def check(check_request: CheckRequest) -> Verdict:
user = generate_user()
cube = generate_cube()
info = generate_info()
api = Api(check_request.hostname)
try:
api.connect()
except Exception:
return Verdict.DOWN("DOWN")
register_pub_cube = api.register(user, cube, info)
api.disconnect()
if register_pub_cube is None:
return Verdict.MUMBLE("Can't register")
try:
api.connect()
except Exception:
return Verdict.DOWN("DOWN")
login_pub_cube = api.login(user, cube)
api.disconnect()
if login_pub_cube is None:
return Verdict.MUMBLE("Can't login")
if register_pub_cube != login_pub_cube:
return Verdict.MUMBLE("Wrong public cube")
return Verdict.OK()
async def put_flag_aes(request: PutRequest) -> Verdict:
algo = utils_pb2.Algo.AES
login, msg = os.urandom(12), extend_flag_aes(request.flag).encode()
try:
key, decrypted_msg = await set_msg(login, msg, algo, request.hostname)
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
if decrypted_msg != msg:
return Verdict.DOWN("AES doesn't work")
if login not in await get_logins(algo, request.hostname):
return Verdict.MUMBLE("Can't find login")
return Verdict.OK("{}:{}".format(login.hex(), key))
def put(put_request: PutRequest) -> Verdict:
user = generate_user()
cube = generate_cube()
info = generate_info()
api = Api(put_request.hostname)
try:
api.connect()
except Exception:
return Verdict.DOWN("DOWN")
pub_cube = api.register(user, cube, info)
if pub_cube is None:
api.disconnect()
return Verdict.MUMBLE("Can't register")
res = api.encrypt(put_request.flag)
if res is None:
api.disconnect()
return Verdict.MUMBLE("Can't encrypt")
ct, priv_key = res
api.disconnect()
try:
is_correct = check_encryption_correctnes(ct, pub_cube, priv_key, put_request.flag)
except Exception:
is_correct = False
if not is_correct:
return Verdict.CORRUPT("Wrong encryption")
return Verdict.OK(':'.join([user, cube.as_str(), pub_cube.as_str(), ct.decode(), str(priv_key)]))
async def check_service(request: CheckRequest) -> Verdict:
async with API(request.hostname) as api:
try:
creds = get_reg_creds()
status = await api.registration(creds)
if status != 302:
print(f'REGISTRATION: Wait 302, but return {status}')
return Verdict.MUMBLE("Registration error")
status = await api.update_user({
"login": creds['login'],
"additionalInfo": grs(25)
})
if status != 200:
print(f'UPDATE USER: Wait 200, but return {status}')
return Verdict.MUMBLE("Can't update user")
status, res_json = await api.create_planner(get_planner())
if status != 201 and len(res_json) != 0:
print(
f'CREATE PANNER: Wait 201 with not empty json, but return {status} with {res_json}'
)
return Verdict.MUMBLE("Can't create planner")
planner_id = res_json['id']
status = await api.create_task(planner_id, get_task())
if status != 201:
print(f'CREATE TASK: Wait 201, but return {status}')
Verdict.MUMBLE("Can't create task")
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
return Verdict.OK()
async def put_second_flag_into_the_service(request: PutRequest) -> Verdict:
async with API(request.hostname) as api:
try:
creds = get_reg_creds()
status = await api.registration(creds)
if status != 302:
print(f'ON PUT 2 REGISTRATION: Wait 302, but return {status}')
return Verdict.MUMBLE("Registration error")
planner = get_planner()
status, planner = await api.create_planner(planner)
if status != 201 or len(planner) == 0:
print(f'ON GET 2 GET PLANNER: Wait 201, but return {status}')
return Verdict.MUMBLE("Can't create planner")
status, text = await api.get_planners()
planner_id = planner["id"]
if status != 200 or len(text.split(f'<tr id="{planner_id}">')) < 1:
print(f'ON GET 2 GET PLANNERS: Wait 200, but return {status}')
return Verdict.MUMBLE("Can't get planner")
task = get_task()
task['description'] = request.flag
status = await api.create_task(planner_id, task)
if status != 201:
print(f'ON GET 2 CREATE TASK: Wait 201, but return {status}')
Verdict.MUMBLE("Can't create task")
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
return Verdict.OK(f"{creds['login']}:{creds['password']}:{planner['id']}")
def put(put_request: PutRequest) -> Verdict:
api = Api()
try:
unit_name = randomize()
id_of_basement = api.add_new_chess_unit(put_request.hostname,
unit_name, put_request.flag)
armory_id = randomize()
new_armory_id = api.add_armory_unit(put_request.hostname, armory_id)
result = api.add_unit_to_chess(put_request.hostname, unit_name,
new_armory_id)
last_50_objects = api.get_latest_objects(put_request.hostname, 50)
if "Armory" not in str(api.object_info(put_request.hostname,
unit_name)):
print("Armory not in object")
return Verdict.MUMBLE("Bad object")
if unit_name not in last_50_objects or result not in last_50_objects or armory_id not in last_50_objects:
print("last 50 object doesnt contain needed info")
return Verdict.MUMBLE("bad objects listing")
if result != unit_name:
print("result != unit name")
return Verdict.MUMBLE("bad object id after adding")
if armory_id != new_armory_id:
print("bad armory id")
return Verdict.MUMBLE("bad object id after adding")
return Verdict.OK(f"{unit_name}:{id_of_basement}")
except RequestException as e:
print(f"timeout on connect {e}")
return Verdict.DOWN("timeout")
except Exception as e:
print(f"possible mumble, {e}")
return Verdict.MUMBLE("bad proto")
def get(get_request: GetRequest) -> Verdict:
user, cube, pub_cube = get_request.flag_id.split(":")
cube, pub_cube = map(Cube.from_str, (cube, pub_cube))
info = get_request.flag
api = Api(get_request.hostname)
try:
api.connect()
except Exception:
return Verdict.DOWN("DOWN")
login_pub_cube = api.login(user, cube)
if login_pub_cube is None:
api.disconnect()
return Verdict.MUMBLE("Can't login")
if login_pub_cube != pub_cube:
api.disconnect()
return Verdict.MUMBLE("Wrong public cube")
server_info = api.get_info()
if server_info is None:
api.disconnect()
return Verdict.MUMBLE("Can't get info")
api.disconnect()
if server_info != info:
return Verdict.CORRUPT("Wrong user info")
return Verdict.OK()
def ensure_success(request):
try:
r = request()
except Exception as e:
raise HTTPException(Verdict.DOWN("HTTP error"))
if r.status_code != 200:
raise HTTPException(Verdict.MUMBLE("Invalid status code: %s %s" % (r.url, r.status_code)))
return r
async def check_service(request: CheckRequest) -> Verdict:
async with API(request.hostname) as api:
try:
await api.ping()
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
return Verdict.OK()
async def get_flag_xor(request: GetRequest) -> Verdict:
algo = utils_pb2.Algo.XOR
try:
login, key = request.flag_id.split(':')
login, key = bytes.fromhex(login), int(key)
if login not in await get_logins(algo, request.hostname):
return Verdict.MUMBLE("Can't find login")
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
try:
flag = await get_msg(login, key, algo, request.hostname)
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
if flag != extend_flag_xor(request.flag).encode():
return Verdict.CORRUPT("Wrong flag")
return Verdict.OK()
def check(check_request: CheckRequest) -> Verdict:
api = Api()
try:
rand_uuid = api.add_new_chess_unit(check_request.hostname, randomize(),
randomize())
if len(rand_uuid) > 0:
return Verdict.OK()
except RequestException as e:
print(f"can't connect due to {e}")
return Verdict.DOWN("can't connect to host")
except Exception as e:
print(e)
return Verdict.MUMBLE("bad proto")
def put(put_request: PutRequest) -> Verdict:
api = Api(put_request.hostname)
try:
username, password = get_random_str(), get_random_str()
r = api.sing_up(username, password, get_random_str(), get_random_str())
api.add_bark(username, put_request.flag, is_private=True)
api.logout()
return Verdict.OK(f"{username}:{password}")
except RequestException as e:
print(f"can't connect due to {e}")
return Verdict.DOWN("can't connect to host")
except Exception as e:
print(e)
return Verdict.MUMBLE("bad proto")
def put(put_request: PutRequest) -> Verdict:
api = Api(put_request.hostname)
try:
username, password, bark = get_random_str(), get_random_str(), get_random_text()
r = api.sing_up(username, password, get_random_str(), get_random_str())
r = api.add_bark(username, bark, is_private=False)
bark_id = int(r.text.split(bark)[0].split("/get_bark/")[1][0:-3])
api.comment_bark(bark_id, put_request.flag, True)
api.logout()
return Verdict.OK(f"{username}:{password}:{bark_id}")
except RequestException as e:
print(f"can't connect due to {e}")
return Verdict.DOWN("can't connect to host")
except Exception as e:
print(e)
return Verdict.MUMBLE("bad proto")
def put(put_request: PutRequest) -> Verdict:
user = generate_user()
cube = generate_cube()
info = put_request.flag
api = Api(put_request.hostname)
try:
api.connect()
except Exception:
return Verdict.DOWN("DOWN")
pub_cube = api.register(user, cube, info)
api.disconnect()
if pub_cube is None:
return Verdict.MUMBLE("Can't register")
return Verdict.OK(':'.join([user, cube.as_str(), pub_cube.as_str()]))
async def get_flag_from_the_service(request: GetRequest) -> Verdict:
async with API(request.hostname) as api:
try:
login, password = request.flag_id.split(":")
status = await api.login(login, password)
if status != 200:
print(f'ON GET 1 LOG IN: Wait 200, but return {status}')
return Verdict.MUMBLE("Can't log in")
status, text = await api.get_profile()
if status != 200:
print(f'ON GET 1 GET PROFILE: Wait 200, but return {status}')
return Verdict.MUMBLE("Can't get profile")
if request.flag not in FLAG_PATTERN.findall(text):
print(f'ON GET 1 FLAG ERROR: not found')
return Verdict.CORRUPT("Can't find flag")
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
return Verdict.OK()
async def put_flag_into_the_service(request: PutRequest) -> Verdict:
async with API(request.hostname) as api:
try:
creds = get_reg_creds()
status = await api.registration(creds)
if status != 302:
print(f'ON PUT 1 REGISTRATION: Wait 302, but return {status}')
return Verdict.MUMBLE("Registration error")
status = await api.update_user({
"login": creds['login'],
"additionalInfo": request.flag
})
if status != 200:
print(f'ON PUT 1 UPDATE USER: Wait 200, but return {status}')
return Verdict.MUMBLE("Can't update user")
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
return Verdict.OK(f"{creds['login']}:{creds['password']}")
def get(get_request: GetRequest) -> Verdict:
api = Api()
try:
addr, secret = get_request.flag_id.strip().split(":")
try:
resulting_info = api.basement_info(get_request.hostname, addr,
secret)
if get_request.flag in resulting_info:
return Verdict.OK()
else:
print(resulting_info, get_request.flag)
return Verdict.CORRUPT("bad flag")
except Exception as e:
print(f"bad access {e}")
return Verdict.CORRUPT("can't reach flag")
except RequestException as e:
print(e)
return Verdict.DOWN("seems to be down")
except Exception as e:
print(f"ex {e}")
return Verdict.MUMBLE("bad proto")
def get(get_request: GetRequest) -> Verdict:
api = Api(get_request.hostname)
try:
username, password = get_request.flag_id.split(":")
r = api.login(username, password)
if r.status_code != 200:
return Verdict.MUMBLE("can't login")
if get_request.flag in r.text:
return Verdict.OK()
else:
print(f"Can't find flag {get_request.flag} in {r.text}")
return Verdict.CORRUPT("flag not found")
except RequestException as e:
print(f"can't connect due to {e}")
return Verdict.DOWN("can't connect to host")
except Exception as e:
print(e)
return Verdict.MUMBLE("bad proto")
async def get_flag_from_the_service(request: GetRequest) -> Verdict:
async with API(request.hostname) as api:
try:
login, password, planner_id = request.flag_id.split(":")
status = await api.login(login, password)
if status != 200:
print(f'ON PUT 2 LOG IN:Wait 200, but return {status}')
return Verdict.MUMBLE("Can't log in")
status, tasks = await api.get_tasks(planner_id, WEEK, YEAR)
if status != 200 or len(tasks) == 0:
print(
f'ON PUT 2 GET TASKS: Wait 200, but return {status} without tasks'
)
return Verdict.MUMBLE("Can't get tasks")
for task in tasks:
if request.flag in task['description']:
return Verdict.OK()
except Exception as ex:
print(traceback.format_exc())
return Verdict.DOWN('DOWN')
print(f'ON GET 2 flag not found')
return Verdict.CORRUPT("Can't find flag")
def check(check_request: CheckRequest) -> Verdict:
api = Api(check_request.hostname)
try:
username = get_random_str()
password = get_random_str()
r = api.sing_up(username, password, get_random_str(), get_random_str())
if r.status_code == 200 and f"{api.url}/{username}/" != r.url:
print(f"Found {r.url}, but wait {api.url}/{username}. Status code {r.status_code}")
return Verdict.MUMBLE("can't pass registration")
bark = get_random_text()
r = api.add_bark(username, bark)
if r.status_code == 200 and f"{api.url}/{username}/" != r.url or bark not in r.text:
print(f"Found {r.url}, but wait {api.url}/{username} OR '{bark}' not in response. Status code: {r.status_code}")
return Verdict.MUMBLE("can't create bark")
bark_id = int(r.text.split(bark)[0].split("/get_bark/")[1][0:-3])
comment = get_random_text()
r = api.comment_bark(bark_id, comment)
if r.status_code == 200 and comment not in r.text:
print(f"Comment {comment} not in response. Status code: {r.status_code}")
return Verdict.MUMBLE("can't create comment")
api.logout()
new_username = get_random_str()
new_password = get_random_str()
r = api.sing_up(new_username, new_password, get_random_str(), get_random_str())
r = api.add_friend(username)
if r.status_code == 200 and username not in r.text:
print(f"Can't find {username} in friends list. Status code: {r.status_code}")
return Verdict.MUMBLE("can't add friend")
api.logout()
r = api.login(username, password)
if r.status_code == 200 and f"{api.url}/{username}/" != r.url:
print(f"Found {r.url}, but wait {api.url}/{username}. Status code: {r.status_code}")
return Verdict.MUMBLE("can't log in")
r = api.confirm_friend(new_username)
if r.status_code == 200 and username not in r.text:
print(f"Friend {username} not found in friends list. Status code: {r.status_code}")
return Verdict.MUMBLE("can't confirm friend")
token = api.generate_token()
if not token:
print(f"Can't get token")
return Verdict.MUMBLE("can't get token")
api.logout()
user_dict = api.api_index(token)
if user_dict['username'] != username or user_dict['token'] != token:
print(f"Fields username and token isn't correct. Found: {user_dict['username']}, {user_dict['token']}. Wait: {username}, {token}")
return Verdict.MUMBLE("api user info incorrect")
barks_list = api.api_barks(token, username)
for user_bark in barks_list:
if user_bark['text'] == bark:
break
else:
print(f"Wait for '{bark}', but got {user_bark['text']}")
return Verdict.MUMBLE("incorrect bark")
comments_list = api.api_comments(token, bark_id)
for user_comment in comments_list:
if user_comment['text'] == comment:
break
else:
print(f"Wait for '{comment}', but got {user_comment['text']}")
return Verdict.MUMBLE("incorrect comment")
user_info = api.api_user_info(token, username)
if user_info['username'] != username or user_info['id'] != user_dict['id']:
print(f"Incorrect user_info. Got {user_info['username']}, {user_info['id']}, but wait {username}, {user_dict['id']}")
return Verdict.MUMBLE("incorrect user info")
for i in range(0, 5):
users_list = api.api_get_users(token, i)
if [u for u in users_list if u['username'] == username and u['id'] == user_dict['id']]:
break
else:
print(f"can't find user via api")
return Verdict.MUMBLE("can't find user")
for i in range(0, 5):
barks_list = api.api_get_last_barks(token, i)
if [b for b in barks_list if b['id'] == bark_id]:
break
else:
print(f"can't find user via api")
return Verdict.MUMBLE("can't find user")
return Verdict.OK()
except RequestException as e:
print(f"can't connect due to {e}")
return Verdict.DOWN("can't connect to host")
except Exception as e:
print(e)
return Verdict.MUMBLE("bad proto")
def get(get_request: GetRequest) -> Verdict:
user, cube, pub_cube, ct, priv_key = get_request.flag_id.split(":")
cube, pub_cube = map(Cube.from_str, (cube, pub_cube))
priv_key = int(priv_key)
ct = ct.encode()
api = Api(get_request.hostname)
user2 = generate_user()
cube2 = generate_cube()
info2 = generate_info()
try:
api.connect()
except Exception:
return Verdict.DOWN("DOWN")
if api.register(user2, cube2, info2) is None:
api.disconnect()
return Verdict.MUMBLE("Can't register")
users_list = api.list_users()
if not users_list:
api.disconnect()
return Verdict.MUMBLE("Can't get user's list")
if user not in users_list:
api.disconnect()
return Verdict.MUMBLE("Can't find user in user's list")
server_users_pub_cube = api.get_users_pub_cube(user)
if server_users_pub_cube is None:
api.disconnect()
return Verdict.MUMBLE("Can't get user's pub_cube")
if server_users_pub_cube != pub_cube:
api.disconnect()
return Verdict.MUMBLE("Wrong user's pub_cube")
server_users_ciphercubes = api.get_users_ciphercubes(user)
if server_users_ciphercubes is None:
api.disconnect()
return Verdict.MUMBLE("Can't get user's ciphercubes")
if server_users_ciphercubes != ct:
api.disconnect()
return Verdict.MUMBLE("Wrong user's ciphercubes")
api.disconnect()
try:
api.connect()
except Exception:
return Verdict.DOWN("DOWN")
login_pub_cube = api.login(user, cube)
if login_pub_cube is None:
api.disconnect()
return Verdict.MUMBLE("Can't login")
if login_pub_cube != pub_cube:
api.disconnect()
return Verdict.MUMBLE("Wrong public cube")
res = api.decrypt(priv_key)
if res is None:
api.disconnect()
return Verdict.MUMBLE("Can't decrypt")
if res != get_request.flag:
api.disconnect()
return Verdict.CORRUPT("Wrong decryption")
api.disconnect()
return Verdict.OK()