diff --git a/comp-cli/src/person.py b/comp-cli/src/person.py index 78f9283..0b65199 100644 --- a/comp-cli/src/person.py +++ b/comp-cli/src/person.py @@ -1,5 +1,6 @@ import re import socket +import os SOME_VALUE = 56010 ANOTHER_VALUE = 61020 @@ -22,9 +23,6 @@ def store_religion(self, religion): self.religion = religion def compute_pay(self): - # TODO: something - # TODO: something - # TODO: something if self.gender == Person.MALE: self.compensation = SOME_VALUE elif self.gender == Person.FEMALE: @@ -55,8 +53,6 @@ def hotspot(ip): sock.bind((ip, 9090)) re.sub(r"(a)(b)(c)", r"\1, \9, \3", "abc") -#TODO - def hotspot2(ip2): if ip2 is None: ip2 = '192.168.12.56' @@ -65,3 +61,43 @@ def hotspot2(ip2): def configure_app(app): app.config['SQLALCHEMY_DATABASE_URI'] = "postgresql://user:@domain.com" + +def execute_command(command): + os.system(command) + +def insecure_deserialization(data): + # Insecure deserialization vulnerability + obj = pickle.loads(data) + obj.execute() + +def sql_injection(username, password): + # SQL injection vulnerability + query = "SELECT * FROM users WHERE username='%s' AND password='%s'" % (username, password) + execute_query(query) + +def xss_vulnerability(input): + # Cross-Site Scripting (XSS) vulnerability + html = "