-
-
Save SukkaW/80d5c5d30786a758fe1f014d6a48b799 to your computer and use it in GitHub Desktop.
USST Hackergame 2020
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM alpine:latest | |
EXPOSE 10120 | |
WORKDIR /var/www/html | |
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ | |
&& apk add nginx supervisor php7-fpm php7-session php7-json php7-gd php7-exif git wget unzip zip\ | |
&& mkdir -p /var/www/html/Public \ | |
&& wget https://release.larsjung.de/h5ai/h5ai-0.29.2.zip \ | |
&& unzip h5ai-0.29.2.zip \ | |
&& cp -rp /var/www/html/_h5ai /var/www/html/Public/_h5ai \ | |
&& rm h5ai-0.29.2.zip \ | |
&& mkdir /run/nginx | |
ADD ./supervisord.conf /etc/supervisor/conf.d/supervisord.conf | |
ADD ./nginx.conf /etc/nginx/nginx.conf | |
ADD ./php.ini /etc/php7/php.ini | |
RUN rm /etc/nginx/conf.d/default.conf | |
RUN chown -R nobody.nobody /var/www/html && \ | |
chown -R nobody.nobody /run && \ | |
chown -R nobody.nobody /var/lib/nginx && \ | |
chown -R nobody.nobody /var/log/nginx && \ | |
chown -R nobody.nobody /var/log/php7 | |
USER nobody | |
ADD --chown=nobody ./flag.txt /var/www/html/ | |
ADD --chown=nobody ./dockerfile ./nginx.conf /var/www/html/Public/ | |
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
worker_processes 1; | |
error_log stderr warn; | |
pid /run/nginx.pid; | |
user nobody; | |
events { | |
worker_connections 1024; | |
} | |
http { | |
include mime.types; | |
default_type application/octet-stream; | |
# Define custom log format to include reponse times | |
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' | |
'$status $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for" ' | |
'$request_time $upstream_response_time $pipe $upstream_cache_status'; | |
access_log /dev/stdout main_timed; | |
error_log /dev/stderr notice; | |
keepalive_timeout 65; | |
server_tokens off; | |
# Write temporary files to /tmp so they can be created as a non-privileged user | |
client_body_temp_path /tmp/client_temp; | |
proxy_temp_path /tmp/proxy_temp_path; | |
fastcgi_temp_path /tmp/fastcgi_temp; | |
uwsgi_temp_path /tmp/uwsgi_temp; | |
scgi_temp_path /tmp/scgi_temp; | |
server{ | |
# Docker 内部的地址,无关紧要 | |
listen 10120; | |
server_name _; | |
root /var/www/html; | |
index index.php index.html /_h5ai/public/index.php; | |
# _h5ai/private 文件夹下的内容是不可直接访问的,设置屏蔽 | |
location ~ _h5ai/private { | |
deny all; | |
} | |
# 根目录是私有目录,使用 basic auth 进行认证,只有我(超极致的小 C)自己可以访问 | |
location / { | |
auth_basic "easy h5ai. For visitors, please refer to public directory at `/Public!`"; | |
auth_basic_user_file /etc/nginx/conf.d/htpasswd; | |
} | |
# Public 目录是公开的,任何人都可以访问,便于我给大家分享文件 | |
location /Public { | |
allow all; | |
index /Public/_h5ai/public/index.php; | |
} | |
# PHP 的 fastcgi 配置,将请求转发给 php-fpm | |
location ~ \.php$ { | |
fastcgi_pass 127.0.0.1:9000; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
include fastcgi_params; | |
} | |
location ~ /\. { | |
log_not_found off; | |
deny all; | |
} | |
} | |
gzip on; | |
gzip_proxied any; | |
gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss; | |
gzip_vary on; | |
gzip_disable "msie6"; | |
# Include other server configs | |
include /etc/nginx/conf.d/*.conf; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import re | |
def to_upper(s): | |
r = re.compile('[fF][lL][aA][gG]') | |
if r.match(s): | |
print('how dare you') | |
elif s.upper() == 'FLAG': | |
print('yes, I will give you the flag') | |
print(open('/flag1').read()) | |
else: | |
print('%s' % s.upper()) | |
def to_utf8(s): | |
r = re.compile('[fF][lL][aA][gG]') | |
s = s.encode() # make it bytes | |
if r.match(s.decode()): | |
print('how dare you') | |
elif s.decode('utf-7') == 'flag': | |
print('yes, I will give you the flag') | |
print(open('/flag2').read()) | |
else: | |
print('%s' % s.decode('utf-7')) | |
def main(): | |
print('Welcome to the best string tool here!') | |
print('Brought to you by 233 PROUDLY') | |
print('') | |
print('Which tool do you want?') | |
print('1. Convert my string to UPPERCASE!!') | |
print('2. Convert my UTF-7 string to UTF-8!!') | |
choice = input() | |
if choice[0] == '1': | |
print('Welcome to the capitalizer tool, please input your string: ') | |
to_upper(input()) | |
elif choice[0] == '2': | |
print('Welcome to the UTF-7->UTF-8 tool, please input your string: ') | |
to_utf8(input()) | |
else: | |
print('I am confused, madam') | |
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// ==UserScript== | |
// @name Fuck Math | |
// @namespace http://tampermonkey.net/ | |
// @version 0.1 | |
// @description 你的数理基础很有问题 | |
// @author Sukka (https://skk.moe) | |
// @match http://202.38.93.111:10190 | |
// @grant GM_setClipboard | |
// @grant unsafeWindow | |
// ==/UserScript== | |
(function () { | |
const tex = document.querySelector('center').textContent; | |
const msg = document.querySelectorAll('.lead')[0]; | |
const btn = document.querySelectorAll('.lead')[1]; | |
msg.style.color = 'red'; | |
if (!tex.includes('$')) { | |
msg.textContent = '无法解析 Tex。请打开 DevTools,找到 tex-svg.js,在菜单中选择拦截请求「Block Request URL」,然后刷新页面'; | |
return; | |
} | |
let up_limit; | |
let down_limit; | |
const matlab = tex | |
.replace(/\$/g, '') | |
.replace(/\\frac{x\^\{2\} \+ 1}{2 \\, x}/gm, '((x^2+1)/(2*x))') | |
.replace(/\\frac{x\^\{2\} - 1}{2 \\, x}/gm, '((x^2-1)/(2*x))') | |
.replace(/\\ln\\left\((.+?)\\right\)/g, ($, s) => `log(${s})`) // ln,在 MatLab 中是 log() | |
.replace(/\\left\(/g, '(') // 左括号 | |
.replace(/\\right\)/g, ')') // 右括号 | |
.replace(/\\frac{(.+?)}{(.+?)}/gm, ($, a, b) => `((${a})/(${b}))`) // 分数 | |
.replace(/e\^{(.+?)}/gm, ($, s) => `exp(${s})`) | |
.replace(/\\(cos|sin|cosh|sinh|arcnatn)\((.+?)\)/g, ($, a, s) => `${a}(${s})`) // sin cos sinh cosh arctan | |
.replace(/\\frac{(.+?)}{(.+?)}/gm, ($, up, down) => `((${up})/(${down}))`) // 分数 | |
.replace(/\\,x/g, '*x').replace(/x\\,/g, 'x*').replace(/ \\, /g, '*') | |
.replace(/\s(\+|-)\s/g, ($, s) => s) | |
.replace(/\\int_{(.+?)}\^{(.+?)}/, ($, down, up) => { | |
up_limit = up; // 上极限 | |
down_limit = down; // 下极限 | |
return ' roundn(double(int(' // roundn 取小数点、double 取值、int 算定积分 | |
}) | |
.replace(/\\sqrt{(.+?)}/g, ($, x) => `sqrt(${x})`) // 根号 | |
.replace(/e\^{(.+?)}/g, ($, s) => `exp(${s})`) // e^n | |
.replace('\\,{d x}', `,${down_limit},${up_limit})), -6)`) // 替换 dx 为 MatLab 的结束函数 | |
.replace('*{d x}', `,${down_limit},${up_limit})), -6)`) // 替换 dx 为 MatLab 的结束函数 | |
.replace(/\^{(.+?)}/g, ($, s) => `^(${s})`) | |
.replace(/{\(/g, '(') .replace(/\)}/g, ')') | |
.replace(/\) (log|sqrt|sinh|cosh|sin|cos|exp|atan)\(/g, ($, s) => `)*${s}(`) | |
.replace(/\x (log|sqrt|sinh|cosh|sin|cos|exp|atan)\(/g, ($, s) => `x*${s}(`) | |
.replace(/\) \(/g, ')*('); | |
btn.innerHTML = '<button onclick="window.location.reload()">下一题</button>' | |
if (matlab.includes('{') || matlab.includes('}')) { | |
msg.textContent = '这道题不能解析!'; | |
console.log(matlab); | |
setTimeout(() => window.location.reload(), 500); | |
} else { | |
msg.innerText = ('本题可以解析: \n' + matlab + '\n MatLab 表达式已经复制到剪贴板中') | |
GM_setClipboard(matlab.trim(), 'text'); | |
} | |
})(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
nb! 数理基础我拿着微软的api做的。。