Ideone.com

fork download

copy

import java.io.IOException;
import java.io.OutputStream;
import java.net.InetSocketAddress;
import java.util.Random;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.util.Map;
import java.util.HashMap;
 
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
 
public class Challenge15 {
 
    static private String data = "";
    static private String adminPassword = "";
 
    public static void main(String[] args) throws Exception {
        // create a secure admin!
        // we will generate a random password
        // so that nobody will be able to log in as admin
        // even we do not know what the password is,
        // how smart is that, huh?
        adminPassword = generateSecurePassword();
 
        // read the challenge file and store it in the data
        File file = new File("flag15.txt");
        BufferedReader br = new BufferedReader(new FileReader(file));
        String line = "";
        while ((line = br.readLine()) != null) data += line + "<br>";
        br.close();
 
        // run the HTTP server to listen for connections
        int port = 7005;
        HttpServer server = HttpServer.create(new InetSocketAddress(port), 0);
        server.createContext("/login/", new LoginHandler());
        server.createContext("/", new IndexHandler());
        server.setExecutor(null);
        server.start();
        System.out.println("Started the server on port " + port + "...");
    }
 
    // this class takes care of the action when the user clicks on Login
    static class LoginHandler implements HttpHandler {
        @Override
        public void handle(HttpExchange t) throws IOException {
            String output = "";
            Map<String, String> GETRequestParams = queryToMap(t.getRequestURI().getQuery());
            if (GETRequestParams.containsKey("username") && GETRequestParams.containsKey("password")) {
                String username = GETRequestParams.get("username");
                String password = GETRequestParams.get("password");
 
                if (username.equals("admin") && password.equals(adminPassword)) {
                    output += data;
                }
                else {
                    output += "Username/password are not correct! Good luck next time.";
                }
            }
            else {
                output += "GET parameters are wrong, don't mess with us ;)";
            }
 
            generateResponse(t, output);
        }
    }
 
    // this class takes care of the action when the user navigates to this challenge
    static class IndexHandler implements HttpHandler {
        @Override
        public void handle(HttpExchange t) throws IOException {
            generateResponse(t, "Dear admin, hopefully, you remember your password!");
        }
    }
 
    // a method for a generic response to the user
    static void generateResponse(HttpExchange t, String output) throws IOException {
        String line = "", response = "";
        try {
            File indexFile = new File("index.html").getCanonicalFile();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new FileInputStream(indexFile)));
            while ((line = bufferedReader.readLine()) != null) {
                response += line;
            }
            response = response.replaceAll("CONTENT_PLACEMENT", output);
            bufferedReader.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
        t.getResponseHeaders().add("Content-Type", "text/html");
        t.sendResponseHeaders(200, response.length());
        OutputStream os = t.getResponseBody();
        os.write(response.getBytes());
        os.close();
    }
 
    static public Map<String, String> queryToMap(String query) {
        Map<String, String> result = new HashMap<>();
        for (String param : query.split("&")) {
            String[] entry = param.split("=");
            if (entry.length > 1) { // proceed only when there is a pair of parameters
                result.put(entry[0], entry[1]);
            }
        }
        return result;
    }
 
    static private String generateSecurePassword() {
        String password = "magicallysecure";  
        Random rnd = new Random();
 
        // generate a random number between 0 and 20 and based on that, create a password
        Integer random = rnd.nextInt(20);
 
        // let's do some math on that number
        // btw, this code can be run on the website like https://w...content-available-to-author-only...e.com/online-java-compiler
        // just don't forget to import java.util.Random; at the top of the code editor
        random = random * 16578;
        random = random ^ 654321;
        for (int i = 0; i < password.length(); i++) {
            random += (int)password.charAt(i); // convert every character from password to an integer according to ASCII table and add that number to random
        }
 
        password = random.toString();
 
        return password;
    }
 
}

aW1wb3J0IGphdmEuaW8uSU9FeGNlcHRpb247CmltcG9ydCBqYXZhLmlvLk91dHB1dFN0cmVhbTsKaW1wb3J0IGphdmEubmV0LkluZXRTb2NrZXRBZGRyZXNzOwppbXBvcnQgamF2YS51dGlsLlJhbmRvbTsKaW1wb3J0IGphdmEuaW8uRmlsZTsKaW1wb3J0IGphdmEuaW8uRmlsZUlucHV0U3RyZWFtOwppbXBvcnQgamF2YS5pby5GaWxlUmVhZGVyOwppbXBvcnQgamF2YS5pby5CdWZmZXJlZFJlYWRlcjsKaW1wb3J0IGphdmEuaW8uSW5wdXRTdHJlYW1SZWFkZXI7CmltcG9ydCBqYXZhLnV0aWwuTWFwOwppbXBvcnQgamF2YS51dGlsLkhhc2hNYXA7CgppbXBvcnQgY29tLnN1bi5uZXQuaHR0cHNlcnZlci5IdHRwRXhjaGFuZ2U7CmltcG9ydCBjb20uc3VuLm5ldC5odHRwc2VydmVyLkh0dHBIYW5kbGVyOwppbXBvcnQgY29tLnN1bi5uZXQuaHR0cHNlcnZlci5IdHRwU2VydmVyOwoKcHVibGljIGNsYXNzIENoYWxsZW5nZTE1IHsKCiAgICBzdGF0aWMgcHJpdmF0ZSBTdHJpbmcgZGF0YSA9ICIiOwogICAgc3RhdGljIHByaXZhdGUgU3RyaW5nIGFkbWluUGFzc3dvcmQgPSAiIjsKCiAgICBwdWJsaWMgc3RhdGljIHZvaWQgbWFpbihTdHJpbmdbXSBhcmdzKSB0aHJvd3MgRXhjZXB0aW9uIHsKICAgICAgICAvLyBjcmVhdGUgYSBzZWN1cmUgYWRtaW4hCiAgICAgICAgLy8gd2Ugd2lsbCBnZW5lcmF0ZSBhIHJhbmRvbSBwYXNzd29yZAogICAgICAgIC8vIHNvIHRoYXQgbm9ib2R5IHdpbGwgYmUgYWJsZSB0byBsb2cgaW4gYXMgYWRtaW4KICAgICAgICAvLyBldmVuIHdlIGRvIG5vdCBrbm93IHdoYXQgdGhlIHBhc3N3b3JkIGlzLAogICAgICAgIC8vIGhvdyBzbWFydCBpcyB0aGF0LCBodWg/CiAgICAgICAgYWRtaW5QYXNzd29yZCA9IGdlbmVyYXRlU2VjdXJlUGFzc3dvcmQoKTsKICAgICAgICAKICAgICAgICAvLyByZWFkIHRoZSBjaGFsbGVuZ2UgZmlsZSBhbmQgc3RvcmUgaXQgaW4gdGhlIGRhdGEKICAgICAgICBGaWxlIGZpbGUgPSBuZXcgRmlsZSgiZmxhZzE1LnR4dCIpOwogICAgICAgIEJ1ZmZlcmVkUmVhZGVyIGJyID0gbmV3IEJ1ZmZlcmVkUmVhZGVyKG5ldyBGaWxlUmVhZGVyKGZpbGUpKTsKICAgICAgICBTdHJpbmcgbGluZSA9ICIiOwogICAgICAgIHdoaWxlICgobGluZSA9IGJyLnJlYWRMaW5lKCkpICE9IG51bGwpIGRhdGEgKz0gbGluZSArICI8YnI+IjsKICAgICAgICBici5jbG9zZSgpOwogICAgICAgIAogICAgICAgIC8vIHJ1biB0aGUgSFRUUCBzZXJ2ZXIgdG8gbGlzdGVuIGZvciBjb25uZWN0aW9ucwogICAgICAgIGludCBwb3J0ID0gNzAwNTsKICAgICAgICBIdHRwU2VydmVyIHNlcnZlciA9IEh0dHBTZXJ2ZXIuY3JlYXRlKG5ldyBJbmV0U29ja2V0QWRkcmVzcyhwb3J0KSwgMCk7CiAgICAgICAgc2VydmVyLmNyZWF0ZUNvbnRleHQoIi9sb2dpbi8iLCBuZXcgTG9naW5IYW5kbGVyKCkpOwogICAgICAgIHNlcnZlci5jcmVhdGVDb250ZXh0KCIvIiwgbmV3IEluZGV4SGFuZGxlcigpKTsKICAgICAgICBzZXJ2ZXIuc2V0RXhlY3V0b3IobnVsbCk7CiAgICAgICAgc2VydmVyLnN0YXJ0KCk7CiAgICAgICAgU3lzdGVtLm91dC5wcmludGxuKCJTdGFydGVkIHRoZSBzZXJ2ZXIgb24gcG9ydCAiICsgcG9ydCArICIuLi4iKTsKICAgIH0KCiAgICAvLyB0aGlzIGNsYXNzIHRha2VzIGNhcmUgb2YgdGhlIGFjdGlvbiB3aGVuIHRoZSB1c2VyIGNsaWNrcyBvbiBMb2dpbgogICAgc3RhdGljIGNsYXNzIExvZ2luSGFuZGxlciBpbXBsZW1lbnRzIEh0dHBIYW5kbGVyIHsKICAgICAgICBAT3ZlcnJpZGUKICAgICAgICBwdWJsaWMgdm9pZCBoYW5kbGUoSHR0cEV4Y2hhbmdlIHQpIHRocm93cyBJT0V4Y2VwdGlvbiB7CiAgICAgICAgICAgIFN0cmluZyBvdXRwdXQgPSAiIjsKICAgICAgICAgICAgTWFwPFN0cmluZywgU3RyaW5nPiBHRVRSZXF1ZXN0UGFyYW1zID0gcXVlcnlUb01hcCh0LmdldFJlcXVlc3RVUkkoKS5nZXRRdWVyeSgpKTsKICAgICAgICAgICAgaWYgKEdFVFJlcXVlc3RQYXJhbXMuY29udGFpbnNLZXkoInVzZXJuYW1lIikgJiYgR0VUUmVxdWVzdFBhcmFtcy5jb250YWluc0tleSgicGFzc3dvcmQiKSkgewogICAgICAgICAgICAgICAgU3RyaW5nIHVzZXJuYW1lID0gR0VUUmVxdWVzdFBhcmFtcy5nZXQoInVzZXJuYW1lIik7CiAgICAgICAgICAgICAgICBTdHJpbmcgcGFzc3dvcmQgPSBHRVRSZXF1ZXN0UGFyYW1zLmdldCgicGFzc3dvcmQiKTsKCiAgICAgICAgICAgICAgICBpZiAodXNlcm5hbWUuZXF1YWxzKCJhZG1pbiIpICYmIHBhc3N3b3JkLmVxdWFscyhhZG1pblBhc3N3b3JkKSkgewogICAgICAgICAgICAgICAgICAgIG91dHB1dCArPSBkYXRhOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZWxzZSB7CiAgICAgICAgICAgICAgICAgICAgb3V0cHV0ICs9ICJVc2VybmFtZS9wYXNzd29yZCBhcmUgbm90IGNvcnJlY3QhIEdvb2QgbHVjayBuZXh0IHRpbWUuIjsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgICBlbHNlIHsKICAgICAgICAgICAgICAgIG91dHB1dCArPSAiR0VUIHBhcmFtZXRlcnMgYXJlIHdyb25nLCBkb24ndCBtZXNzIHdpdGggdXMgOykiOwogICAgICAgICAgICB9CiAgICAgICAgICAgIAogICAgICAgICAgICBnZW5lcmF0ZVJlc3BvbnNlKHQsIG91dHB1dCk7CiAgICAgICAgfQogICAgfQogICAgCiAgICAvLyB0aGlzIGNsYXNzIHRha2VzIGNhcmUgb2YgdGhlIGFjdGlvbiB3aGVuIHRoZSB1c2VyIG5hdmlnYXRlcyB0byB0aGlzIGNoYWxsZW5nZQogICAgc3RhdGljIGNsYXNzIEluZGV4SGFuZGxlciBpbXBsZW1lbnRzIEh0dHBIYW5kbGVyIHsKICAgICAgICBAT3ZlcnJpZGUKICAgICAgICBwdWJsaWMgdm9pZCBoYW5kbGUoSHR0cEV4Y2hhbmdlIHQpIHRocm93cyBJT0V4Y2VwdGlvbiB7CiAgICAgICAgICAgIGdlbmVyYXRlUmVzcG9uc2UodCwgIkRlYXIgYWRtaW4sIGhvcGVmdWxseSwgeW91IHJlbWVtYmVyIHlvdXIgcGFzc3dvcmQhIik7CiAgICAgICAgfQogICAgfQogICAgCiAgICAvLyBhIG1ldGhvZCBmb3IgYSBnZW5lcmljIHJlc3BvbnNlIHRvIHRoZSB1c2VyCiAgICBzdGF0aWMgdm9pZCBnZW5lcmF0ZVJlc3BvbnNlKEh0dHBFeGNoYW5nZSB0LCBTdHJpbmcgb3V0cHV0KSB0aHJvd3MgSU9FeGNlcHRpb24gewogICAgICAgIFN0cmluZyBsaW5lID0gIiIsIHJlc3BvbnNlID0gIiI7CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgRmlsZSBpbmRleEZpbGUgPSBuZXcgRmlsZSgiaW5kZXguaHRtbCIpLmdldENhbm9uaWNhbEZpbGUoKTsKICAgICAgICAgICAgQnVmZmVyZWRSZWFkZXIgYnVmZmVyZWRSZWFkZXIgPSBuZXcgQnVmZmVyZWRSZWFkZXIobmV3IElucHV0U3RyZWFtUmVhZGVyKG5ldyBGaWxlSW5wdXRTdHJlYW0oaW5kZXhGaWxlKSkpOwogICAgICAgICAgICB3aGlsZSAoKGxpbmUgPSBidWZmZXJlZFJlYWRlci5yZWFkTGluZSgpKSAhPSBudWxsKSB7CiAgICAgICAgICAgICAgICByZXNwb25zZSArPSBsaW5lOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHJlc3BvbnNlID0gcmVzcG9uc2UucmVwbGFjZUFsbCgiQ09OVEVOVF9QTEFDRU1FTlQiLCBvdXRwdXQpOwogICAgICAgICAgICBidWZmZXJlZFJlYWRlci5jbG9zZSgpOwogICAgICAgIH0gY2F0Y2ggKElPRXhjZXB0aW9uIGUpIHsKICAgICAgICAgICAgZS5wcmludFN0YWNrVHJhY2UoKTsKICAgICAgICB9CiAgICAgICAgdC5nZXRSZXNwb25zZUhlYWRlcnMoKS5hZGQoIkNvbnRlbnQtVHlwZSIsICJ0ZXh0L2h0bWwiKTsKICAgICAgICB0LnNlbmRSZXNwb25zZUhlYWRlcnMoMjAwLCByZXNwb25zZS5sZW5ndGgoKSk7CiAgICAgICAgT3V0cHV0U3RyZWFtIG9zID0gdC5nZXRSZXNwb25zZUJvZHkoKTsKICAgICAgICBvcy53cml0ZShyZXNwb25zZS5nZXRCeXRlcygpKTsKICAgICAgICBvcy5jbG9zZSgpOwogICAgfQogICAgCiAgICBzdGF0aWMgcHVibGljIE1hcDxTdHJpbmcsIFN0cmluZz4gcXVlcnlUb01hcChTdHJpbmcgcXVlcnkpIHsKICAgICAgICBNYXA8U3RyaW5nLCBTdHJpbmc+IHJlc3VsdCA9IG5ldyBIYXNoTWFwPD4oKTsKICAgICAgICBmb3IgKFN0cmluZyBwYXJhbSA6IHF1ZXJ5LnNwbGl0KCImIikpIHsKICAgICAgICAgICAgU3RyaW5nW10gZW50cnkgPSBwYXJhbS5zcGxpdCgiPSIpOwogICAgICAgICAgICBpZiAoZW50cnkubGVuZ3RoID4gMSkgeyAvLyBwcm9jZWVkIG9ubHkgd2hlbiB0aGVyZSBpcyBhIHBhaXIgb2YgcGFyYW1ldGVycwogICAgICAgICAgICAgICAgcmVzdWx0LnB1dChlbnRyeVswXSwgZW50cnlbMV0pOwogICAgICAgICAgICB9CiAgICAgICAgfQogICAgICAgIHJldHVybiByZXN1bHQ7CiAgICB9CiAgICAKICAgIHN0YXRpYyBwcml2YXRlIFN0cmluZyBnZW5lcmF0ZVNlY3VyZVBhc3N3b3JkKCkgewogICAgICAgIFN0cmluZyBwYXNzd29yZCA9ICJtYWdpY2FsbHlzZWN1cmUiOyAgCiAgICAgICAgUmFuZG9tIHJuZCA9IG5ldyBSYW5kb20oKTsKCiAgICAgICAgLy8gZ2VuZXJhdGUgYSByYW5kb20gbnVtYmVyIGJldHdlZW4gMCBhbmQgMjAgYW5kIGJhc2VkIG9uIHRoYXQsIGNyZWF0ZSBhIHBhc3N3b3JkCiAgICAgICAgSW50ZWdlciByYW5kb20gPSBybmQubmV4dEludCgyMCk7CgogICAgICAgIC8vIGxldCdzIGRvIHNvbWUgbWF0aCBvbiB0aGF0IG51bWJlcgogICAgICAgIC8vIGJ0dywgdGhpcyBjb2RlIGNhbiBiZSBydW4gb24gdGhlIHdlYnNpdGUgbGlrZSBodHRwczovL3cuLi5jb250ZW50LWF2YWlsYWJsZS10by1hdXRob3Itb25seS4uLmUuY29tL29ubGluZS1qYXZhLWNvbXBpbGVyCiAgICAgICAgLy8ganVzdCBkb24ndCBmb3JnZXQgdG8gaW1wb3J0IGphdmEudXRpbC5SYW5kb207IGF0IHRoZSB0b3Agb2YgdGhlIGNvZGUgZWRpdG9yCiAgICAgICAgcmFuZG9tID0gcmFuZG9tICogMTY1Nzg7CiAgICAgICAgcmFuZG9tID0gcmFuZG9tIF4gNjU0MzIxOwogICAgICAgIGZvciAoaW50IGkgPSAwOyBpIDwgcGFzc3dvcmQubGVuZ3RoKCk7IGkrKykgewogICAgICAgICAgICByYW5kb20gKz0gKGludClwYXNzd29yZC5jaGFyQXQoaSk7IC8vIGNvbnZlcnQgZXZlcnkgY2hhcmFjdGVyIGZyb20gcGFzc3dvcmQgdG8gYW4gaW50ZWdlciBhY2NvcmRpbmcgdG8gQVNDSUkgdGFibGUgYW5kIGFkZCB0aGF0IG51bWJlciB0byByYW5kb20KICAgICAgICB9CgogICAgICAgIHBhc3N3b3JkID0gcmFuZG9tLnRvU3RyaW5nKCk7CgogICAgICAgIHJldHVybiBwYXNzd29yZDsKICAgIH0KCn0=

Compilation error #stdin compilation error #stdout 0s 0KB

stdin

copy

Standard input is empty

compilation info

Main.java:17: error: class Challenge15 is public, should be declared in a file named Challenge15.java
public class Challenge15 {
       ^
1 error

stdout

copy

Standard output is empty

https://ideone.com/rJaWIA

language:

Java (HotSpot 12)

created:

visibility:

public

Share or Embed source code

Discover > Sphere Engine API

The brand new service which powers Ideone!

Discover > IDE Widget

Widget for compiling and running the source code in a web browser!

Discover > Sphere Engine API

Discover > IDE Widget

Choose your language