def admin_keys_view(keyid):
if request.method == 'GET':
if keyid:
saved_key = Keys.query.filter_by(id=keyid).first_or_404()
json_data = {
'id': saved_key.id,
'key': saved_key.flag,
'data': saved_key.data,
'chal': saved_key.chal,
'type': saved_key.key_type,
'type_name': get_key_class(saved_key.key_type).name
}
return jsonify(json_data)
elif request.method == 'POST':
chal = request.form.get('chal')
flag = request.form.get('key')
data = request.form.get('keydata')
key_type = int(request.form.get('key_type'))
if not keyid:
k = Keys(chal, flag, key_type)
k.data = data
db.session.add(k)
else:
k = Keys.query.filter_by(id=keyid).first()
k.chal = chal
k.flag = flag
k.data = data
k.key_type = key_type
db.session.commit()
db.session.close()
return '1'
def admin_create_chal():
if request.method == 'POST':
files = request.files.getlist('files[]')
# Create challenge
chal = Challenges(request.form['name'], request.form['desc'],
request.form['value'], request.form['category'],
int(request.form['chaltype']))
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
db.session.add(chal)
db.session.flush()
flag = Keys(chal.id, request.form['key'],
int(request.form['key_type[0]']))
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin_challenges.admin_chals'))
else:
return render_template('admin/chals/create.html')
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
# Create challenge
chal = AnonymousChallenge(
name=request.form['name'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
)
chal.hidden = True # The challenge should always be hidden
chal.max_attempts = 0 # Unlimited attempts for this type of challenge
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'],
'static') # request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
files = request.files.getlist('files[]')
# Create challenge
chal = BonusChallenges(
name=request.form['name'],
description=request.form['desc'],
value=request.form['value'],
category='Bonus Flag',
type=request.form['chaltype'],
)
chal.hidden = True
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
def admin_create_chal():
if request.method == 'POST':
files = request.files.getlist('files[]')
# Create challenge
chal = Challenges(request.form['name'], request.form['desc'], request.form['value'], request.form['category'], int(request.form['chaltype']))
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.flush()
flag = Keys(chal.id, request.form['key'], int(request.form['key_type[0]']))
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin_challenges.admin_chals'))
else:
return render_template('admin/chals/create.html')
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
files = request.files.getlist('files[]')
keys = {}
for i in range(len(request.form)):
key_name = 'key_name[{}]'.format(i)
key_sol = 'key_solution[{}]'.format(i)
key_type = 'key_type[{}]'.format(i)
if key_name in request.form:
keys[request.form[key_name]] = {
'key': request.form[key_sol],
'type': request.form[key_type]
}
else:
break
# Create challenge
chal = MultiQuestionChallengeModel(
name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'])
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
for key, value in keys.iteritems():
flag = Keys(chal.id, value['key'], value['type'])
flag.data = json.dumps({key: False})
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
def create(request):
"""
This method is used to process the challege creation request.
:param request:
:return:
"""
buildingList = []
for item in request.form:
if "buildingId" in item:
buildingList.append(request.form[item])
buildingListString = [str(x) for x in buildingList]
print(buildingListString)
files = request.files.getlist('files[]')
chal = SmartCityChallenge(name=request.form['name'],
category=request.form['category'],
description=request.form['description'],
value=request.form['value'],
buildingId=str(buildingListString),
soundId=request.form['soundId'],
type=request.form['chaltype'])
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
#logger.debug("Genereted buildingId " + chal.buildingId + " for challenge " + chal.name)
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
# Create challenge
chal = Challenges(
name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
penalty = request.form['penalty']
)
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
file_generators = request.files.getlist('file_generators[]')
for g in file_generators:
utils.upload_file(file=g, chalid=chal.id, isgenerator=True)
db.session.commit()
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
# Create challenge
chal = CommunityChallengeModel(name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
owner=session['id'])
# Never hide Community challenges
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
files = request.files.getlist('files[]')
# Liste de tuples de 3 éléments :
# - solution (le flag à trouver)
# - type ("static" ou "regex")
# - data (JSON string)
keys = []
index_key = 0
while ('key_solution[%s]' % index_key) in request.form:
key_solution = request.form['key_solution[%s]' % index_key]
if key_solution:
key_type = request.form.get('key_type[%s]' % index_key, '')
if key_type not in ('static', 'regex'):
key_type = 'static'
award = request.form.get('award_interm[%s]' % index_key, 0)
try:
award = int(award)
except ValueError:
award = 0
congrat_msg = request.form.get('congrat_msg[%s]' % index_key,
'')
congrat_img_url = request.form.get(
'congrat_img_url[%s]' % index_key, '')
doc_filename = request.form.get('doc_filename[%s]' % index_key,
'')
is_public = request.form.get('public[%s]' % index_key,
'') == 'yes'
cancel_score = request.form.get('cancel_score[%s]' % index_key,
'') == 'yes'
key_data = {
'congrat_msg': congrat_msg,
'congrat_img_url': congrat_img_url,
'doc_filename': doc_filename,
'award': award,
'public': is_public,
'cancel_score': cancel_score,
}
key_data = json.dumps(key_data)
key_infos = (key_solution, key_type, key_data)
keys.append(key_infos)
index_key += 1
# Create challenge
chal = IntermediateFlagChallengeModel(
name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'])
chal.hidden = 'hidden' in request.form
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
for key_solution, key_type, key_data in keys:
record_key = Keys(chal.id, key_solution, key_type)
record_key.data = key_data
db.session.add(record_key)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
def admin_create_chal():
if request.method == 'POST':
print("[DEBUG] Post request sent to my modified admin_create_chal")
files = request.files.getlist('files[]')
# Create challenge
chal = Challenges(
name=request.form['name'],
description=request.form['desc'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
)
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.flush()
# This if added by me
print("[DEBUG] chal.id: " + str(chal.id))
if chal.type == 'ethereum':
solidity = request.form['solidity']
test_func = request.form['test_func']
args = request.form['args']
starting_ether = request.form['starting-ether']
flag = request.form['key']
print("[DEBUG] Type is ethereum!")
if ethereumctf.compile_contract(str(chal.id), solidity,
test_func,
ast.literal_eval(args),
starting_ether, flag):
print("[DEBUG] successful compile!")
else:
db.session.rollback()
print("[DEBUG] failed compile")
return redirect(
url_for('admin_challenges.admin_create_chal')
) # TODO: Fail better
db.session.commit()
flag = Keys(chal.id, request.form['key'],
int(request.form['key_type[0]']))
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin_challenges.admin_chals'))
else:
return render_template('admin/chals/create.html')