├── .gitignore
├── .idea
├── dataSources.local.xml
├── dataSources.xml
├── inspectionProfiles
│ └── profiles_settings.xml
├── misc.xml
├── modules.xml
├── vcs.xml
├── workspace.xml
└── ywljsec.iml
├── LICENSE
├── README.md
├── apps
├── __init__.py
├── admin.py
├── apps.py
├── migrations
│ ├── 0001_initial.py
│ ├── 0002_auto_20220613_1400.py
│ ├── 0003_rename_price_userinfo_money.py
│ └── __init__.py
├── models.py
├── tests.py
└── views.py
├── document
├── README.md
├── img
│ ├── QQ22918914922917714320220615115816.gif
│ ├── QQ22918914922917714320220615115856.gif
│ ├── QQ22918914922917714320220615120259.gif
│ ├── QQ22918914922917714320220615120939.gif
│ ├── ezgif-3-53dc075be0.gif
│ ├── ezgif-3-a02d666c4a.gif
│ ├── ezgif-3-a403ac66ac.gif
│ ├── ezgif-3-ab2d06eda9.gif
│ ├── ezgif-3-fbd5d08174.gif
│ ├── ezgif-4-1631325bdb.gif
│ ├── ezgif-4-1f0d03d57b.gif
│ ├── ezgif-4-221d98cb88.gif
│ ├── ezgif-4-45f9e10b39.gif
│ ├── ezgif-4-597f7d528e.gif
│ ├── ezgif-4-6aa5629559.gif
│ ├── ezgif-4-7d657211fe.gif
│ ├── ezgif-4-7deaa41dca.gif
│ ├── ezgif-4-b94ab37b91.gif
│ ├── ezgif-4-c46452d12e.gif
│ ├── ezgif-4-cc7a05fbc1.gif
│ ├── image-20220615110331991.png
│ ├── image-20220615110752906.png
│ ├── image-20220615111337985.png
│ ├── image-20220615111409208.png
│ ├── image-20220615111541321.png
│ ├── image-20220615111831232.png
│ ├── image-20220615111850007.png
│ ├── image-20220615112627963.png
│ ├── image-20220615112827280.png
│ ├── image-20220615113025352-165528284295418.png
│ ├── image-20220615113025352.png
│ ├── image-20220615113118129.png
│ ├── image-20220615113218961.png
│ ├── image-20220615113317080.png
│ ├── image-20220615113432287.png
│ ├── image-20220615113449007.png
│ ├── image-20220615114211263.png
│ ├── image-20220615114302512.png
│ ├── image-20220615114517520.png
│ ├── image-20220615115439952.png
│ ├── image-20220615123834885.png
│ ├── image-20220615123841333.png
│ ├── image-20220615123854533.png
│ ├── image-20220615133523520.png
│ ├── image-20220615141723232.png
│ ├── image-20220615143103397.png
│ ├── image-20220615143135823.png
│ ├── image-20220615143213527.png
│ ├── image-20220615143344959.png
│ ├── image-20220615143358575.png
│ ├── image-20220615143923408.png
│ ├── image-20220615143933376.png
│ ├── image-20220615144325312.png
│ ├── image-20220615145630795.png
│ ├── image-20220615145646471.png
│ ├── image-20220615145704151.png
│ ├── image-20220615150305992.png
│ ├── image-20220615150315998.png
│ └── image-20220615150328086.png
├── 忘记密码
├── 支付.md
├── 注册.md
├── 越权.md
└── 验证码.md
├── manage.py
├── templates
├── index.html
└── shop.html
└── ywljsec
├── __init__.py
├── asgi.py
├── settings.py
├── urls.py
└── wsgi.py
/.gitignore:
--------------------------------------------------------------------------------
1 | # Byte-compiled / optimized / DLL files
2 | __pycache__/
3 | *.py[cod]
4 | *$py.class
5 |
6 | # C extensions
7 | *.so
8 |
9 | # Distribution / packaging
10 | .Python
11 | build/
12 | develop-eggs/
13 | dist/
14 | downloads/
15 | eggs/
16 | .eggs/
17 | lib/
18 | lib64/
19 | parts/
20 | sdist/
21 | var/
22 | wheels/
23 | pip-wheel-metadata/
24 | share/python-wheels/
25 | *.egg-info/
26 | .installed.cfg
27 | *.egg
28 | MANIFEST
29 |
30 | # PyInstaller
31 | # Usually these files are written by a python script from a template
32 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
33 | *.manifest
34 | *.spec
35 |
36 | # Installer logs
37 | pip-log.txt
38 | pip-delete-this-directory.txt
39 |
40 | # Unit test / coverage reports
41 | htmlcov/
42 | .tox/
43 | .nox/
44 | .coverage
45 | .coverage.*
46 | .cache
47 | nosetests.xml
48 | coverage.xml
49 | *.cover
50 | *.py,cover
51 | .hypothesis/
52 | .pytest_cache/
53 |
54 | # Translations
55 | *.mo
56 | *.pot
57 |
58 | # Django stuff:
59 | *.log
60 | local_settings.py
61 | db.sqlite3
62 | db.sqlite3-journal
63 |
64 | # Flask stuff:
65 | instance/
66 | .webassets-cache
67 |
68 | # Scrapy stuff:
69 | .scrapy
70 |
71 | # Sphinx documentation
72 | docs/_build/
73 |
74 | # PyBuilder
75 | target/
76 |
77 | # Jupyter Notebook
78 | .ipynb_checkpoints
79 |
80 | # IPython
81 | profile_default/
82 | ipython_config.py
83 |
84 | # pyenv
85 | .python-version
86 |
87 | # pipenv
88 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
89 | # However, in case of collaboration, if having platform-specific dependencies or dependencies
90 | # having no cross-platform support, pipenv may install dependencies that don't work, or not
91 | # install all needed dependencies.
92 | #Pipfile.lock
93 |
94 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow
95 | __pypackages__/
96 |
97 | # Celery stuff
98 | celerybeat-schedule
99 | celerybeat.pid
100 |
101 | # SageMath parsed files
102 | *.sage.py
103 |
104 | # Environments
105 | .env
106 | .venv
107 | env/
108 | venv/
109 | ENV/
110 | env.bak/
111 | venv.bak/
112 |
113 | # Spyder project settings
114 | .spyderproject
115 | .spyproject
116 |
117 | # Rope project settings
118 | .ropeproject
119 |
120 | # mkdocs documentation
121 | /site
122 |
123 | # mypy
124 | .mypy_cache/
125 | .dmypy.json
126 | dmypy.json
127 |
128 | # Pyre type checker
129 | .pyre/
130 |
--------------------------------------------------------------------------------
/.idea/dataSources.local.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | false
7 |
8 |
9 |
10 |
--------------------------------------------------------------------------------
/.idea/dataSources.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | sqlite.xerial
6 | true
7 | org.sqlite.JDBC
8 | jdbc:sqlite:C:\Users\lok\PycharmProjects\ywljsec\db.sqlite3
9 |
10 |
11 |
--------------------------------------------------------------------------------
/.idea/inspectionProfiles/profiles_settings.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/.idea/misc.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
--------------------------------------------------------------------------------
/.idea/modules.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/.idea/vcs.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/.idea/workspace.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
23 |
24 |
25 | 业务逻辑安全漏洞复现
9 | 初始化数据
10 | 越权
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 | 支付篡改
21 |
22 |
23 | 验证码
24 |
25 |
26 |
27 |
28 |
29 |
30 | 注册
31 |
32 |
33 | 密码重置
34 | 重放攻击
35 | 无限获利
36 | 条件竞争
37 |
38 |
39 |
--------------------------------------------------------------------------------
/templates/shop.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | 购物商城
6 |
7 |
8 | 用户:{{ username }} 余额:{{ money }}
9 |
10 | {% for i in rs %}
11 | 商品名字:{{ i.name }} 商品价格:{{ i.price }} 商品限制:{{ i.limit }}
12 |
13 |
19 |
20 | {% endfor %}
21 |
22 |
23 |
--------------------------------------------------------------------------------
/ywljsec/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/yingshang/ywljsec/ee848ff302b00888565aeb94ec4fe79894ce58e0/ywljsec/__init__.py
--------------------------------------------------------------------------------
/ywljsec/asgi.py:
--------------------------------------------------------------------------------
1 | """
2 | ASGI config for ywljsec project.
3 |
4 | It exposes the ASGI callable as a module-level variable named ``application``.
5 |
6 | For more information on this file, see
7 | https://docs.djangoproject.com/en/3.2/howto/deployment/asgi/
8 | """
9 |
10 | import os
11 |
12 | from django.core.asgi import get_asgi_application
13 |
14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'ywljsec.settings')
15 |
16 | application = get_asgi_application()
17 |
--------------------------------------------------------------------------------
/ywljsec/settings.py:
--------------------------------------------------------------------------------
1 | """
2 | Django settings for ywljsec project.
3 |
4 | Generated by 'django-admin startproject' using Django 3.2.13.
5 |
6 | For more information on this file, see
7 | https://docs.djangoproject.com/en/3.2/topics/settings/
8 |
9 | For the full list of settings and their values, see
10 | https://docs.djangoproject.com/en/3.2/ref/settings/
11 | """
12 | import os
13 | from pathlib import Path
14 |
15 | # Build paths inside the project like this: BASE_DIR / 'subdir'.
16 | BASE_DIR = Path(__file__).resolve().parent.parent
17 |
18 |
19 | # Quick-start development settings - unsuitable for production
20 | # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/
21 |
22 | # SECURITY WARNING: keep the secret key used in production secret!
23 | SECRET_KEY = 'django-insecure-p6*argwvuhp@-t)s!m@q57b^qc+p*-ve8bjd6h6fi_i%chbj!y'
24 |
25 | # SECURITY WARNING: don't run with debug turned on in production!
26 | DEBUG = True
27 |
28 | ALLOWED_HOSTS = ['*']
29 |
30 |
31 | # Application definition
32 |
33 | INSTALLED_APPS = [
34 | 'django.contrib.admin',
35 | 'django.contrib.auth',
36 | 'django.contrib.contenttypes',
37 | 'django.contrib.sessions',
38 | 'django.contrib.messages',
39 | 'django.contrib.staticfiles',
40 | 'apps.apps.AppsConfig',
41 | ]
42 |
43 | MIDDLEWARE = [
44 | 'django.middleware.security.SecurityMiddleware',
45 | 'django.contrib.sessions.middleware.SessionMiddleware',
46 | 'django.middleware.common.CommonMiddleware',
47 | 'django.middleware.csrf.CsrfViewMiddleware',
48 | 'django.contrib.auth.middleware.AuthenticationMiddleware',
49 | 'django.contrib.messages.middleware.MessageMiddleware',
50 | 'django.middleware.clickjacking.XFrameOptionsMiddleware',
51 | ]
52 |
53 | ROOT_URLCONF = 'ywljsec.urls'
54 |
55 | TEMPLATES = [
56 | {
57 | 'BACKEND': 'django.template.backends.django.DjangoTemplates',
58 | 'DIRS': [os.path.join(BASE_DIR, 'templates')]
59 | ,
60 | 'APP_DIRS': True,
61 | 'OPTIONS': {
62 | 'context_processors': [
63 | 'django.template.context_processors.debug',
64 | 'django.template.context_processors.request',
65 | 'django.contrib.auth.context_processors.auth',
66 | 'django.contrib.messages.context_processors.messages',
67 | ],
68 | },
69 | },
70 | ]
71 |
72 | CACHES = {
73 | 'default': {
74 | 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
75 | 'LOCATION': 'code-cache',
76 | }
77 | }
78 |
79 |
80 |
81 | WSGI_APPLICATION = 'ywljsec.wsgi.application'
82 |
83 |
84 | # Database
85 | # https://docs.djangoproject.com/en/3.2/ref/settings/#databases
86 |
87 | DATABASES = {
88 | 'default': {
89 | 'ENGINE': 'django.db.backends.sqlite3',
90 | 'NAME': BASE_DIR / 'db.sqlite3',
91 | }
92 | }
93 |
94 |
95 | # Password validation
96 | # https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators
97 |
98 | AUTH_PASSWORD_VALIDATORS = [
99 | {
100 | 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
101 | },
102 | {
103 | 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
104 | },
105 | {
106 | 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
107 | },
108 | {
109 | 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
110 | },
111 | ]
112 |
113 |
114 | # Internationalization
115 | # https://docs.djangoproject.com/en/3.2/topics/i18n/
116 |
117 | LANGUAGE_CODE = 'en-us'
118 |
119 | TIME_ZONE = 'UTC'
120 |
121 | USE_I18N = True
122 |
123 | USE_L10N = True
124 |
125 | USE_TZ = True
126 |
127 |
128 | # Static files (CSS, JavaScript, Images)
129 | # https://docs.djangoproject.com/en/3.2/howto/static-files/
130 |
131 | STATIC_URL = '/static/'
132 | # STATIC_ROOT = os.path.join(BASE_DIR, 'static')
133 | STATICFILES_DIRS = (
134 | os.path.join(BASE_DIR, 'static'),
135 | )
136 |
137 | # Default primary key field type
138 | # https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field
139 |
140 | DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
141 |
--------------------------------------------------------------------------------
/ywljsec/urls.py:
--------------------------------------------------------------------------------
1 | """ywljsec URL Configuration
2 |
3 | The `urlpatterns` list routes URLs to views. For more information please see:
4 | https://docs.djangoproject.com/en/3.2/topics/http/urls/
5 | Examples:
6 | Function views
7 | 1. Add an import: from my_app import views
8 | 2. Add a URL to urlpatterns: path('', views.home, name='home')
9 | Class-based views
10 | 1. Add an import: from other_app.views import Home
11 | 2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
12 | Including another URLconf
13 | 1. Import the include() function: from django.urls import include, path
14 | 2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
15 | """
16 | from django.contrib import admin
17 | from django.urls import path
18 | from apps.views import *
19 |
20 | urlpatterns = [
21 | path('admin/', admin.site.urls),
22 | path('', index,name="index"),
23 | path('init_data/', init_data,name='init_data'),
24 | path('shopping/', shopping,name='shopping'),
25 | path('msg_code/', msg_code,name='msg_code'),
26 | path('register/', register,name='register'),
27 | path('unauthorized_access/', unauthorized_access,name='unauthorized_access'),
28 |
29 | ]
30 |
--------------------------------------------------------------------------------
/ywljsec/wsgi.py:
--------------------------------------------------------------------------------
1 | """
2 | WSGI config for ywljsec project.
3 |
4 | It exposes the WSGI callable as a module-level variable named ``application``.
5 |
6 | For more information on this file, see
7 | https://docs.djangoproject.com/en/3.2/howto/deployment/wsgi/
8 | """
9 |
10 | import os
11 |
12 | from django.core.wsgi import get_wsgi_application
13 |
14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'ywljsec.settings')
15 |
16 | application = get_wsgi_application()
17 |
--------------------------------------------------------------------------------