def links_test():
agent = CAgent("rit.edu", 443)
agent.uri = "/computing/directory?term_node_tid_depth=4919"
page = agent.request()
links = get_addresses(page)
for link in links:
print(link)
def emails_test():
agent = CAgent("rit.edu", 443)
agent.uri = "/computing/directory?term_node_tid_depth=4919"
page = agent.request()
emails = get_emails(page)
for email in emails:
print(email)
def act_1():
"""
act_1: runs the required actions to get the act 1 flag
then prints out the flag
It just makes a POST request to csec380-core.csec.rit.edu
:return: Nothing
"""
print("Act 1")
agent = CAgent(HOST, PORT)
agent.make_header(method="POST", uri="/")
resp = agent.single_request()
print(resp.split('"')[1])
def act1_step1():
agent = CAgent("www.rit.edu", 443)
agent.uri = "/study/computing-security-bs"
page = agent.request()
soup = BeautifulSoup(page, 'html.parser')
pattern = re.compile("hidden-row rows-\d")
rows = soup.findAll("tr", class_=(pattern))
class_code_regex = re.compile("([A-Z]{3,4}-\d{2,3})")
class_name_regex = re.compile('(?:rse-name">)(.*)(?:</div>)')
with open("/temp_fol/act1_step1", "w") as file:
for row in rows:
cls = class_code_regex.findall(str(row))
name = class_name_regex.findall(str(row))
if len(cls) > 0:
file.write(str(cls[0]).strip() + "," + str(name[0]).strip())
def agent_wrapper(url, scope):
try:
port, host, uri = break_url(url)
sub = {url}
if sub.issubset(visited):
return set(), set()
agent = CAgent(host, port)
agent.uri = uri
agent.scope = scope
page = ""
page = agent.request()
visited.add(url)
lset = get_addresses(page)
eset = get_emails(page)
return lset, eset
except Exception as e:
return set(), set()
def disgusting_image_grab(l):
l = l.strip('"')
l = l.replace('&', "&")
port, host, uri = break_url(l)
temp_agent = CAgent(host, port)
temp_agent.uri = uri
image = b""
try:
temp_resp = temp_agent.request()
except UnicodeDecodeError:
resp = temp_agent.request_image()
try:
image = resp.split(b'Content-Type: image/jpg\r\n\r\n')[1]
except IndexError:
image = resp.split(b'Content-Type: image/jpeg\r\n\r\n')[1]
name = "/temp_vol/" + str(hash(image)) + ".jpg"
with open(name, "wb") as file:
file.write(image)
def act1_step2():
url = "https://www.rit.edu/computing/directory?term_node_tid_depth=4919"
port, host, uri = break_url(url)
agent = CAgent(host, port)
agent.uri = uri
page = agent.request()
visited.add(url)
pattern = re.compile('(?:data-src=)"(https?://(\w+.)+)')
temp_links = pattern.findall(page)
real_links = list()
for i in temp_links:
real_links.append(i[0])
with concurrent.futures.ThreadPoolExecutor(
max_workers=len(real_links)) as executor:
# Start the load operations and mark each future with its URL
future_images = {
executor.submit(disgusting_image_grab, i): i
for i in real_links
}
def test_speed_1024():
start_time = time.perf_counter()
agent = CAgent("stallman.org", 443)
agent.uri = "/"
agent.make_header()
agent.buffer_size = 1024
resp = agent.request()
end_time = time.perf_counter()
print("Time for buffer size 1024: " + str(end_time - start_time))
def test_redirect():
start_time = time.perf_counter()
agent = CAgent("cutt.ly", 443)
agent.uri = "/FeyXNVr"
agent.make_header()
agent.buffer_size = 16384
resp = agent.request()
#print(resp)
end_time = time.perf_counter()
print("Time for redirect: " + str(end_time - start_time))
def get_stallman():
agent = CAgent("stallman.org", 443)
agent.uri = "/"
agent.make_header()
start_time = time.perf_counter()
resp = agent.request()
end_time = time.perf_counter()
#agent.check_redirect(resp)
print("Time: " + str(end_time - start_time))
def get_wiki():
agent = CAgent("wikipedia.org", 443)
agent.uri = "/"
agent.make_header()
start_time = time.perf_counter()
resp = agent.request()
end_time = time.perf_counter()
#agent.check_redirect(resp)
print("Time (wiki): " + str(end_time - start_time))
print(resp)
def act_2():
"""
act_2: runs the required acts to get the act 2 flag
then prints out the flag
It gets a security token, puts that token in the body,
then makes another POST request
:return: Nothing
"""
print("Act 2")
token = get_security_token(HOST, PORT)
tok = "token=%s" % token
agent = CAgent(HOST, PORT)
agent.set_body(tok)
agent.make_header(method="POST", uri="/getFlag2")
response_2 = agent.single_request()
print(response_2.split('"')[1])
def agent_test():
agent = CAgent("www.rit.edu", 443)
agent.uri = "/computing/directory?term_node_tid_depth=4919"
page = agent.request()
print(page)
def act_4():
"""
act_4: runs the required acts to get the act 4 flag
then prints out the flag
It gets a security token, makes a request to create an
account, gets a password, and sends all three
in another POST request for the forth flag
:return: Nothing
"""
print("Act 4")
token = get_security_token(HOST, PORT)
agent = CAgent(HOST, PORT)
agent.set_body(("token=%s&username=%s" % (token, USERNAME)))
agent.create_socket()
agent.make_header(method="POST", uri="/createAccount")
response = agent.request()
password = response.split("password is ")[1]
agent.set_body(("token=%s&username=%s&password=%s" %
(token, USERNAME, urllib.parse.quote(password))))
agent.make_header(method="POST", uri="/login")
response_2 = agent.request()
print(response_2.split('"')[1])
def act_3():
"""
act_3: runs the required acts to get the act 3 flag
then prints out the flag
It gets a security token, puts that token in the body,
makes a request for a captcha, solves the captcha,
then returns the token and the solution in
another POST request
:return: Nothing
"""
print("Act 3")
token = get_security_token(HOST, PORT)
agent = CAgent(HOST, PORT)
agent.set_body(("token=%s" % token))
agent.make_header(method="POST", uri="/getFlag3Challenge")
agent.create_socket()
response = agent.request()
challenge = (response.split("solve the following: ")[1]).strip('"')
answer = eval(challenge)
agent.set_body("token=%s&solution=%d" % (token, answer))
agent.make_header(method="POST", uri="/getFlag3Challenge")
response_2 = agent.request()
agent.socket.close()
print(response_2.split('"')[1])
