From d50576803920d55cd905c2930a0ed48159639350 Mon Sep 17 00:00:00 2001
From: Someone <someone@somenet.org>
Date: Wed, 4 Jun 2014 17:27:02 +0200
Subject: [PATCH] adapted to esse-CTF

---
 index.php    |  4 ++--
 submit.php   |  2 +-
 submitbot.py | 41 +++++++++++++++++++++++++++++++++++++----
 3 files changed, 40 insertions(+), 7 deletions(-)

diff --git a/index.php b/index.php
index 2fcd25f..3010eca 100644
--- a/index.php
+++ b/index.php
@@ -11,7 +11,7 @@
 
 $GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=postgres;user=postgres;password=dba');                                                                                                              
 $GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);                                                                                            
-$query = "SELECT * FROM flags WHERE (received + INTERVAL '90 minute') > now() ORDER BY received DESC";
+$query = "SELECT * FROM flags WHERE (received + INTERVAL '30 minute') > now() and char_length(flag) = 32 ORDER BY received DESC";
 
 ?>
 <!DOCTYPE html>
@@ -21,7 +21,7 @@ $query = "SELECT * FROM flags WHERE (received + INTERVAL '90 minute') > now() OR
   </head>
   <body>
     <h1>Submission Board</h1>
-    <p>Shows all submissions of the last 90 min<br>
+    <p>Shows all submissions of the last 30 min<br>
     NUM ROWS: <?php echo sizeof($GLOBALS['db']->query($query)->fetchAll()); ?></p>
     <table style="width: 100%">
       <thead>
diff --git a/submit.php b/submit.php
index f5ab2a6..3307d3f 100644
--- a/submit.php
+++ b/submit.php
@@ -20,7 +20,7 @@ if (strcmp($_SERVER['REQUEST_METHOD'],"GET") === 0 || strcmp($_SERVER['REQUEST_M
 }
 
 function handleRequest() {
-  if (isset($_REQUEST['flag']) && isset($_REQUEST['service'])) {
+  if (isset($_REQUEST['flag']) && isset($_REQUEST['service']) && strlen($_REQUEST['flag']) == 32 ) {
      insertData($_REQUEST['flag'],$_REQUEST['service']);
   } else {
      echo "<p><b>usage:</b><br>";
diff --git a/submitbot.py b/submitbot.py
index 1c92dd4..879e57a 100755
--- a/submitbot.py
+++ b/submitbot.py
@@ -11,14 +11,47 @@ import signal
 import mechanize
 
 def submit(flag):
+    submission_success = False
     print "submitting flag: "+flag
-    # TODO!!!!
+    browser = mechanize.Browser()
+    browser.open('http://10.10.40.200/SubmitFlagServlet')
+    
+    browser.select_form(nr=1)
+    browser.form["teamInput"] = "16"
+    browser.form["flagInput"] = flag
 
+    response = browser.submit()
+    resp = response.read()
+
+    if 'Status:scored' in resp:
+        return (1, 'Status:scored')
+      
+    if 'Status:resubmission' in resp:
+        return (2, 'Status:resubmission')
+      
+    if 'Status:denied' in resp:
+        return (3, 'Status:denied')
+      
+    if 'Status:expired' in resp:
+        return (2, 'Status:expired')
+      
+    if 'Status:error' in resp:
+        wantnext = False
+        servresponse = ""
+        for line in resp.splitlines():
+            if wantnext == True:
+                wantnext = False
+                servresponse = line
+            if 'Status:error' in line:
+                wantnext = True
+        return (2, 'Status:error::'+servresponse)
+    
     # RETURN (success?, srvresponse)
-    return (2, 'FAIL')
+    print resp
+    return (0, '')
   
 def main():
-    sleeptime = 3
+    sleeptime = 5
     dbconn = None
     while True:
         try:
@@ -45,7 +78,7 @@ def main():
                 time.sleep(sleeptime)
                 try:
                     cur = dbconn.cursor(cursor_factory=psycopg2.extras.DictCursor)
-                    cur.execute("SELECT * from flags where status = 0")
+                    cur.execute("SELECT * from flags where status = 0 or status = 3")
                     print "Fetched " + str(cur.rowcount) + " rows"
     #                rows = cur.fetchall()
                     for row in cur.fetchall():
-- 
2.43.0