From dac5796cd872b7c82681e61863fc098733dfb473 Mon Sep 17 00:00:00 2001
From: root <you@example.com>
Date: Sat, 12 Nov 2016 16:30:06 +0100
Subject: [PATCH] 	modified:   index.php

---
 index.php              |  4 +--
 index_serviceflags.php | 58 ++++++++++++++++++++++++++++++++++++++++++
 submitbot_tcp.py       | 40 ++++++++++++-----------------
 3 files changed, 76 insertions(+), 26 deletions(-)
 create mode 100644 index_serviceflags.php

diff --git a/index.php b/index.php
index 453fdb2..1b4e951 100644
--- a/index.php
+++ b/index.php
@@ -11,7 +11,7 @@
 
 $GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=flagbot;user=flagbot;password=flagbotpw');
 $GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-$query = "SELECT * FROM flags WHERE not (received + INTERVAL '30 minute') > now() ORDER BY received DESC";
+$query = "SELECT * FROM flags WHERE (received + INTERVAL '30 minute') > now() ORDER BY received DESC";
 
 ?>
 <!DOCTYPE html>
@@ -21,7 +21,7 @@ $query = "SELECT * FROM flags WHERE not (received + INTERVAL '30 minute') > now(
   </head>
   <body>
     <h1>Submission Board - Flags</h1>
-    <p><a href="./index_flag_ids.php">go to flag_ids</a></p>
+    <p><a href="./index_serviceflags.php">Service + Exploit flags</a> <a href="./index_serviceflags.php?all">Alltime Service + Exploit flags</a> <a href="./index.php">Flaglist</a> <a href="./index_flag_ids.php">go to flag_ids</a></p>
     <p>Shows all submissions of the last 30 min<br>
     NUM ROWS: <?php echo sizeof($GLOBALS['db']->query($query)->fetchAll()); ?></p>
     <table style="width: 100%">
diff --git a/index_serviceflags.php b/index_serviceflags.php
new file mode 100644
index 0000000..6f21360
--- /dev/null
+++ b/index_serviceflags.php
@@ -0,0 +1,58 @@
+<?php
+/** board script
+* Displayes the submitted flowIDs of the
+* last X time with meta information
+* If the submission to gameserver was successfull (submitsuccess)
+* and we got points for it (scoresuccess) it should be green bg
+*
+* 2014-16 by Jan "Someone" Vales <someone@somenet.org>
+* do not publish!
+*/
+
+$GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=flagbot;user=flagbot;password=flagbotpw');
+$GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+$query = "SELECT count(*) as count , submitter, service, status FROM flags WHERE (received + INTERVAL '30 minute') > now()  group by submitter, service, status order by count DESC";
+
+if (isset($_REQUEST['all'])) $query = "SELECT count(*) as count , submitter, service, status FROM flags group by submitter, service, status order by count DESC";
+
+?>
+<!DOCTYPE html>
+  <html>
+  <head>
+    <link rel="stylesheet" type="text/css" href="styles.css"></link>
+  </head>
+  <body>
+    <h1>Submission Board - Services/Exploits and their Flags</h1>
+    <p><a href="./index_serviceflags.php">Service + Exploit flags</a> <a href="./index_serviceflags.php?all">Alltime Service + Exploit flags</a> <a href="./index.php">Flaglist</a> <a href="./index_flag_ids.php">go to flag_ids</a></p>
+    <?php if (!isset($_REQUEST['all'])) echo '<p>Shows all submissions of the last 30 min<br>'; ?>
+
+    NUM ROWS: <?php echo sizeof($GLOBALS['db']->query($query)->fetchAll()); ?></p>
+    <table style="width: 100%">
+      <thead>
+        <tr>
+            <th>count</th>
+            <th>service</th>
+            <th>submitter</th>
+            <th>status</th>
+          </tr>
+        </thead>
+        <tbody>
+          <?php
+          $stmt = $GLOBALS['db']->query($query);
+          while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+          ?>
+            <tr class="score-<?php echo $row['status']; ?>">
+              <td><?php echo $row['count']; ?>&nbsp;</td>
+              <td><?php echo $row['service']; ?>&nbsp;</td>
+              <td><?php echo $row['submitter']; ?>&nbsp;</td>
+              <td><?php echo $row['status']; ?></td>
+            </tr>
+            <?php
+          }
+          ?>
+        </tbody>
+      </table>
+    <p>Status: 0=submission pending; 1=submitted:OK; 2=submitted:Fail</p>
+    </body>
+    </html>
diff --git a/submitbot_tcp.py b/submitbot_tcp.py
index 6803845..1360557 100644
--- a/submitbot_tcp.py
+++ b/submitbot_tcp.py
@@ -27,48 +27,38 @@ def submit(sock,flag):
     fs=sock.makefile()
 
     print "submitting flag: "+flag
+
     sock.sendall(flag+"\n")
 
     resp = fs.readline()+""
-
+    print resp
     if 'Accepted' in resp:
-        return (1, 'Accepted')
+        return (1, resp.replace(flag,''))
 
     if 'Denied: no such flag' in resp:
         return (2, 'Denied: no such flag')
 
+    if 'Denied: invalid flag' in resp:
+        return (2, 'Denied: invalid flag')
+
     if 'Denied: flag is too old' in resp:
         return (2, 'Denied: flag is too old')
 
     if 'Denied: you already submitted this flag' in resp:
-        return (2, 'Denied: you already submitted this flag')
+        return (3, 'Denied: you already submitted this flag')
 
     if 'Denied: flag is your own' in resp:
         return (2, 'Denied: flag is your own')
 
     if 'Denied: your appropriate service' in resp:
-        return (3, 'Denied: your appropriate service')
-
-    print(resp)
-
-
-    if 'Status:error' in resp:
-        wantnext = False
-        servresponse = ""
-        for line in resp.splitlines():
-            if wantnext == True:
-                wantnext = False
-                servresponse = line
-            if 'Status:error' in line:
-                wantnext = True
-        return (2, 'Status:error::'+servresponse)
+        return (4, 'Denied: your appropriate service')
 
     # RETURN (success?, srvresponse)
     print resp
-    return (0, '')
+    return (4, 'WTF?!')
 
 def main():
-    sleeptime = 5
+    sleeptime = 1
     dbconn = None
     while True:
         try:
@@ -79,16 +69,16 @@ def main():
 
             cur = None
             while True:
-                print "*** sleeping another "+str(sleeptime)+" sec..."
-                time.sleep(sleeptime)
                 try:
                     cur = dbconn.cursor(cursor_factory=psycopg2.extras.DictCursor)
-                    cur.execute("SELECT * from flags where status = 0 or status = 3 limit 500")
+                    cur.execute("SELECT * from flags where status = 0 or status = 4 limit 2")
                     print "Fetched " + str(cur.rowcount) + " rows"
                     if cur.rowcount == 0:
+                        print "*** sleeping another "+str(sleeptime)+" sec..."
+                        time.sleep(sleeptime)
                         continue
                     sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-                    sock.connect(("10.10.10.2", 31337))
+                    sock.connect(("flags.ructfe.org", 31337))
                     eating = True
                     fs=sock.makefile()
                     while eating:
@@ -97,6 +87,8 @@ def main():
                             eating = False
 
                     for row in cur.fetchall():
+                        if row['flag'] is None or row['flag'].strip() == '':
+                            continue						
                         (success, resp) = submit(sock,row['flag'])
                         if success != 0:
                             cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
-- 
2.43.0