Ejemplo n.º 1
0
def check(check_request: CheckRequest) -> Verdict:
    user = generate_user()
    cube = generate_cube()
    info = generate_info()

    api = Api(check_request.hostname)

    try:
        api.connect()
    except Exception:
        return Verdict.DOWN("DOWN")
    register_pub_cube = api.register(user, cube, info)
    api.disconnect()
    if register_pub_cube is None:
        return Verdict.MUMBLE("Can't register")

    try:
        api.connect()
    except Exception:
        return Verdict.DOWN("DOWN")
    login_pub_cube = api.login(user, cube)
    api.disconnect()
    if login_pub_cube is None:
        return Verdict.MUMBLE("Can't login")

    if register_pub_cube != login_pub_cube:
        return Verdict.MUMBLE("Wrong public cube")

    return Verdict.OK()
Ejemplo n.º 2
0
async def put_flag_aes(request: PutRequest) -> Verdict:
    algo = utils_pb2.Algo.AES
    login, msg = os.urandom(12), extend_flag_aes(request.flag).encode()

    try:
        key, decrypted_msg = await set_msg(login, msg, algo, request.hostname)
    except Exception as ex:
        print(traceback.format_exc())
        return Verdict.DOWN('DOWN')

    if decrypted_msg != msg:
        return Verdict.DOWN("AES doesn't work")
    if login not in await get_logins(algo, request.hostname):
        return Verdict.MUMBLE("Can't find login")
    return Verdict.OK("{}:{}".format(login.hex(), key))
Ejemplo n.º 3
0
def put(put_request: PutRequest) -> Verdict:
    user = generate_user()
    cube = generate_cube()
    info = generate_info()

    api = Api(put_request.hostname)

    try:
        api.connect()
    except Exception:
        return Verdict.DOWN("DOWN")
    pub_cube = api.register(user, cube, info)

    if pub_cube is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't register")

    res = api.encrypt(put_request.flag)
    if res is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't encrypt")
    ct, priv_key = res
    api.disconnect()

    try:
        is_correct = check_encryption_correctnes(ct, pub_cube, priv_key, put_request.flag)
    except Exception:
        is_correct = False
    if not is_correct:
        return Verdict.CORRUPT("Wrong encryption")

    return Verdict.OK(':'.join([user, cube.as_str(), pub_cube.as_str(), ct.decode(), str(priv_key)]))
Ejemplo n.º 4
0
async def check_service(request: CheckRequest) -> Verdict:
    async with API(request.hostname) as api:
        try:
            creds = get_reg_creds()
            status = await api.registration(creds)
            if status != 302:
                print(f'REGISTRATION: Wait 302, but return {status}')
                return Verdict.MUMBLE("Registration error")
            status = await api.update_user({
                "login": creds['login'],
                "additionalInfo": grs(25)
            })
            if status != 200:
                print(f'UPDATE USER: Wait 200, but return {status}')
                return Verdict.MUMBLE("Can't update user")
            status, res_json = await api.create_planner(get_planner())
            if status != 201 and len(res_json) != 0:
                print(
                    f'CREATE PANNER: Wait 201 with not empty json, but return {status} with {res_json}'
                )
                return Verdict.MUMBLE("Can't create planner")
            planner_id = res_json['id']
            status = await api.create_task(planner_id, get_task())
            if status != 201:
                print(f'CREATE TASK: Wait 201, but return {status}')
                Verdict.MUMBLE("Can't create task")
        except Exception as ex:
            print(traceback.format_exc())
            return Verdict.DOWN('DOWN')
    return Verdict.OK()
Ejemplo n.º 5
0
async def put_second_flag_into_the_service(request: PutRequest) -> Verdict:
    async with API(request.hostname) as api:
        try:
            creds = get_reg_creds()
            status = await api.registration(creds)
            if status != 302:
                print(f'ON PUT 2 REGISTRATION: Wait 302, but return {status}')
                return Verdict.MUMBLE("Registration error")

            planner = get_planner()
            status, planner = await api.create_planner(planner)
            if status != 201 or len(planner) == 0:
                print(f'ON GET 2 GET PLANNER: Wait 201, but return {status}')
                return Verdict.MUMBLE("Can't create planner")

            status, text = await api.get_planners()
            planner_id = planner["id"]

            if status != 200 or len(text.split(f'<tr id="{planner_id}">')) < 1:
                print(f'ON GET 2 GET PLANNERS: Wait 200, but return {status}')
                return Verdict.MUMBLE("Can't get planner")

            task = get_task()
            task['description'] = request.flag
            status = await api.create_task(planner_id, task)
            if status != 201:
                print(f'ON GET 2 CREATE TASK: Wait 201, but return {status}')
                Verdict.MUMBLE("Can't create task")

        except Exception as ex:
            print(traceback.format_exc())
            return Verdict.DOWN('DOWN')
    return Verdict.OK(f"{creds['login']}:{creds['password']}:{planner['id']}")
Ejemplo n.º 6
0
def put(put_request: PutRequest) -> Verdict:
    api = Api()
    try:
        unit_name = randomize()
        id_of_basement = api.add_new_chess_unit(put_request.hostname,
                                                unit_name, put_request.flag)
        armory_id = randomize()
        new_armory_id = api.add_armory_unit(put_request.hostname, armory_id)
        result = api.add_unit_to_chess(put_request.hostname, unit_name,
                                       new_armory_id)
        last_50_objects = api.get_latest_objects(put_request.hostname, 50)
        if "Armory" not in str(api.object_info(put_request.hostname,
                                               unit_name)):
            print("Armory not in object")
            return Verdict.MUMBLE("Bad object")
        if unit_name not in last_50_objects or result not in last_50_objects or armory_id not in last_50_objects:
            print("last 50 object doesnt contain needed info")
            return Verdict.MUMBLE("bad objects listing")
        if result != unit_name:
            print("result != unit name")
            return Verdict.MUMBLE("bad object id after adding")
        if armory_id != new_armory_id:
            print("bad armory id")
            return Verdict.MUMBLE("bad object id after adding")
        return Verdict.OK(f"{unit_name}:{id_of_basement}")
    except RequestException as e:
        print(f"timeout on connect {e}")
        return Verdict.DOWN("timeout")
    except Exception as e:
        print(f"possible mumble, {e}")
        return Verdict.MUMBLE("bad proto")
Ejemplo n.º 7
0
def get(get_request: GetRequest) -> Verdict:
    user, cube, pub_cube = get_request.flag_id.split(":")
    cube, pub_cube = map(Cube.from_str, (cube, pub_cube))
    info = get_request.flag

    api = Api(get_request.hostname)

    try:
        api.connect()
    except Exception:
        return Verdict.DOWN("DOWN")
    login_pub_cube = api.login(user, cube)
    if login_pub_cube is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't login")
    if login_pub_cube != pub_cube:
        api.disconnect()
        return Verdict.MUMBLE("Wrong public cube")

    server_info = api.get_info()
    if server_info is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't get info")

    api.disconnect()

    if server_info != info:
        return Verdict.CORRUPT("Wrong user info")

    return Verdict.OK()
Ejemplo n.º 8
0
def ensure_success(request):
    try:
        r = request()
    except Exception as e:
        raise HTTPException(Verdict.DOWN("HTTP error"))
    if r.status_code != 200:
        raise HTTPException(Verdict.MUMBLE("Invalid status code: %s %s" % (r.url, r.status_code)))
    return r
Ejemplo n.º 9
0
async def check_service(request: CheckRequest) -> Verdict:
    async with API(request.hostname) as api:
        try:
            await api.ping()
        except Exception as ex:
            print(traceback.format_exc())
            return Verdict.DOWN('DOWN')
    return Verdict.OK()
Ejemplo n.º 10
0
async def get_flag_xor(request: GetRequest) -> Verdict:
    algo = utils_pb2.Algo.XOR

    try:
        login, key = request.flag_id.split(':')
        login, key = bytes.fromhex(login), int(key)

        if login not in await get_logins(algo, request.hostname):
            return Verdict.MUMBLE("Can't find login")
    except Exception as ex:
        print(traceback.format_exc())
        return Verdict.DOWN('DOWN')

    try:
        flag = await get_msg(login, key, algo, request.hostname)
    except Exception as ex:
        print(traceback.format_exc())
        return Verdict.DOWN('DOWN')

    if flag != extend_flag_xor(request.flag).encode():
        return Verdict.CORRUPT("Wrong flag")
    return Verdict.OK()
Ejemplo n.º 11
0
def check(check_request: CheckRequest) -> Verdict:
    api = Api()
    try:
        rand_uuid = api.add_new_chess_unit(check_request.hostname, randomize(),
                                           randomize())
        if len(rand_uuid) > 0:
            return Verdict.OK()
    except RequestException as e:
        print(f"can't connect due to {e}")
        return Verdict.DOWN("can't connect to host")
    except Exception as e:
        print(e)
        return Verdict.MUMBLE("bad proto")
Ejemplo n.º 12
0
def put(put_request: PutRequest) -> Verdict:
    api = Api(put_request.hostname)
    try:
        username, password = get_random_str(), get_random_str()
        r = api.sing_up(username, password, get_random_str(), get_random_str())
        api.add_bark(username, put_request.flag, is_private=True)
        api.logout()
        return Verdict.OK(f"{username}:{password}")
    except RequestException as e:
        print(f"can't connect due to {e}")
        return Verdict.DOWN("can't connect to host")
    except Exception as e:
        print(e)
        return Verdict.MUMBLE("bad proto")
Ejemplo n.º 13
0
def put(put_request: PutRequest) -> Verdict:
    api = Api(put_request.hostname)
    try:
        username, password, bark = get_random_str(), get_random_str(), get_random_text()
        r = api.sing_up(username, password, get_random_str(), get_random_str())
        r = api.add_bark(username, bark, is_private=False)
        bark_id = int(r.text.split(bark)[0].split("/get_bark/")[1][0:-3])
        api.comment_bark(bark_id, put_request.flag, True)
        api.logout()
        return Verdict.OK(f"{username}:{password}:{bark_id}")
    except RequestException as e:
        print(f"can't connect due to {e}")
        return Verdict.DOWN("can't connect to host")
    except Exception as e:
        print(e)
        return Verdict.MUMBLE("bad proto")
Ejemplo n.º 14
0
def put(put_request: PutRequest) -> Verdict:
    user = generate_user()
    cube = generate_cube()
    info = put_request.flag

    api = Api(put_request.hostname)

    try:
        api.connect()
    except Exception:
        return Verdict.DOWN("DOWN")
    pub_cube = api.register(user, cube, info)
    api.disconnect()
    if pub_cube is None:
        return Verdict.MUMBLE("Can't register")
    return Verdict.OK(':'.join([user, cube.as_str(), pub_cube.as_str()]))
Ejemplo n.º 15
0
async def get_flag_from_the_service(request: GetRequest) -> Verdict:
    async with API(request.hostname) as api:
        try:
            login, password = request.flag_id.split(":")
            status = await api.login(login, password)
            if status != 200:
                print(f'ON GET 1 LOG IN: Wait 200, but return {status}')
                return Verdict.MUMBLE("Can't log in")
            status, text = await api.get_profile()
            if status != 200:
                print(f'ON GET 1 GET PROFILE: Wait 200, but return {status}')
                return Verdict.MUMBLE("Can't get profile")
            if request.flag not in FLAG_PATTERN.findall(text):
                print(f'ON GET 1 FLAG ERROR: not found')
                return Verdict.CORRUPT("Can't find flag")
        except Exception as ex:
            print(traceback.format_exc())
            return Verdict.DOWN('DOWN')
    return Verdict.OK()
Ejemplo n.º 16
0
async def put_flag_into_the_service(request: PutRequest) -> Verdict:
    async with API(request.hostname) as api:
        try:
            creds = get_reg_creds()
            status = await api.registration(creds)
            if status != 302:
                print(f'ON PUT 1 REGISTRATION: Wait 302, but return {status}')
                return Verdict.MUMBLE("Registration error")

            status = await api.update_user({
                "login": creds['login'],
                "additionalInfo": request.flag
            })
            if status != 200:
                print(f'ON PUT 1 UPDATE USER: Wait 200, but return {status}')
                return Verdict.MUMBLE("Can't update user")
        except Exception as ex:
            print(traceback.format_exc())
            return Verdict.DOWN('DOWN')
    return Verdict.OK(f"{creds['login']}:{creds['password']}")
Ejemplo n.º 17
0
def get(get_request: GetRequest) -> Verdict:
    api = Api()
    try:
        addr, secret = get_request.flag_id.strip().split(":")
        try:
            resulting_info = api.basement_info(get_request.hostname, addr,
                                               secret)
            if get_request.flag in resulting_info:
                return Verdict.OK()
            else:
                print(resulting_info, get_request.flag)
                return Verdict.CORRUPT("bad flag")
        except Exception as e:
            print(f"bad access {e}")
            return Verdict.CORRUPT("can't reach flag")
    except RequestException as e:
        print(e)
        return Verdict.DOWN("seems to be down")
    except Exception as e:
        print(f"ex {e}")
        return Verdict.MUMBLE("bad proto")
Ejemplo n.º 18
0
def get(get_request: GetRequest) -> Verdict:
    api = Api(get_request.hostname)
    try:
        username, password = get_request.flag_id.split(":")
        r = api.login(username, password)

        if r.status_code != 200:
            return Verdict.MUMBLE("can't login")

        if get_request.flag in r.text:
            return Verdict.OK()
        else:
            print(f"Can't find flag {get_request.flag} in {r.text}")
            return Verdict.CORRUPT("flag not found")

    except RequestException as e:
        print(f"can't connect due to {e}")
        return Verdict.DOWN("can't connect to host")
    except Exception as e:
        print(e)
        return Verdict.MUMBLE("bad proto")
Ejemplo n.º 19
0
async def get_flag_from_the_service(request: GetRequest) -> Verdict:
    async with API(request.hostname) as api:
        try:
            login, password, planner_id = request.flag_id.split(":")
            status = await api.login(login, password)
            if status != 200:
                print(f'ON PUT 2 LOG IN:Wait 200, but return {status}')
                return Verdict.MUMBLE("Can't log in")

            status, tasks = await api.get_tasks(planner_id, WEEK, YEAR)
            if status != 200 or len(tasks) == 0:
                print(
                    f'ON PUT 2 GET TASKS: Wait 200, but return {status} without tasks'
                )
                return Verdict.MUMBLE("Can't get tasks")

            for task in tasks:
                if request.flag in task['description']:
                    return Verdict.OK()
        except Exception as ex:
            print(traceback.format_exc())
            return Verdict.DOWN('DOWN')
    print(f'ON GET 2 flag not found')
    return Verdict.CORRUPT("Can't find flag")
Ejemplo n.º 20
0
def check(check_request: CheckRequest) -> Verdict:
    api = Api(check_request.hostname)
    try:
        username = get_random_str()
        password = get_random_str()
        r = api.sing_up(username, password, get_random_str(), get_random_str())
        if r.status_code == 200 and f"{api.url}/{username}/" != r.url:
            print(f"Found {r.url}, but wait {api.url}/{username}. Status code {r.status_code}")
            return Verdict.MUMBLE("can't pass registration")
        
        bark = get_random_text()
        r = api.add_bark(username, bark)
        if r.status_code == 200 and f"{api.url}/{username}/" != r.url or bark not in r.text:
            print(f"Found {r.url}, but wait {api.url}/{username} OR '{bark}' not in response. Status code: {r.status_code}")
            return Verdict.MUMBLE("can't create bark")

        bark_id = int(r.text.split(bark)[0].split("/get_bark/")[1][0:-3])
        comment = get_random_text()
        r = api.comment_bark(bark_id, comment)
        if r.status_code == 200 and comment not in r.text:
            print(f"Comment {comment} not in response. Status code: {r.status_code}")
            return Verdict.MUMBLE("can't create comment")
        
        api.logout()

        new_username = get_random_str()
        new_password = get_random_str()
        r = api.sing_up(new_username, new_password, get_random_str(), get_random_str())
        r = api.add_friend(username)

        if r.status_code == 200 and username not in r.text:
            print(f"Can't find {username} in friends list. Status code: {r.status_code}")
            return Verdict.MUMBLE("can't add friend")
        
        api.logout()

        r = api.login(username, password)
        if r.status_code == 200 and f"{api.url}/{username}/" != r.url:
            print(f"Found {r.url}, but wait {api.url}/{username}. Status code: {r.status_code}")
            return Verdict.MUMBLE("can't log in")

        r = api.confirm_friend(new_username)
        if r.status_code == 200 and username not in r.text:
            print(f"Friend {username} not found in friends list. Status code: {r.status_code}")
            return Verdict.MUMBLE("can't confirm friend")

        token = api.generate_token()
        if not token:
            print(f"Can't get token")
            return Verdict.MUMBLE("can't get token")

        api.logout()

        user_dict = api.api_index(token)
        if user_dict['username'] != username or user_dict['token'] != token:
            print(f"Fields username and token isn't correct. Found: {user_dict['username']}, {user_dict['token']}. Wait: {username}, {token}")
            return Verdict.MUMBLE("api user info incorrect")

        barks_list = api.api_barks(token, username)
        for user_bark in barks_list:
            if user_bark['text'] == bark:
                break
        else:
            print(f"Wait for '{bark}', but got {user_bark['text']}")
            return Verdict.MUMBLE("incorrect bark")

        comments_list = api.api_comments(token, bark_id)
        for user_comment in comments_list:
            if user_comment['text'] == comment:
                break
        else:
            print(f"Wait for '{comment}', but got {user_comment['text']}")
            return Verdict.MUMBLE("incorrect comment")

        user_info = api.api_user_info(token, username)
        if user_info['username'] != username or user_info['id'] != user_dict['id']:
            print(f"Incorrect user_info. Got {user_info['username']}, {user_info['id']}, but wait {username}, {user_dict['id']}")
            return Verdict.MUMBLE("incorrect user info")

        for i in range(0, 5):
            users_list = api.api_get_users(token, i)
            if [u for u in users_list if u['username'] == username and u['id'] == user_dict['id']]:
                break
        else:
            print(f"can't find user via api")
            return Verdict.MUMBLE("can't find user")

        for i in range(0, 5):
            barks_list = api.api_get_last_barks(token, i)
            if [b for b in barks_list if b['id'] == bark_id]:
                break
        else:
            print(f"can't find user via api")
            return Verdict.MUMBLE("can't find user")

        return Verdict.OK()
    except RequestException as e:
        print(f"can't connect due to {e}")
        return Verdict.DOWN("can't connect to host")
    except Exception as e:
        print(e)
        return Verdict.MUMBLE("bad proto")
Ejemplo n.º 21
0
def get(get_request: GetRequest) -> Verdict:
    user, cube, pub_cube, ct, priv_key = get_request.flag_id.split(":")
    cube, pub_cube = map(Cube.from_str, (cube, pub_cube))
    priv_key = int(priv_key)
    ct = ct.encode()

    api = Api(get_request.hostname)


    user2 = generate_user()
    cube2 = generate_cube()
    info2 = generate_info()

    try:
        api.connect()
    except Exception:
        return Verdict.DOWN("DOWN")

    if api.register(user2, cube2, info2) is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't register")

    users_list = api.list_users()
    if not users_list:
        api.disconnect()
        return Verdict.MUMBLE("Can't get user's list")
    
    if user not in users_list:
        api.disconnect()
        return Verdict.MUMBLE("Can't find user in user's list")

    server_users_pub_cube = api.get_users_pub_cube(user)
    if server_users_pub_cube is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't get user's pub_cube")

    if server_users_pub_cube != pub_cube:
        api.disconnect()
        return Verdict.MUMBLE("Wrong user's pub_cube")

    server_users_ciphercubes = api.get_users_ciphercubes(user)
    if server_users_ciphercubes is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't get user's ciphercubes")

    if server_users_ciphercubes != ct:
        api.disconnect()
        return Verdict.MUMBLE("Wrong user's ciphercubes")

    api.disconnect()


    try:
        api.connect()
    except Exception:
        return Verdict.DOWN("DOWN")
    login_pub_cube = api.login(user, cube)
    if login_pub_cube is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't login")
    if login_pub_cube != pub_cube:
        api.disconnect()
        return Verdict.MUMBLE("Wrong public cube")

    res = api.decrypt(priv_key)
    if res is None:
        api.disconnect()
        return Verdict.MUMBLE("Can't decrypt")

    if res != get_request.flag:
        api.disconnect()
        return Verdict.CORRUPT("Wrong decryption")

    api.disconnect()

    return Verdict.OK()