@app.route("/", methods=['GET', 'POST']) defstart(): if request.method == 'POST': text = request.form['text'].split(' ') cmd = '' iflen(text) < 1: return ('invalid message', 400) eliflen(text) < 2: cmd = text[0] text = '' else: cmd, text = text[0], ' '.join(text[1:]) result = chat(cmd, text) return result return render_template('index.html')
defchat(cmd, text): # run java jar with a 10 second timeout res = subprocess.run(['java', '-jar', '-Dcmd=' + cmd, 'chatbot/target/app-1.0-SNAPSHOT.jar', '--', text], capture_output=True, timeout=10) print(res.stderr.decode('utf8')) return res.stdout.decode('utf-8')
if __name__ == '__main__': port = os.environ['PORT'] if'port'in os.environ else1337 app.run(host='0.0.0.0', port=port)
publicclassApp{ publicstatic Logger LOGGER = LogManager.getLogger(App.class); publicstaticvoidmain(String[]args){ //获取环境变量当中的flag,同时这里可以知道我们需要获取到环境变量 String flag = System.getenv("FLAG"); if (flag == null || !flag.startsWith("CTF")) { LOGGER.error("{}", "Contact admin"); } //日志输出命令行参数 LOGGER.info("msg: {}", args); // TODO: implement bot commands String cmd = System.getProperty("cmd"); if (cmd.equals("help")) { doHelp(); return; } if (!cmd.startsWith("/")) { System.out.println("The command should start with a /."); return; } //根据命令行参数执行doCommand,简单可以看出这里没什么利用 doCommand(cmd.substring(1), args); }
privatestaticvoiddoCommand(String cmd, String[] args){ switch(cmd) { case"help": doHelp(); break; case"repeat": System.out.println(args[1]); break; case"time": DateTimeFormatter dtf = DateTimeFormatter.ofPattern("yyyy/M/d H:m:s"); System.out.println(dtf.format(LocalDateTime.now())); break; case"wc": if (args[1].isEmpty()) { System.out.println(0); } else { System.out.println(args[1].split(" ").length); } break; default: System.out.println("Sorry, you must be a premium member in order to run this command."); } } privatestaticvoiddoHelp(){ System.out.println("Try some of our free commands below! \nwc\ntime\nrepeat"); } }
privatestaticvoiddoCommand(String cmd, String[] args){ switch(cmd) { case"help": doHelp(); break; case"repeat": System.out.println(args[1]); break; case"time": DateTimeFormatter dtf = DateTimeFormatter.ofPattern("yyyy/M/d H:m:s"); System.out.println(dtf.format(LocalDateTime.now())); break; case"wc": if (args[1].isEmpty()) { System.out.println(0); } else { System.out.println(args[1].split(" ").length); } break; default: System.out.println("Sorry, you must be a premium member in order to run this command."); } }
Reflections f = new Reflections("org.apache.logging.log4j.core"); Set<Class<?>> set = f.getTypesAnnotatedWith(ConverterKeys.class); for (Class<?> tmp:set){ if (tmp.isInterface()){ System.out.println("interface:"+tmp.getName()); }else { System.out.println("class:"+tmp.getName());