From 126abd79db572f0dbc384d76ca3a5469120d2927 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 3 Nov 2016 20:16:18 +0100 Subject: [PATCH] post ictf --- flag_ids.php | 50 ++++++++++++++++++++++++++ flagbot.py | 90 +++++++++++++++++++++++++++++----------------- get_targets.php | 2 +- index.php | 2 +- index_flag_ids.php | 3 +- 5 files changed, 112 insertions(+), 35 deletions(-) create mode 100644 flag_ids.php diff --git a/flag_ids.php b/flag_ids.php new file mode 100644 index 0000000..d4affe2 --- /dev/null +++ b/flag_ids.php @@ -0,0 +1,50 @@ + +* do not publish! +*/ + +$GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=flagbot;user=flagbot;password=flagbotpw'); +$GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); +$query = "SELECT service,count(*) as cnt FROM flag_ids WHERE (received + INTERVAL '30 minute') > now() group by service ORDER BY service"; + +?> + + + + + + +

Submission Board - flag_id - count()

+

go to flags

+

Shows all submissions of the last 30 min
+ NUM ROWS: query($query)->fetchAll()); ?>

+ + + + + + + + + query($query); + while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { + ?> + + + + + + +
servicecount
  
+

Status: 0=new; 1=depleted

+ + diff --git a/flagbot.py b/flagbot.py index ce904b7..b336549 100644 --- a/flagbot.py +++ b/flagbot.py @@ -21,42 +21,48 @@ dbconnstring = "host=127.0.0.1 port=5432 dbname=flagbot user=flagbot password=fl def login(force = False): global team if force == True or team is None: - team = ictf.iCTF().login(# TODO: insert credentials here - print("login(): logged in.") + team = ictf.iCTF().login('georg@iseclab.org','8u6kNdUcsxE6sEkT') + print("login(): logged in.") def getTargets(): - print("getTargets(): starting...") + print("getTargets() starting...") login(True) global team service_list = team.get_service_list() - service_names = [s['service_name'] for s in service_list] + service_names = [s['service_name'].encode("ascii") for s in service_list] + import pprint + pprint.pprint(service_names) try: - dbconn = psycopg2.connect(dbconnstring) - cur = dbconn.cursor() for service in service_names: try: +# print("getTargets() getting for:"+service) targets = team.get_targets(service) - for target in targets: + for target in targets['targets']: try: -# TODO: wait for ictf folks to finish this one! - cur.execute("INSERT INTO flag_ids (service, host, flag_id) VALUES (%s, %s, %s)", (service, target['ip'], target['flag_id'])) + dbconn = psycopg2.connect(dbconnstring) + cur = dbconn.cursor() + cur.execute("INSERT INTO flag_ids (service, team, host, port, flag_id) VALUES (%s, %s, %s, %s, %s)", + (service, target['team_name'], target['ip_address'], target['port'], target['flag_id'])) dbconn.commit() except psycopg2.DatabaseError as e: - pass + pass +# print 'getTargets()Error %s' % e +# print "getTargets() Unexpected error:", sys.exc_info()[0] + try: + dbconn.close() + except psycopg2.DatabaseError as e: + print 'getTargets()Error %s' % e + dbconn = None + except Exception as e: - print 'Error %s' % e - print "Unexpected error:", sys.exc_info()[0] + print 'getTargets()Error %s' % e + print "getTargets() Unexpected error:", sys.exc_info()[0] except Exception as e: - print 'Error %s' % e + print 'getTargets() Error %s' % e print "Unexpected error:", sys.exc_info()[0] - try: - dbconn.close() - except psycopg2.DatabaseError as e: - print 'Error %s' % e - dbconn = None time.sleep(5.0) gettargetth = threading.Timer(0.5, getTargets) @@ -64,27 +70,45 @@ def getTargets(): print("getTargets(): ended") def submitFlags(): - print("submitFlags(): starting...") + print("submitFlag(): starting...") login() global team try: dbconn = psycopg2.connect(dbconnstring) cur = dbconn.cursor(cursor_factory=psycopg2.extras.DictCursor) - cur.execute("SELECT * from flags where status = 0 or status = 3 limit 500") - print "Fetched " + str(cur.rowcount) + " rows" + cur.execute("SELECT * from flags where status = 0 or status = 3 order by random() limit 50") + print "submitFlag() submitting " + str(cur.rowcount) + " flags" for row in cur.fetchall(): try: -# TODO: wait for ictf folks to finish this one! - print("Would submit:"+row['flag']) result = team.submit_flag([row['flag']]) -# TODO: wait for ictf folks to finish this one! -# if "correct" in result: -# cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), " -# "status = %s, srvresponse = %s WHERE fid = %s", -# (1, "correct", row['fid'])) -# TODO: wait for ictf folks to finish this one! + if "correct" in result: + cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), " + "status = %s, srvresponse = %s WHERE fid = %s", + (1, result, row['fid'])) + + elif "already" in result: + cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), " + "status = %s, srvresponse = %s WHERE fid = %s", + (2, result, row['fid'])) + + elif "notactive" in result: + cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), " + "status = %s, srvresponse = %s WHERE fid = %s", + (2, result, row['fid'])) + + elif "incorrect" in result: + cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), " + "status = %s, srvresponse = %s WHERE fid = %s", + (2, result, row['fid'])) + + else: + import pprint + pprint.pprint(result) + cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), " + "status = %s, srvresponse = %s WHERE fid = %s", + (3, result, row['fid'])) dbconn.commit() except psycopg2.DatabaseError as e: @@ -104,15 +128,17 @@ def submitFlags(): submitth = threading.Timer(0.5, submitFlags) submitth.setDaemon(True) submitth.start() - print("submitFlags(): ended") + print("submitFlag(): ended") def main(): print "*** starting ..." dbconn = psycopg2.connect("host=127.0.0.1 port=5432 dbname=flagbot user=flagbot password=flagbotpw") cur = dbconn.cursor() cur.execute("CREATE TABLE IF NOT EXISTS flag_ids (" - "service character varying(32) NOT NULL," - "host character varying(32) NOT NULL," + "service character varying(64) NOT NULL," + "team character varying(64) NOT NULL," + "host character varying(10) NOT NULL," + "port character varying(10) NOT NULL," "flag_id character varying(128) NOT NULL," "received timestamp without time zone NOT NULL DEFAULT date_trunc('second'::text, now())," "handed_out timestamp without time zone," diff --git a/get_targets.php b/get_targets.php index a12d3f5..32650b3 100644 --- a/get_targets.php +++ b/get_targets.php @@ -31,7 +31,7 @@ function handleRequest() { function getTargets($service) { try { - $stmt = $GLOBALS['db']->prepare("SELECT * FROM flag_ids WHERE (received + INTERVAL '300 minute') > now() and service = ? and status = 0 ORDER BY received DESC"); + $stmt = $GLOBALS['db']->prepare("SELECT * FROM flag_ids WHERE (received + INTERVAL '30 minute') > now() and service = ? and status = 0 ORDER BY received DESC"); $stmt->execute(array($service)); $targets = $stmt->fetchAll(PDO::FETCH_ASSOC); echo json_encode($targets); diff --git a/index.php b/index.php index 59aab90..453fdb2 100644 --- a/index.php +++ b/index.php @@ -11,7 +11,7 @@ $GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=flagbot;user=flagbot;password=flagbotpw'); $GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); -$query = "SELECT * FROM flags WHERE (received + INTERVAL '30 minute') > now() ORDER BY received DESC"; +$query = "SELECT * FROM flags WHERE not (received + INTERVAL '30 minute') > now() ORDER BY received DESC"; ?> diff --git a/index_flag_ids.php b/index_flag_ids.php index 2b96aa6..b79883c 100644 --- a/index_flag_ids.php +++ b/index_flag_ids.php @@ -28,8 +28,8 @@ $query = "SELECT * FROM flag_ids WHERE (received + INTERVAL '30 minute') > now() service + team flag_id - host received status @@ -41,6 +41,7 @@ $query = "SELECT * FROM flag_ids WHERE (received + INTERVAL '30 minute') > now() ?>   +       -- 2.43.0