From e165ddeb94cc3e44361963044a57593b4dc4fdc5 Mon Sep 17 00:00:00 2001
From: root <root@localhost>
Date: Mon, 8 May 2017 23:32:47 +0200
Subject: [PATCH] post-ictf
---
bots/get_targets_ictf.py | 84 ++++++++++
bots/submit_ictf.py | 110 +++++++++++++
bots/submit_ictf_batch.py | 112 ++++++++++++++
submitbot_tcp.py => bots/submit_ructfe.py | 0
flagbot.py | 180 ----------------------
get_targets.php | 2 +-
index.php | 10 +-
index_flag_ids.php | 7 +-
index_serviceflags.php | 8 +-
9 files changed, 325 insertions(+), 188 deletions(-)
create mode 100755 bots/get_targets_ictf.py
create mode 100755 bots/submit_ictf.py
create mode 100755 bots/submit_ictf_batch.py
rename submitbot_tcp.py => bots/submit_ructfe.py (100%)
mode change 100644 => 100755
delete mode 100644 flagbot.py
diff --git a/bots/get_targets_ictf.py b/bots/get_targets_ictf.py
new file mode 100755
index 0000000..f215e17
--- /dev/null
+++ b/bots/get_targets_ictf.py
@@ -0,0 +1,84 @@
+#!/usr/bin/env python3
+#
+# Copyright 2015-2017 by Jan Vales <jan@jvales.net> (Someone <someone@somenet.org>)
+# send me your changes. credit author(s). do not publish. share alike.
+# to be done: find a suitable licence text.
+#
+
+import psycopg2
+import psycopg2.extras
+import sys
+import time
+import signal
+import socket
+import threading
+import pprint
+import traceback
+
+import ictf
+
+team = None
+dbconnstring = "host=127.0.0.1 port=5432 dbname=flagbot user=flagbot password=flagbotpw"
+
+def login(force = False):
+ global team
+ if force == True or team is None:
+ team = ictf.iCTF().login('ctf@w0y.at','ZmtphWHFUDwRWk6m')
+ print("login(): logged in.")
+
+def getTargets():
+ print("getTargets() starting...")
+ try:
+ login(True)
+ global team
+
+ service_list = team.get_service_list()
+ #dbconn = psycopg2.connect(dbconnstring)
+ #cur = dbconn.cursor()
+ #cur.execute("DELETE FROM flag_ids")
+ #dbconn.commit()
+
+ for service in service_list:
+ try:
+ print("getTargets() getting for:"+str(service['service_name']))
+ targets = team.get_targets(service['service_id'])
+ print("getTargets() got "+str(len(targets['targets']))+" targets.")
+ for target in targets['targets']:
+ try:
+ dbconn = psycopg2.connect(dbconnstring)
+ cur = dbconn.cursor()
+ cur.execute("INSERT INTO flag_ids (service, team, host, port, flag_id) VALUES (%s, %s, %s, %s, %s)",
+ (service['service_name'], target['team_name'], target['hostname'], target['port'], target['flag_id']))
+ dbconn.commit()
+ except psycopg2.IntegrityError as e:
+ pass
+
+ except psycopg2.DatabaseError as e:
+ print('getTargets() Error %s' % e)
+ traceback.print_exc(file=sys.stdout)
+
+ except Exception as e:
+ print('getTargets() Error %s' % e)
+ traceback.print_exc(file=sys.stdout)
+
+ except Exception as e:
+ print('getTargets() Error %s' % e)
+ traceback.print_exc(file=sys.stdout)
+
+
+ time.sleep(10.0)
+ gettargetth = threading.Timer(0.5, getTargets)
+ gettargetth.start()
+ print("getTargets(): ended")
+
+def main():
+ print("*** starting ...")
+ getTargets()
+
+if __name__ == "__main__":
+ def signal_handler(signal, frame):
+ print('SIG received. exitting!')
+ sys.exit(0)
+ signal.signal(signal.SIGINT, signal_handler)
+ main()
+
diff --git a/bots/submit_ictf.py b/bots/submit_ictf.py
new file mode 100755
index 0000000..c7b39ce
--- /dev/null
+++ b/bots/submit_ictf.py
@@ -0,0 +1,110 @@
+#!/usr/bin/env python2
+#
+# Copyright 2015-2017 by Jan Vales <jan@jvales.net> (Someone <someone@somenet.org>)
+# send me your changes. credit author(s). do not publish. share alike.
+# to be done: find a suitable licence text.
+#
+
+import psycopg2
+import psycopg2.extras
+import sys
+import time
+import signal
+import socket
+import threading
+import traceback
+
+import ictf
+
+team = None
+dbconnstring = "host=127.0.0.1 port=5432 dbname=flagbot user=flagbot password=flagbotpw"
+
+def login(force = False):
+ global team
+ if force == True or team is None:
+ team = ictf.iCTF().login('ctf@w0y.at','ZmtphWHFUDwRWk6m')
+ print("login(): logged in.")
+
+
+def submit(flag):
+ global team
+
+ try:
+ result = team.submit_flag([flag])
+ result = result[0]
+
+ if "notactive" in result:
+ return (2, result)
+ elif "incorrect" in result:
+ return (3, result)
+ elif "correct" in result:
+ return (1, result)
+ else:
+ return (4, result)
+
+ except Exception as e:
+ print('Error %s' % e)
+ traceback.print_exc(file=sys.stdout)
+
+
+def main():
+ sleeptime = 1
+ dbconn = None
+ while True:
+ try:
+ print("*** sleeping "+str(sleeptime)+" sec...")
+ time.sleep(sleeptime)
+ dbconn = psycopg2.connect("host=s.i port=5432 dbname=flagbot user=flagbot password=flagbotpw")
+ print("Connected to DB")
+
+ cur = None
+ login(True)
+ global team
+
+ while True:
+ try:
+ cur = dbconn.cursor(cursor_factory=psycopg2.extras.DictCursor)
+ cur.execute("SELECT * from flags where status = 0 or status = 4 order by random() limit 1")
+ if cur.rowcount == 0:
+ print("*** sleeping another "+str(sleeptime)+" sec...")
+ time.sleep(sleeptime)
+ continue
+ for row in cur.fetchall():
+ if row['flag'] is None or row['flag'].strip() == '':
+ continue
+ (status, resp) = submit(row['flag'])
+ print("submitted: "+row['flag']+" - response: ("+str(status)+") "+resp)
+ if status != 0:
+ cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), status = %s, srvresponse = %s WHERE fid = %s and status = 0 or status = 4",
+ (status, resp, row['fid']))
+ dbconn.commit()
+ except psycopg2.DatabaseError as e:
+ print('Error %s' % e)
+ try:
+ cur.close()
+ dbconn.rollback()
+ except psycopg2.DatabaseError as e:
+ print('Error %s' % e)
+ cur = None
+ dbconn.rollback()
+ sock.shutdown(socket.SHUT_WR)
+ sock.close()
+
+ except psycopg2.DatabaseError as e:
+ print('Error %s' % e)
+ try:
+ dbconn.close()
+ except psycopg2.DatabaseError as e:
+ print('Error %s' % e)
+ dbconn = None
+
+ print("should never be reached")
+
+
+if __name__ == "__main__":
+ def signal_handler(signal, frame):
+ print('SIG received. exitting!')
+ sys.exit(0)
+ signal.signal(signal.SIGINT, signal_handler)
+ main()
+
diff --git a/bots/submit_ictf_batch.py b/bots/submit_ictf_batch.py
new file mode 100755
index 0000000..3c8ab7f
--- /dev/null
+++ b/bots/submit_ictf_batch.py
@@ -0,0 +1,112 @@
+#!/usr/bin/env python2
+#
+# Copyright 2015-2017 by Jan Vales <jan@jvales.net> (Someone <someone@somenet.org>)
+# send me your changes. credit author(s). do not publish. share alike.
+# to be done: find a suitable licence text.
+#
+
+import psycopg2
+import psycopg2.extras
+import sys
+import time
+import signal
+import socket
+import threading
+import traceback
+
+import ictf
+
+team = None
+dbconnstring = "host=127.0.0.1 port=5432 dbname=flagbot user=flagbot password=flagbotpw"
+
+def login(force = False):
+ global team
+ if force == True or team is None:
+ team = ictf.iCTF().login('ctf@w0y.at','ZmtphWHFUDwRWk6m')
+ print("login(): logged in.")
+
+
+def submitFlags():
+ print("submitFlag(): starting...")
+ dbconn = None
+
+ try:
+ login()
+ global team
+
+ dbconn = psycopg2.connect(dbconnstring)
+ cur = dbconn.cursor(cursor_factory=psycopg2.extras.DictCursor)
+ cur.execute("SELECT * from flags where status = 0 or status = 4 order by random() limit 400")
+ print("submitFlag(): submitting " + str(cur.rowcount) + " flags...")
+ flist = [x['flag'] for x in cur.fetchall()]
+ result = team.submit_flag(flist)
+ resultlist = list(zip(flist,result))
+
+ for res in resultlist:
+ try:
+ result = res[1]
+
+ if "notactive" in result:
+ cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
+ "status = %s, srvresponse = %s WHERE flag = %s",
+ (2, result, res[0]))
+
+ elif "incorrect" in result:
+ cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
+ "status = %s, srvresponse = %s WHERE flag = %s",
+ (2, result, res[0]))
+
+ elif "correct" in result:
+ cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
+ "status = %s, srvresponse = %s WHERE flag = %s",
+ (1, result, res[0]))
+
+ elif "already" in result:
+ cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
+ "status = %s, srvresponse = %s WHERE flag = %s",
+ (3, result, res[0]))
+
+
+ else:
+ import pprint
+ pprint.pprint(result)
+ cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
+ "status = %s, srvresponse = %s WHERE flag = %s",
+ (4, result, res[0]))
+
+ dbconn.commit()
+ except psycopg2.DatabaseError as e:
+ print('Error %s' % e)
+ traceback.print_exc(file=sys.stdout)
+
+ except Exception as e:
+ print('Error %s' % e)
+ traceback.print_exc(file=sys.stdout)
+
+ try:
+ dbconn.close()
+ except AttributeError as e:
+ pass
+# print('Error %s' % e)
+# traceback.print_exc(file=sys.stdout)
+
+ except psycopg2.DatabaseError as e:
+ print('Error %s' % e)
+ traceback.print_exc(file=sys.stdout)
+
+ print("submitFlag(): ended.")
+ time.sleep(5.0)
+
+
+def main():
+ print("*** starting ...")
+ while True:
+ submitFlags()
+
+if __name__ == "__main__":
+ def signal_handler(signal, frame):
+ print('SIG received. exitting!')
+ sys.exit(0)
+ signal.signal(signal.SIGINT, signal_handler)
+ main()
+
diff --git a/submitbot_tcp.py b/bots/submit_ructfe.py
old mode 100644
new mode 100755
similarity index 100%
rename from submitbot_tcp.py
rename to bots/submit_ructfe.py
diff --git a/flagbot.py b/flagbot.py
deleted file mode 100644
index b336549..0000000
--- a/flagbot.py
+++ /dev/null
@@ -1,180 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2015 by Jan Vales <jan@jvales.net> (Someone <someone@somenet.org>)
-# send me your changes. credit author(s). do not publish. share alike.
-# to be done: find a suitable licence text.
-#
-
-import psycopg2
-import psycopg2.extras
-import sys
-import time
-import signal
-import socket
-import threading
-
-import ictf
-
-team = None
-dbconnstring = "host=127.0.0.1 port=5432 dbname=flagbot user=flagbot password=flagbotpw"
-
-def login(force = False):
- global team
- if force == True or team is None:
- team = ictf.iCTF().login('georg@iseclab.org','8u6kNdUcsxE6sEkT')
- print("login(): logged in.")
-
-def getTargets():
- print("getTargets() starting...")
- login(True)
- global team
-
- service_list = team.get_service_list()
- service_names = [s['service_name'].encode("ascii") for s in service_list]
- import pprint
- pprint.pprint(service_names)
- try:
- for service in service_names:
- try:
-# print("getTargets() getting for:"+service)
- targets = team.get_targets(service)
- for target in targets['targets']:
- try:
- dbconn = psycopg2.connect(dbconnstring)
- cur = dbconn.cursor()
- cur.execute("INSERT INTO flag_ids (service, team, host, port, flag_id) VALUES (%s, %s, %s, %s, %s)",
- (service, target['team_name'], target['ip_address'], target['port'], target['flag_id']))
- dbconn.commit()
- except psycopg2.DatabaseError as e:
- pass
-# print 'getTargets()Error %s' % e
-# print "getTargets() Unexpected error:", sys.exc_info()[0]
- try:
- dbconn.close()
- except psycopg2.DatabaseError as e:
- print 'getTargets()Error %s' % e
- dbconn = None
-
- except Exception as e:
- print 'getTargets()Error %s' % e
- print "getTargets() Unexpected error:", sys.exc_info()[0]
-
- except Exception as e:
- print 'getTargets() Error %s' % e
- print "Unexpected error:", sys.exc_info()[0]
-
-
- time.sleep(5.0)
- gettargetth = threading.Timer(0.5, getTargets)
- gettargetth.start()
- print("getTargets(): ended")
-
-def submitFlags():
- print("submitFlag(): starting...")
- login()
- global team
-
- try:
- dbconn = psycopg2.connect(dbconnstring)
- cur = dbconn.cursor(cursor_factory=psycopg2.extras.DictCursor)
- cur.execute("SELECT * from flags where status = 0 or status = 3 order by random() limit 50")
- print "submitFlag() submitting " + str(cur.rowcount) + " flags"
- for row in cur.fetchall():
- try:
- result = team.submit_flag([row['flag']])
-
- if "correct" in result:
- cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
- "status = %s, srvresponse = %s WHERE fid = %s",
- (1, result, row['fid']))
-
- elif "already" in result:
- cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
- "status = %s, srvresponse = %s WHERE fid = %s",
- (2, result, row['fid']))
-
- elif "notactive" in result:
- cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
- "status = %s, srvresponse = %s WHERE fid = %s",
- (2, result, row['fid']))
-
- elif "incorrect" in result:
- cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
- "status = %s, srvresponse = %s WHERE fid = %s",
- (2, result, row['fid']))
-
- else:
- import pprint
- pprint.pprint(result)
- cur.execute("UPDATE flags SET submitted = date_trunc('second', NOW()), "
- "status = %s, srvresponse = %s WHERE fid = %s",
- (3, result, row['fid']))
-
- dbconn.commit()
- except psycopg2.DatabaseError as e:
- print 'Error %s' % e
-
- except Exception as e:
- print 'Error %s' % e
- print "Unexpected error:", sys.exc_info()[0]
-
- try:
- dbconn.close()
- except psycopg2.DatabaseError as e:
- print 'Error %s' % e
- dbconn = None
-
- time.sleep(5.0)
- submitth = threading.Timer(0.5, submitFlags)
- submitth.setDaemon(True)
- submitth.start()
- print("submitFlag(): ended")
-
-def main():
- print "*** starting ..."
- dbconn = psycopg2.connect("host=127.0.0.1 port=5432 dbname=flagbot user=flagbot password=flagbotpw")
- cur = dbconn.cursor()
- cur.execute("CREATE TABLE IF NOT EXISTS flag_ids ("
- "service character varying(64) NOT NULL,"
- "team character varying(64) NOT NULL,"
- "host character varying(10) NOT NULL,"
- "port character varying(10) NOT NULL,"
- "flag_id character varying(128) NOT NULL,"
- "received timestamp without time zone NOT NULL DEFAULT date_trunc('second'::text, now()),"
- "handed_out timestamp without time zone,"
- "status integer NOT NULL DEFAULT 0,"
- "CONSTRAINT flag_ids_pkey PRIMARY KEY (service, flag_id)"
- ")")
- cur.execute("CREATE TABLE IF NOT EXISTS flags ("
- "fid serial NOT NULL,"
- "flag character varying(32) NOT NULL,"
- "service character varying(32),"
- "flag_id character varying(128),"
- "submitter character varying(32),"
- "received timestamp without time zone NOT NULL DEFAULT date_trunc('second'::text, now()),"
- "submitted timestamp without time zone,"
- "status integer NOT NULL DEFAULT 0, "
- "srvresponse character varying(128),"
- "CONSTRAINT flags_pkey PRIMARY KEY (fid),"
- "CONSTRAINT flags_flag_key UNIQUE (flag)"
- ")")
- dbconn.commit()
- cur.close()
- cur = None
- dbconn = None
- print "Connected to DB + tables created"
-
- # start one other thread
- submitth = threading.Timer(1.0, submitFlags)
- submitth.setDaemon(True)
- submitth.start()
-
- getTargets()
-
-if __name__ == "__main__":
- def signal_handler(signal, frame):
- print 'SIG received. exitting!'
- sys.exit(0)
- signal.signal(signal.SIGINT, signal_handler)
- main()
-
diff --git a/get_targets.php b/get_targets.php
index 32650b3..f87499b 100644
--- a/get_targets.php
+++ b/get_targets.php
@@ -31,7 +31,7 @@ function handleRequest() {
function getTargets($service) {
try {
- $stmt = $GLOBALS['db']->prepare("SELECT * FROM flag_ids WHERE (received + INTERVAL '30 minute') > now() and service = ? and status = 0 ORDER BY received DESC");
+ $stmt = $GLOBALS['db']->prepare("SELECT * FROM flag_ids WHERE (received + INTERVAL '15 minute') > now() and service = ? and status = 0 ORDER BY received DESC");
$stmt->execute(array($service));
$targets = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo json_encode($targets);
diff --git a/index.php b/index.php
index 1b4e951..e023021 100644
--- a/index.php
+++ b/index.php
@@ -18,12 +18,16 @@ $query = "SELECT * FROM flags WHERE (received + INTERVAL '30 minute') > now() OR
<html>
<head>
<link rel="stylesheet" type="text/css" href="styles.css"></link>
+ <meta http-equiv="refresh" content="10;">
</head>
<body>
<h1>Submission Board - Flags</h1>
- <p><a href="./index_serviceflags.php">Service + Exploit flags</a> <a href="./index_serviceflags.php?all">Alltime Service + Exploit flags</a> <a href="./index.php">Flaglist</a> <a href="./index_flag_ids.php">go to flag_ids</a></p>
- <p>Shows all submissions of the last 30 min<br>
- NUM ROWS: <?php echo sizeof($GLOBALS['db']->query($query)->fetchAll()); ?></p>
+<p><a href="./index.php">Flags</a>
+<a href="./index_serviceflags.php">Service + Exploit flags</a> <a href="./index_serviceflags.php?all">Alltime Service + Exploit flags</a>
+<a href="./index_flag_ids.php">Flag_IDs</a></p>
+ try:
+ <p>Shows all submissions of the last 30 min. <b>Current Time: <?php echo ' '.date('Y-m-d H:i:s');?></b><br>
+ NUM ROWS: <?php echo sizeof($GLOBALS['db']->query($query)->fetchAll());?></p>
<table style="width: 100%">
<thead>
<tr>
diff --git a/index_flag_ids.php b/index_flag_ids.php
index b79883c..71a379d 100644
--- a/index_flag_ids.php
+++ b/index_flag_ids.php
@@ -18,11 +18,14 @@ $query = "SELECT * FROM flag_ids WHERE (received + INTERVAL '30 minute') > now()
<html>
<head>
<link rel="stylesheet" type="text/css" href="styles.css"></link>
+ <meta http-equiv="refresh" content="10;">
</head>
<body>
<h1>Submission Board - flag_ids</h1>
- <p><a href="./index.php">go to flags</a></p>
- <p>Shows all submissions of the last 30 min<br>
+<p><a href="./index.php">Flags</a>
+<a href="./index_serviceflags.php">Service + Exploit flags</a> <a href="./index_serviceflags.php?all">Alltime Service + Exploit flags</a>
+<a href="./index_flag_ids.php">Flag_IDs</a></p>
+ <p>Shows all submissions of the last 30 min. <b>Current Time: <?php echo ' '.date('Y-m-d H:i:s');?></b><br>
NUM ROWS: <?php echo sizeof($GLOBALS['db']->query($query)->fetchAll()); ?></p>
<table style="width: 100%">
<thead>
diff --git a/index_serviceflags.php b/index_serviceflags.php
index 6f21360..13d2dfc 100644
--- a/index_serviceflags.php
+++ b/index_serviceflags.php
@@ -21,12 +21,16 @@ if (isset($_REQUEST['all'])) $query = "SELECT count(*) as count , submitter, ser
<html>
<head>
<link rel="stylesheet" type="text/css" href="styles.css"></link>
+ <meta http-equiv="refresh" content="10;">
</head>
<body>
<h1>Submission Board - Services/Exploits and their Flags</h1>
- <p><a href="./index_serviceflags.php">Service + Exploit flags</a> <a href="./index_serviceflags.php?all">Alltime Service + Exploit flags</a> <a href="./index.php">Flaglist</a> <a href="./index_flag_ids.php">go to flag_ids</a></p>
- <?php if (!isset($_REQUEST['all'])) echo '<p>Shows all submissions of the last 30 min<br>'; ?>
+<p><a href="./index.php">Flags</a>
+<a href="./index_serviceflags.php">Service + Exploit flags</a> <a href="./index_serviceflags.php?all">Alltime Service + Exploit flags</a>
+<a href="./index_flag_ids.php">Flag_IDs</a></p>
+ <p><?php if (!isset($_REQUEST['all'])) echo 'Shows all submissions of the last 30 min'; ?>
+ <b>Current Time: <?php echo ' '.date('Y-m-d H:i:s');?></b><br>
NUM ROWS: <?php echo sizeof($GLOBALS['db']->query($query)->fetchAll()); ?></p>
<table style="width: 100%">
<thead>
--
2.43.0