1
post http://10.1.219.30/flag.php
2
123456789

1
from flask import Flask as app_class, render_template as render_template, request as request, render_template_string as render_template_string
2
import os as os
3
import random as random
4

5
app = app_class(__name__)
6

7
class CharacterProcessor:
8
    def __init__(self):
9
        self.character_map = {'\\\'': "'", '"': '"', '`': '`'}
10

11
    def convert_character(self, data_stream):
12
        if not isinstance(data_stream, str):
13
            return data_stream
14
        else:
15
            return ''.join([char for char in data_stream if char not in self.character_map.values()])
16

17
    def execute_cleanup(self, input_sequence):
18
        return self.convert_character(input_sequence)
19

20
def generate_template_wrapper(content_data):
21
    return<html<body<h1>Query Results</h1<p>Parsed content: " + str(content_data) + "</p<p<a href='/'>Go back to home</a></p></body></html>"
22

23
app.add_route('/', lambda: render_template('index.html'))
24
app.add_route('/audit', lambda: render_template_string(generate_template_wrapper(processor_instance.execute_cleanup(request.args.get('query', 'default content'))))
25

26
if __name__ == '__main__':
27
    app.run(host='0.0.0.0', port=80, debug=True)

1
26c39cf8-55fb-4899-82bc-442cf4627d95.jpg+6e17fffa-b696-4769-9b43-e0f453f8098d.jpg+7a19da17-9f4a-411b-bac7-83d2454d868a.jpg+897a3a87-dfcf-4233-8097-6bba2e6507ba.jpg+c6b1099a-d626-4cbd-94fc-32aa46ffb02b.jpg+d5117480-7943-48f8-9e79-67fdd51092d2.jpg

1
import csv
2
from datetime import datetime
3

4
def validate_id_number(id_num):
5
    if len(id_num) != 18:
6
        return False
7
    if not id_num[:-1].isdigit():
8
        return False
9
    if not (id_num[-1].isdigit() or id_num[-1] == 'X'):
10
        return False
11
    weights = [7, 9, 10, 5, 8, 4, 2, 1, 6, 3, 7, 9, 10, 5, 8, 4, 2]
12
    digits = id_num[:17]
13
    s = 0
14
    for i in range(17):
15
        s += int(digits[i]) * weights[i]
16
    remainder = s % 11
17
    check_chars = {0: '1', 1: '0', 2: 'X', 3: '9', 4: '8', 5: '7', 6: '6', 7: '5', 8: '4', 9: '3', 10: '2'}
18
    expected_char = check_chars[remainder]
19
    if id_num[-1].upper() != expected_char:
20
        return False
21
    return True
22

23
def validate_gender(id_num, gender):
24
    if len(id_num) != 18:
25
        return False
26
    try:
27
        gender_code = int(id_num[16])
28
        if gender_code % 2 == 1:  # odd, male
29
            if gender != '男':
30
                return False
31
        else:  # even, female
32
            if gender != '女':
33
                return False
34
    except ValueError:
35
        return False
36
    return True
37

38
def validate_birth_date(id_num, birth_date):
39
    if len(id_num) != 18:
40
        return False
41
    id_birth_str = id_num[6:14]
42
    y = id_birth_str[0:4]
43
    m = id_birth_str[4:6]
44
    d = id_birth_str[6:8]
45
    id_birth_clean = f"{y}-{m}-{d}"
46
    if birth_date != id_birth_clean:
47
        return False
48
    return True
49

50
def validate_phone(phone):
51
    if len(phone) != 11:
52
        return False
53
    if not phone.isdigit():
54
        return False
55
    if phone[0] != '1':
56
        return False
57
    return True
58

59
def validate_time_logic(birth_date_str, register_time_str, last_login_time_str):
60
    try:
61
        birth_date = datetime.strptime(birth_date_str, '%Y-%m-%d').date()
62
        register_time = datetime.strptime(register_time_str, '%Y-%m-%d %H:%M:%S')
63
        last_login_time = datetime.strptime(last_login_time_str, '%Y-%m-%d %H:%M:%S')
64
    except ValueError:
65
        return False
66
    if birth_date > register_time.date():
67
        return False
68
    if register_time > last_login_time:
69
        return False
70
    return True
71

72
def validate_name(name):
73
    if len(name)< 2 or len(name) > 4:
74
        return False
75
    for char in name:
76
        if not ('\u4e00' <= char <= '\u9fa5'):
77
            return False
78
    return True
79

80
input_file = 'data.csv'
81
output_file = 'clean_data.csv'
82

83
with open(input_file, 'r', newline='') as infile, open(output_file, 'w', newline='') as outfile:
84
    reader = csv.DictReader(infile)
85
    fieldnames = reader.fieldnames
86
    writer = csv.DictWriter(outfile, fieldnames=fieldnames)
87
    writer.writeheader()
88
    for row in reader:
89
        if (validate_id_number(row['身份证号']) and
90
            validate_gender(row['身份证号'], row['性别']) and
91
            validate_birth_date(row['身份证号'], row['出生日期']) and
92
            validate_phone(row['手机号']) and
93
            validate_time_logic(row['出生日期'], row['注册时间'], row['最后登录时间']) and
94
            validate_name(row['姓名'])):
95
            writer.writerow(row)

1
import pandas as pd
2
from datetime import datetime, timedelta
3

4
# 定义商品类型价格范围
5
price_ranges = {
6
    '电子产品': (100, 5000),
7
    '服装鞋包': (50, 1000),
8
    '家居用品': (30, 2000),
9
    '美妆护肤': (20, 800),
10
    '食品饮料': (5, 300),
11
    '图书文具': (5, 200),
12
    '运动户外': (50, 3000)
13
}
14

15
# 定义银行卡Luhn算法验证函数
16
def luhn_checksum(card):
17
    def digits_of(n):
18
        return [int(d) for d in str(n)]
19
    digits = digits_of(card)
20
    if len(digits) % 2 == 0:
21
        odd_digits = digits[-1::-2]
22
        even_digits = digits[-2::-2]
23
    else:
24
        odd_digits = digits[-2::-2]
25
        even_digits = digits[-1::-2]
26
    checksum = 0
27
    checksum += sum(odd_digits)
28
    for d in even_digits:
29
        d *= 2
30
        if d > 9:
31
            d -= 9
32
        checksum += d
33
    return checksum % 10 == 0
34

35
# 读取CSV文件
36
df = pd.read_csv('data.csv')
37

38
# 1. 金额异常检测
39
amount_anomalies = []
40
for _, row in df.iterrows():
41
    product_type = row['商品类型']
42
    amount = row['订单金额']
43
    min_price, max_price = price_ranges.get(product_type, (0, 0))
44
    if amount< min_price or amount > max_price:
45
        user_id = row['用户ID']
46
        user_anomaly = next((a for a in amount_anomalies if a['用户ID'] == user_id), None)
47
        if user_anomaly:
48
            # 已经存在，不重复添加
49
            pass
50
        else:
51
            amount_anomalies.append({'用户ID': user_id, '异常类型': '金额异常'})
52

53
# 2. 银行卡异常检测
54
card_anomalies = []
55

56
# 2.1 格式验证
57
for _, row in df.iterrows():
58
    card = str(row['银行卡号']).strip()
59
    if len(card)< 16 or len(card) > 19 or not card.isdigit():
60
        user_id = row['用户ID']
61
        user_anomaly = next((a for a in card_anomalies if a['用户ID'] == user_id and a['异常类型'] == '银行卡异常'), None)
62
        if not user_anomaly:
63
            card_anomalies.append({'用户ID': user_id, '异常类型': '银行卡异常'})
64

65
# 2.2 Luhn算法验证
66
for _, row in df.iterrows():
67
    card = str(row['银行卡号']).strip()
68
    if not luhn_checksum(card):
69
        user_id = row['用户ID']
70
        user_anomaly = next((a for a in card_anomalies if a['用户ID'] == user_id and a['异常类型'] == '银行卡异常'), None)
71
        if not user_anomaly:
72
            card_anomalies.append({'用户ID': user_id, '异常类型': '银行卡异常'})
73

74
# 3. 频率异常检测
75
# 将下单时间转换为datetime对象
76
df['下单时间'] = pd.to_datetime(df['下单时间'])
77
df['小时'] = df['下单时间'].dt.floor('H')
78

79
# 按用户ID和小时分组，统计订单数
80
frequency_counts = df.groupby(['用户ID', '小时']).size().reset_index(name='订单数')
81

82
# 找出在任意1小时内订单数超过10的用户
83
frequency_anomalies = []
84
for _, row in frequency_counts.iterrows():
85
    if row['订单数'] > 10:
86
        user_id = row['用户ID']
87
        user_anomaly = next((a for a in frequency_anomalies if a['用户ID'] == user_id), None)
88
        if not user_anomaly:
89
            frequency_anomalies.append({'用户ID': user_id, '异常类型': '频率异常'})
90

91
# 合并所有异常
92
all_anomalies = amount_anomalies + card_anomalies + frequency_anomalies
93

94
# 去重：同一用户同一异常类型只保留一条记录
95
unique_anomalies = []
96
for anomaly in all_anomalies:
97
    key = (anomaly['用户ID'], anomaly['异常类型'])
98
    if key not in [tuple(u.items()) for u in unique_anomalies]:
99
        unique_anomalies.append(anomaly)
100

101
# 转换为DataFrame并保存为CSV
102
anomaly_df = pd.DataFrame(unique_anomalies)
103
anomaly_df.to_csv('output.csv', index=False)
104

105
print("异常检测完成，结果保存在output.csv中")