345 | "integrity": "sha512-dh/frvCBVmSsDYzw6n926jv974gddhkFPfiN8hPOi30Wax25QZyZEGveluCgliBnqmuM+UJmBErbAUFIoDbjOw==", 346 | "requires": { 347 | "forwarded": "~0.1.2", 348 | "ipaddr.js": "1.9.1" 349 | } 350 | }, 351 | "qs": { 352 | "version": "6.5.2", 353 | "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", 354 | "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" 355 | }, 356 | "range-parser": { 357 | "version": "1.2.1", 358 | "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", 359 | "integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==" 360 | }, 361 | "raw-body": { 362 | "version": "2.3.3", 363 | "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.3.3.tgz", 364 | "integrity": "sha512-9esiElv1BrZoI3rCDuOuKCBRbuApGGaDPQfjSflGxdy4oyzqghxu6klEkkVIvBje+FF0BX9coEv8KqW6X/7njw==", 365 | "requires": { 366 | "bytes": "3.0.0", 367 | "http-errors": "1.6.3", 368 | "iconv-lite": "0.4.23", 369 | "unpipe": "1.0.0" 370 | } 371 | }, 372 | "safe-buffer": { 373 | "version": "5.1.2", 374 | "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", 375 | "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" 376 | }, 377 | "safer-buffer": { 378 | "version": "2.1.2", 379 | "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", 380 | "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" 381 | }, 382 | "send": { 383 | "version": "0.16.2", 384 | "resolved": "https://registry.npmjs.org/send/-/send-0.16.2.tgz", 385 | "integrity": "sha512-E64YFPUssFHEFBvpbbjr44NCLtI1AohxQ8ZSiJjQLskAdKuriYEP6VyGEsRDH8ScozGpkaX1BGvhanqCwkcEZw==", 386 | "requires": { 387 | "debug": "2.6.9", 388 | "depd": "~1.1.2", 389 | "destroy": "~1.0.4", 390 | "encodeurl": "~1.0.2", 391 | "escape-html": "~1.0.3", 392 | "etag": "~1.8.1", 393 | "fresh": "0.5.2", 394 | "http-errors": "~1.6.2", 395 | "mime": "1.4.1", 396 | "ms": "2.0.0", 397 | "on-finished": "~2.3.0", 398 | "range-parser": "~1.2.0", 399 | "statuses": "~1.4.0" 400 | } 401 | }, 402 | "serve-static": { 403 | "version": "1.13.2", 404 | "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.13.2.tgz", 405 | "integrity": "sha512-p/tdJrO4U387R9oMjb1oj7qSMaMfmOyd4j9hOFoxZe2baQszgHcSWjuya/CiT5kgZZKRudHNOA0pYXOl8rQ5nw==", 406 | "requires": { 407 | "encodeurl": "~1.0.2", 408 | "escape-html": "~1.0.3", 409 | "parseurl": "~1.3.2", 410 | "send": "0.16.2" 411 | } 412 | }, 413 | "setprototypeof": { 414 | "version": "1.1.0", 415 | "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.0.tgz", 416 | "integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ==" 417 | }, 418 | "source-map": { 419 | "version": "0.6.1", 420 | "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", 421 | "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" 422 | }, 423 | "statuses": { 424 | "version": "1.4.0", 425 | "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.4.0.tgz", 426 | "integrity": "sha512-zhSCtt8v2NDrRlPQpCNtw/heZLtfUDqxBM1udqikb/Hbk52LK4nQSwr10u77iopCW5LsyHpuXS0GnEc48mLeew==" 427 | }, 428 | "type-is": { 429 | "version": "1.6.18", 430 | "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", 431 | "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", 432 | "requires": { 433 | "media-typer": "0.3.0", 434 | "mime-types": "~2.1.24" 435 | } 436 | }, 437 | "uglify-js": { 438 | "version": "3.12.4", 439 | "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.12.4.tgz", 440 | "integrity": "sha512-L5i5jg/SHkEqzN18gQMTWsZk3KelRsfD1wUVNqtq0kzqWQqcJjyL8yc1o8hJgRrWqrAl2mUFbhfznEIoi7zi2A==", 441 | "optional": true 442 | }, 443 | "unpipe": { 444 | "version": "1.0.0", 445 | "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", 446 | "integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw=" 447 | }, 448 | "utils-merge": { 449 | "version": "1.0.1", 450 | "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", 451 | "integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=" 452 | }, 453 | "vary": { 454 | "version": "1.1.2", 455 | "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", 456 | "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" 457 | }, 458 | "walk": { 459 | "version": "2.3.14", 460 | "resolved": "https://registry.npmjs.org/walk/-/walk-2.3.14.tgz", 461 | "integrity": "sha512-5skcWAUmySj6hkBdH6B6+3ddMjVQYH5Qy9QGbPmN8kVmLteXk+yVXg+yfk1nbX30EYakahLrr8iPcCxJQSCBeg==", 462 | "requires": { 463 | "foreachasync": "^3.0.0" 464 | } 465 | }, 466 | "wordwrap": { 467 | "version": "0.0.3", 468 | "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz", 469 | "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc=" 470 | } 471 | } 472 | } 473 | -------------------------------------------------------------------------------- /profiler/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "app", 3 | "version": "0.0.0", 4 | "private": true, 5 | "scripts": { 6 | "start": "node ./bin/www", 7 | "dev": "nodemon index.js -e js" 8 | }, 9 | "dependencies": { 10 | "cookie-parser": "~1.4.4", 11 | "debug": "~2.6.9", 12 | "express": "~4.16.1", 13 | "hbs": "~4.0.4", 14 | "http-errors": "~1.6.3", 15 | "morgan": "~1.9.1" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /profiler/public/stylesheets/style.css: -------------------------------------------------------------------------------- 1 | body { 2 | padding: 50px; 3 | font: 14px "Lucida Grande", Helvetica, Arial, sans-serif; 4 | } 5 | 6 | a { 7 | color: #00B7FF; 8 | } 9 | -------------------------------------------------------------------------------- /profiler/routes/index.js: -------------------------------------------------------------------------------- 1 | var express = require('express'); 2 | var router = express.Router(); 3 | 4 | const flag = "cfreak{this is not actual flag!}" 5 | 6 | /* GET home page. */ 7 | router.get('/', function(req, res, next) { 8 | res.render('index') 9 | }); 10 | 11 | router.post('/', function(req, res, next) { 12 | var profile = req.body.profile 13 | res.render('index', profile) 14 | }); 15 | 16 | module.exports = router; 17 | -------------------------------------------------------------------------------- /profiler/views/error.hbs: -------------------------------------------------------------------------------- 1 |

{{message}}

2 |

{{error.status}}

3 | 
{{error.stack}}
4 | -------------------------------------------------------------------------------- /profiler/views/index.hbs: -------------------------------------------------------------------------------- 1 |
2 |
3 |

Profiler

4 | 5 |

... a lame af open source profiler by lame-entrepreneur-try-hards.

6 |
7 |
8 | 9 |
10 | {{#if name}} 11 | 12 |
13 |
14 | 15 |
16 |
17 |

"{{bio}}"

18 |

{{name}}

19 |

{{position}}

20 |
21 | 22 |
23 | {{else}} 24 |
25 |
26 |
27 | 28 |
29 |
30 |
31 | 35 |
36 |
37 |
38 | 39 |
40 |
41 | 42 |
43 |
44 | 66 | {{/if}} 67 |
68 | 69 |
70 |
-------------------------------------------------------------------------------- /profiler/views/layout.hbs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | {{title}} 5 | 6 | 7 | 8 | 9 | 10 | {{{body}}} 11 | 12 | 13 | --------------------------------------------------------------------------------