From 7c9735ff2eec2b7415fae966dea97b747a9ab64b Mon Sep 17 00:00:00 2001 From: Hunter Date: Sun, 17 Jun 2018 17:27:15 -0400 Subject: [PATCH] Some more --- __init__.py | 87 +++++++++++++++++++++- assets/autogen-challenge-create.js | 29 ++++++++ assets/autogen-challenge-create.njk | 104 ++++++++++++++++++++++++++ assets/autogen-challenge-modal.js | 34 +++++++++ assets/autogen-challenge-modal.njk | 104 ++++++++++++++++++++++++++ assets/autogen-challenge-update.js | 51 +++++++++++++ assets/autogen-challenge-update.njk | 110 ++++++++++++++++++++++++++++ generators/__init__.py | 2 +- 8 files changed, 517 insertions(+), 4 deletions(-) create mode 100644 assets/autogen-challenge-create.js create mode 100644 assets/autogen-challenge-create.njk create mode 100644 assets/autogen-challenge-modal.js create mode 100644 assets/autogen-challenge-modal.njk create mode 100644 assets/autogen-challenge-update.js create mode 100644 assets/autogen-challenge-update.njk diff --git a/__init__.py b/__init__.py index d7f7eb5..3d82507 100644 --- a/__init__.py +++ b/__init__.py @@ -14,7 +14,7 @@ def create(request): files = request.files.getlist('files[]') # Create challenge - chal = GenFlags( + chal = GenFlagCDBM( name=request.form['name'], value=request.form['value'], category=request.form['category'], @@ -46,6 +46,86 @@ def create(request): db.session.commit() + @staticmethod + def read(challenge, team): + challenge = GenFlagCDBM.query.filter_by(id=challenge.id).first() + data = { + 'id': challenge.id, + 'name': challenge.name, + 'value': challenge.value, + 'description': challenge.description, + 'category': challenge.category, + 'hidden': challenge.hidden, + 'max_attempts': challenge.max_attempts, + 'type': challenge.type, + 'type_data': { + 'id': GenFlagCDBM.id, + 'name': GenFlagCDBM.name, + 'templates': GenFlagCDBM.templates, + 'scripts': GenFlagCDBM.scripts, + } + } + return challenge, data + + @staticmethod + def update(challenge, request): + challenge = GenFlagCDBM.query.filter_by(id=challenge.id).first() + + challenge.name = request.form['name'] + challenge.description = request.form['description'] + challenge.value = int(request.form.get('value', 0)) if request.form.get('value', 0) else 0 + challenge.max_attempts = int(request.form.get('max_attempts', 0)) if request.form.get('max_attempts', 0) else 0 + challenge.category = request.form['category'] + challenge.hidden = 'hidden' in request.form + + db.session.commit() + db.session.close() + + @staticmethod + def delete(challenge): + WrongKeys.query.filter_by(chalid=challenge.id).delete() + Solves.query.filter_by(chalid=challenge.id).delete() + Keys.query.filter_by(chal=challenge.id).delete() + files = Files.query.filter_by(chal=challenge.id).all() + for f in files: + utils.delete_file(f.id) + Files.query.filter_by(chal=challenge.id).delete() + Tags.query.filter_by(chal=challenge.id).delete() + Hints.query.filter_by(chal=challenge.id).delete() + GenFlagCDBM.query.filter_by(id=challenge.id).delete() + GenFlagsMap.query.filter_by(id=challenge.id).delete() + Challenges.query.filter_by(id=challenge.id).delete() + db.session.commit() + + @staticmethod + def attempt(chal, request): + provided_key = request.form['key'].strip() + chal_keys = GenFlagsMap.query.filter_by(chal=team.id).all() + for chal_key in chal_keys: + if get_key_class(chal_key.type).compare(chal_key, provided_key): + return True, 'Correct' + return False, 'Incorrect' + + @staticmethod + def solve(team, chal, request): + chal = GenFlagCDBM.query.filter_by(id=chal.id).first() + solve_count = Solves.query.join(Teams, Solves.teamid == Teams.id).filter(Solves.chalid==chal.id, Teams.banned==False).count() + + provided_key = request.form['key'].strip() + solve = Solves(teamid=team.id, chalid=chal.id, ip=utils.get_ip(req=request), flag=provided_key) + db.session.add(solve) + + db.session.commit() + db.session.close() + + @staticmethod + def fail(team, chal, request): + provided_key = request.form['key'].strip() + wrong = WrongKeys(teamid=team.id, chalid=chal.id, ip=utils.get_ip(request), flag=provided_key) + db.session.add(wrong) + db.session.commit() + db.session.close() + class GenFlagCDBM(challenges): __mapper_args__ = {'polymorphic_identity': 'genflags'} @@ -61,15 +141,16 @@ def __init__(self, name, value, category, type='genflag', key, generator): self.key = key self.generator = generator -class GenFlags(db.model): +class GenFlagsMap(db.model): id = db.Column(Integer, db.ForeignKey('challenges.id')) teamid = db.Column(None, db.ForeignKey('teams.id'), primary_key=True) description = db.Column(db.Text) flag = db.Column(db.Text) - def __init__(self, teamid, description, flag): + def __init__(self, teamid, description, type, flag): self.teamid = teamid self.flag = flag + self.type = type self.description = description def load(app): diff --git a/assets/autogen-challenge-create.js b/assets/autogen-challenge-create.js new file mode 100644 index 0000000..968a425 --- /dev/null +++ b/assets/autogen-challenge-create.js @@ -0,0 +1,29 @@ +// Markdown Preview +$('#desc-edit').on('shown.bs.tab', function (event) { + if (event.target.hash == '#desc-preview'){ + var editor_value = $('#desc-editor').val(); + $(event.target.hash).html( + window.challenge.render(editor_value) + ); + } +}); +$('#new-desc-edit').on('shown.bs.tab', function (event) { + if (event.target.hash == '#new-desc-preview'){ + var editor_value = $('#new-desc-editor').val(); + $(event.target.hash).html( + window.challenge.render(editor_value) + ); + } +}); +$("#solve-attempts-checkbox").change(function() { + if(this.checked) { + $('#solve-attempts-input').show(); + } else { + $('#solve-attempts-input').hide(); + $('#max_attempts').val(''); + } +}); + +$(document).ready(function(){ + $('[data-toggle="tooltip"]').tooltip(); +}); diff --git a/assets/autogen-challenge-create.njk b/assets/autogen-challenge-create.njk new file mode 100644 index 0000000..2589c69 --- /dev/null +++ b/assets/autogen-challenge-create.njk @@ -0,0 +1,104 @@ +
+
+ Autogen challenges create a unique flag for each team. A challenge is passed to a generator class, and the class returns the generated flag. +
+ +
+ + +
+
+ + +
+ + + +
+
+
+ + +
+
+
+
+
+ +
+ + +
+ +
+ +
+ +
+ +
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+ +
+ +
+ + + Attach multiple files using Control+Click or Cmd+Click. +
+ + + + +
+ +
+
diff --git a/assets/autogen-challenge-modal.js b/assets/autogen-challenge-modal.js new file mode 100644 index 0000000..9ff5240 --- /dev/null +++ b/assets/autogen-challenge-modal.js @@ -0,0 +1,34 @@ +window.challenge.renderer = new markdownit({ + html: true, +}); + +window.challenge.preRender = function () { + +}; + +window.challenge.render = function (markdown) { + return window.challenge.renderer.render(markdown); +}; + + +window.challenge.postRender = function () { + +}; + +window.challenge.submit = function (cb, preview) { + var chal_id = $('#chal-id').val(); + var answer = $('#answer-input').val(); + var nonce = $('#nonce').val(); + + var url = "/chal/"; + if (preview) { + url = "/admin/chal/"; + } + + $.post(script_root + url + chal_id, { + key: answer, + nonce: nonce + }, function (data) { + cb(data); + }); +}; diff --git a/assets/autogen-challenge-modal.njk b/assets/autogen-challenge-modal.njk new file mode 100644 index 0000000..e3fe4a3 --- /dev/null +++ b/assets/autogen-challenge-modal.njk @@ -0,0 +1,104 @@ + diff --git a/assets/autogen-challenge-update.js b/assets/autogen-challenge-update.js new file mode 100644 index 0000000..842dbd4 --- /dev/null +++ b/assets/autogen-challenge-update.js @@ -0,0 +1,51 @@ +$('#submit-key').click(function (e) { + submitkey($('#chalid').val(), $('#answer').val()) +}); + +$('#submit-keys').click(function (e) { + e.preventDefault(); + $('#update-keys').modal('hide'); +}); + +$('#limit_max_attempts').change(function() { + if(this.checked) { + $('#chal-attempts-group').show(); + } else { + $('#chal-attempts-group').hide(); + $('#chal-attempts-input').val(''); + } +}); + +// Markdown Preview +$('#desc-edit').on('shown.bs.tab', function (event) { + if (event.target.hash == '#desc-preview') { + var editor_value = $('#desc-editor').val(); + $(event.target.hash).html( + window.challenge.render(editor_value) + ); + } +}); +$('#new-desc-edit').on('shown.bs.tab', function (event) { + if (event.target.hash == '#new-desc-preview') { + var editor_value = $('#new-desc-editor').val(); + $(event.target.hash).html( + window.challenge.render(editor_value) + ); + } +}); + +function loadchal(id, update) { + $.get(script_root + '/admin/chal/' + id, function(obj){ + $('#desc-write-link').click(); // Switch to Write tab + if (typeof update === 'undefined') + $('#update-challenge').modal(); + }); +} + +function openchal(id){ + loadchal(id); +} + +$(document).ready(function(){ + $('[data-toggle="tooltip"]').tooltip(); +}); diff --git a/assets/autogen-challenge-update.njk b/assets/autogen-challenge-update.njk new file mode 100644 index 0000000..4fb86d2 --- /dev/null +++ b/assets/autogen-challenge-update.njk @@ -0,0 +1,110 @@ + diff --git a/generators/__init__.py b/generators/__init__.py index 0364711..ae2e8c3 100644 --- a/generators/__init__.py +++ b/generators/__init__.py @@ -7,7 +7,7 @@ def genflag(challenge): # Override this method pass """ -Global dictionary used to hold all gnerators. +Global dictionary used to hold all generators. Insert into this dictionary to register your generator """ GENERATOR_CLASSES = {}