def submit(exploit_dir, service_dir, branch, target, config_file, token=None): config = load_config(config_file) timeout = config["exploit_timeout"]["exercise_phase"] prompt_checkout_warning(service_dir) verified_branch = None result, _ = verify_exploit(exploit_dir, service_dir, branch, timeout, config) if result: verified_branch = branch if verified_branch is None: print("[*] Your exploit did not work against any of the branch") sys.exit() print("[*] Your exploit has been verified against branch '%s'" % verified_branch) # Not encrypt exploit signer = config["player"] encrypted_exploit = encrypt_exploit(exploit_dir, target, config, signer) if encrypted_exploit is None: print "[*] Failed to encrypt exploit" sys.exit(0) # Submit an issue with the encrypted exploit issue_title = "exploit-%s" % verified_branch github = Github(config["player"], token) submit_issue(issue_title, encrypted_exploit, target, config, github) # Clean up rmfile(encrypted_exploit)
def fetch(team, issue_no, config, token=None): repo_owner = config['repo_owner'] repo_name = config['teams'][team]['repo_name'] github = Github(config["player"], token) _, submitter, create_time, content = \ get_github_issue(repo_owner, repo_name, issue_no, github) # Write the fetched issue content to temp file tmpfile = "/tmp/gitctf_%s.issue" % random_string(6) with open(tmpfile, "w") as f: f.write(content) # Decrypt the exploit out_dir = "exploit-%s-%s" % (submitter, create_time) prompt_rmdir_warning(out_dir) rmdir(out_dir) mkdir(out_dir) team = config["player_team"] out_dir = decrypt_exploit(tmpfile, config, team, out_dir, submitter) if out_dir is not None: print "Exploit fetched into %s" % out_dir # Clean up rmfile(tmpfile)
def encrypt_exploit(exploit_dir, target_team, config, signer=None): # Remove trailing slash, for user convenience exploit_dir = remove_trailing_slash(exploit_dir) out_file = exploit_dir + ".zip.pgp" # Retrieve information from config teams = config["teams"] instructor_pubkey = teams["instructor"]["pub_key_id"] target_pubkey = teams[target_team]['pub_key_id'] # Zip the directory tmp_path = "/tmp/gitctf_%s" % random_string(6) shutil.make_archive(tmp_path, "zip", exploit_dir) zip_file = tmp_path + ".zip" # make_archive() automatically appends suffix. # Encrypt the zipped file encrypt_cmd = "gpg -o %s " % out_file if signer is not None: signer_pubkey = config["individual"][signer]['pub_key_id'] encrypt_cmd += "--default-key %s --sign " % signer_pubkey encrypt_cmd += "-e -r %s -r %s " % (instructor_pubkey, target_pubkey) encrypt_cmd += "--armor %s" % zip_file _, err, ret = run_command(encrypt_cmd, None) rmfile(zip_file) # Clean up zip file. if ret != 0: print "[*] Failed to sign/encrypt %s" % zip_file print err return None return out_file
def clean_trees(self): """ Delete any previously built pxelinux.cfg tree and virt tree info and then create directories. Note: for SELinux reasons, some information goes in /tftpboot, some in /var/www/cobbler and some must be duplicated in both. This is because PXE needs tftp, and auto-kickstart and Virt operations need http. Only the kernel and initrd images are duplicated, which is unfortunate, though SELinux won't let me give them two contexts, so symlinks are not a solution. *Otherwise* duplication is minimal. """ # clean out parts of webdir and all of /tftpboot/images and /tftpboot/pxelinux.cfg for x in os.listdir(self.settings.webdir): path = os.path.join(self.settings.webdir,x) if os.path.isfile(path): if not x.endswith(".py"): utils.rmfile(path,logger=self.logger) if os.path.isdir(path): if not x in ["aux", "web", "webui", "localmirror","repo_mirror","ks_mirror","images","links","pub","repo_profile","repo_system","svc","rendered",".link_cache"] : # delete directories that shouldn't exist utils.rmtree(path,logger=self.logger) if x in ["kickstarts","kickstarts_sys","images","systems","distros","profiles","repo_profile","repo_system","rendered"]: # clean out directory contents utils.rmtree_contents(path,logger=self.logger) # self.make_tftpboot() utils.rmtree_contents(self.pxelinux_dir,logger=self.logger) utils.rmtree_contents(self.grub_dir,logger=self.logger) utils.rmtree_contents(self.images_dir,logger=self.logger) utils.rmtree_contents(self.s390_dir,logger=self.logger) utils.rmtree_contents(self.yaboot_bin_dir,logger=self.logger) utils.rmtree_contents(self.yaboot_cfg_dir,logger=self.logger) utils.rmtree_contents(self.rendered_dir,logger=self.logger)
def clean_trees(self): """ Delete any previously built pxelinux.cfg tree and virt tree info and then create directories. Note: for SELinux reasons, some information goes in /tftpboot, some in /var/www/cobbler and some must be duplicated in both. This is because PXE needs tftp, and auto-kickstart and Virt operations need http. Only the kernel and initrd images are duplicated, which is unfortunate, though SELinux won't let me give them two contexts, so symlinks are not a solution. *Otherwise* duplication is minimal. """ # clean out parts of webdir and all of /tftpboot/images and /tftpboot/pxelinux.cfg for x in os.listdir(self.settings.webdir): path = os.path.join(self.settings.webdir, x) if os.path.isfile(path): if not x.endswith(".py"): utils.rmfile(path, logger=self.logger) if os.path.isdir(path): if x not in ["aux", "web", "webui", "localmirror", "repo_mirror", "ks_mirror", "images", "links", "pub", "repo_profile", "repo_system", "svc", "rendered", ".link_cache"]: # delete directories that shouldn't exist utils.rmtree(path, logger=self.logger) if x in ["kickstarts", "kickstarts_sys", "images", "systems", "distros", "profiles", "repo_profile", "repo_system", "rendered"]: # clean out directory contents utils.rmtree_contents(path, logger=self.logger) # self.make_tftpboot() utils.rmtree_contents(self.pxelinux_dir, logger=self.logger) utils.rmtree_contents(self.grub_dir, logger=self.logger) utils.rmtree_contents(self.images_dir, logger=self.logger) utils.rmtree_contents(self.yaboot_bin_dir, logger=self.logger) utils.rmtree_contents(self.yaboot_cfg_dir, logger=self.logger) utils.rmtree_contents(self.rendered_dir, logger=self.logger)
def remove_single_profile(self, name, rebuild_menu=True): # delete profiles/$name file in webdir utils.rmfile(os.path.join(self.settings.webdir, "profiles", name)) # delete contents on kickstarts/$name directory in webdir utils.rmtree(os.path.join(self.settings.webdir, "kickstarts", name)) if rebuild_menu: self.sync.tftpgen.make_pxe_menu()
def remove_single_system(self, name): bootloc = utils.tftpboot_location() system_record = self.systems.find(name=name) # delete contents of kickstarts_sys/$name in webdir system_record = self.systems.find(name=name) if self.settings.manage_dhcp: if self.settings.omapi_enabled: for (name,interface) in system_record.interfaces.iteritems(): self.sync.dhcp.remove_dhcp_lease( self.settings.omapi_port, interface["dns_name"] ) itanic = False profile = self.profiles.find(name=system_record.profile) if profile is not None: distro = self.distros.find(name=profile.distro) if distro is not None and distro in [ "ia64", "IA64"]: itanic = True for (name,interface) in system_record.interfaces.iteritems(): filename = utils.get_config_filename(system_record,interface=name) if not itanic: utils.rmfile(os.path.join(bootloc, "pxelinux.cfg", filename)) else: utils.rmfile(os.path.join(bootloc, filename))
def remove_single_profile(self, name, rebuild_menu=True): # delete profiles/$name file in webdir utils.rmfile(os.path.join(self.settings.webdir, "profiles", name)) # delete contents on kickstarts/$name directory in webdir utils.rmtree(os.path.join(self.settings.webdir, "kickstarts", name)) if rebuild_menu: self.sync.pxegen.make_pxe_menu()
def remove_single_distro(self, name): bootloc = utils.tftpboot_location() # delete contents of images/$name directory in webdir utils.rmtree(os.path.join(self.settings.webdir, "images", name)) # delete contents of images/$name in tftpboot utils.rmtree(os.path.join(bootloc, "images", name)) # delete potential symlink to tree in webdir/links utils.rmfile(os.path.join(self.settings.webdir, "links", name))
def remove_single_system(self, name): bootloc = utils.tftpboot_location() system_record = self.systems.find(name=name) # delete contents of kickstarts_sys/$name in webdir system_record = self.systems.find(name=name) for (name, interface) in system_record.interfaces.iteritems(): filename = utils.get_config_filename(system_record, interface=name) utils.rmfile(os.path.join(bootloc, "pxelinux.cfg", filename)) utils.rmfile(os.path.join(bootloc, "grub", filename.upper()))
def up(num, tmp_file, args): url = 'http://' + args.serverAddress + '/upload' try: for i in range(num, -1, -1): file = tmp_file + str(i) utils.upload(file, url) utils.rmfile(file) num -= 1 except: utils.log('err_upload_data', args.file, 'error') return utils.log( 'again_upload_data', 'python dic.py -u impact --file ' + args.file + ' --n ' + num + ' --job ' + args.job, 'error')
def commit_and_push(scoreboard_dir): _, _, r = run_command('git add score.csv', scoreboard_dir) if r != 0: print('[*] Failed to git add score.csv.') return False _, _, r = run_command('git commit -F %s' % msg_file, scoreboard_dir) if r != 0: print('[*] Failed to commit score.csv.') return False _, _, r = run_command('git push origin master', scoreboard_dir) if r != 0: print('[*] Failed to push the score.') return False rmfile(os.path.join(scoreboard_dir, msg_file)) return True
def remove_single_system(self, name): bootloc = utils.tftpboot_location() system_record = self.systems.find(name=name) # delete contents of kickstarts_sys/$name in webdir system_record = self.systems.find(name=name) itanic = False profile = self.profiles.find(name=system_record.profile) if profile is not None: distro = self.distros.find(name=profile.get_conceptual_parent().name) if distro is not None and distro in [ "ia64", "IA64"]: itanic = True for (name,interface) in system_record.interfaces.iteritems(): filename = utils.get_config_filename(system_record,interface=name) if not itanic: utils.rmfile(os.path.join(bootloc, "pxelinux.cfg", filename)) else: utils.rmfile(os.path.join(bootloc, filename))
def submit(exploit_dir, service_dir, branch, target, config_file, token=None, confirm=True): config = load_config(config_file) timeout = config["exploit_timeout"]["exercise_phase"] if confirm: prompt_checkout_warning(service_dir) verified_branch = None result, _ = verify_exploit(exploit_dir, service_dir, branch, timeout, config) if result: verified_branch = branch if verified_branch is None : print("[*] Your exploit did not work against any of the branch") sys.exit() print("[*] Your exploit has been verified against branch '%s'" % verified_branch) # Not encrypt exploit signer = config["player"] encrypted_exploit = encrypt_exploit(exploit_dir, target, config, signer) if encrypted_exploit is None: print("[*] Failed to encrypt exploit") sys.exit(0) # Submit an issue with the encrypted exploit issue_title = "exploit-%s" % verified_branch github = Github(config["player"], token) issue_number, issue_url = submit_issue(issue_title, encrypted_exploit, target, config, github) # Clean up rmfile(encrypted_exploit) # Add NetID signer_pubkey = config["individual"][signer]['pub_key_id'] create_comment(config['repo_owner'], config['teams'][target]['repo_name'], issue_number, "My NetID is %s, and my pub key id is %s" % (config["player_team"], signer_pubkey), github) # Add Public Key public_key = export_public_key(config, signer) create_comment(config['repo_owner'], config['teams'][target]['repo_name'], issue_number, public_key, github) print("Success! Your issue url is:", issue_url)
def decrypt_exploit(encrypted_exploit_path, config, team, out_dir=None, \ expected_signer=None): if out_dir is None: out_dir = "exploit" rmdir(out_dir) tmpzip = "/tmp/gitctf_%s.zip" % random_string(6) tmpdir = "/tmp/gitctf_%s" % random_string(6) tmpgpg = "/tmp/gitctf_%s.gpg" % random_string(6) if expected_signer == None: decrypt_cmd = 'gpg -o %s %s' % (tmpzip, encrypted_exploit_path) else: instructor_id = config['teams']['instructor']['pub_key_id'] team_id = config['teams'][team]['pub_key_id'] expected_signer_id = config['individual'][expected_signer][ 'pub_key_id'] # Make keyring run_command("gpg -o %s --export %s %s %s" % (tmpgpg, \ expected_signer_id, instructor_id, team_id), os.getcwd()) decrypt_cmd = "gpg --no-default-keyring --keyring %s -o %s %s" \ % (tmpgpg, tmpzip, encrypted_exploit_path) _, err, r = run_command(decrypt_cmd, os.getcwd()) if r != 0: print "[*] Failed to decrypt/verify %s" % encrypted_exploit_path print err return None run_command('unzip %s -d %s' % (tmpzip, tmpdir), os.getcwd()) shutil.move(tmpdir, out_dir) rmfile(tmpzip) rmfile(tmpgpg) rmdir(tmpdir) return out_dir
def remove_single_system(self, name): bootloc = utils.tftpboot_location() system_record = self.systems.find(name=name) # delete contents of kickstarts_sys/$name in webdir system_record = self.systems.find(name=name) itanic = False profile = self.profiles.find(name=system_record.profile) if profile is not None: distro = self.distros.find(name=profile.get_conceptual_parent().name) if distro is not None and distro in [ "ia64", "IA64"]: itanic = True for (name,interface) in system_record.interfaces.iteritems(): filename = utils.get_config_filename(system_record,interface=name) if not itanic: utils.rmfile(os.path.join(bootloc, "pxelinux.cfg", filename)) utils.rmfile(os.path.join(bootloc, "grub", filename.upper())) else: utils.rmfile(os.path.join(bootloc, filename))
def write_pxe_file(self, filename, system, profile, distro, arch, image=None, include_header=True, metadata=None, format="pxe"): """ Write a configuration file for the boot loader(s). More system-specific configuration may come in later, if so that would appear inside the system object in api.py Can be used for different formats, "pxe" (default) and "grub". """ if arch is None: raise "missing arch" if image and not os.path.exists(image.file): return None # nfs:// URLs or something, can't use for TFTP if metadata is None: metadata = {} (rval, settings) = utils.input_string_or_dict(self.settings.to_dict()) if rval: for key in settings.keys(): metadata[key] = settings[key] # --- # just some random variables template = None buffer = "" # --- autoinstall_path = None kernel_path = None initrd_path = None img_path = None if image is None: # not image based, it's something normalish img_path = os.path.join("/images", distro.name) if 'nexenta' == distro.breed: kernel_path = os.path.join("/images", distro.name, 'platform', 'i86pc', 'kernel', 'amd64', os.path.basename(distro.kernel)) initrd_path = os.path.join("/images", distro.name, 'platform', 'i86pc', 'amd64', os.path.basename(distro.initrd)) elif 'http' in distro.kernel and 'http' in distro.initrd: kernel_path = distro.kernel initrd_path = distro.initrd else: kernel_path = os.path.join("/images", distro.name, os.path.basename(distro.kernel)) initrd_path = os.path.join("/images", distro.name, os.path.basename(distro.initrd)) # Find the automatic installation file if we inherit from another profile if system: blended = utils.blender(self.api, True, system) else: blended = utils.blender(self.api, True, profile) autoinstall_path = blended.get("autoinstall", "") # update metadata with all known information # this allows for more powerful templating metadata.update(blended) else: # this is an image we are making available, not kernel+initrd if image.image_type == "direct": kernel_path = os.path.join("/images2", image.name) elif image.image_type == "memdisk": kernel_path = "/memdisk" initrd_path = os.path.join("/images2", image.name) else: # CD-ROM ISO or virt-clone image? We can't PXE boot it. kernel_path = None initrd_path = None if img_path is not None and "img_path" not in metadata: metadata["img_path"] = img_path if kernel_path is not None and "kernel_path" not in metadata: metadata["kernel_path"] = kernel_path if initrd_path is not None and "initrd_path" not in metadata: metadata["initrd_path"] = initrd_path # --- # choose a template if system: if format == "grub": if system.netboot_enabled: template = os.path.join(self.settings.boot_loader_conf_template_dir, "grubsystem.template") else: local = os.path.join(self.settings.boot_loader_conf_template_dir, "grublocal.template") if os.path.exists(local): template = local else: # pxe if system.netboot_enabled: template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxesystem.template") if arch.startswith("ppc"): # to inherit the distro and system's boot_loader values correctly blended_system = utils.blender(self.api, False, system) if blended_system["boot_loader"] == "pxelinux": template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxesystem_ppc.template") elif distro.boot_loader == "grub2" or blended_system["boot_loader"] == "grub2": template = os.path.join(self.settings.boot_loader_conf_template_dir, "grub2_ppc.template") else: template = os.path.join(self.settings.boot_loader_conf_template_dir, "yaboot_ppc.template") elif arch.startswith("arm"): template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxesystem_arm.template") elif distro and distro.os_version.startswith("esxi"): # ESXi uses a very different pxe method, using more files than # a standard automatic installation file and different options - # so giving it a dedicated PXE template makes more sense than # shoe-horning it into the existing templates template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxesystem_esxi.template") else: # local booting on ppc requires removing the system-specific dhcpd.conf filename if arch is not None and arch.startswith("ppc"): # Disable yaboot network booting for all interfaces on the system for (name, interface) in system.interfaces.iteritems(): filename = "%s" % utils.get_config_filename(system, interface=name).lower() # Remove symlink to the yaboot binary f3 = os.path.join(self.bootloc, "ppc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Remove the interface-specific config file f3 = os.path.join(self.bootloc, "boot/grub", "grub.cfg-" + filename) if os.path.lexists(f3): utils.rmfile(f3) f3 = os.path.join(self.bootloc, "etc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Yaboot/OF doesn't support booting locally once you've # booted off the network, so nothing left to do return None else: template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxelocal.template") else: # not a system record, so this is a profile record or an image if arch.startswith("arm"): template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxeprofile_arm.template") elif format == "grub": template = os.path.join(self.settings.boot_loader_conf_template_dir, "grubprofile.template") elif distro and distro.os_version.startswith("esxi"): # ESXi uses a very different pxe method, see comment above in the system section template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxeprofile_esxi.template") elif 'nexenta' == format: template = os.path.join(self.settings.boot_loader_conf_template_dir, 'nexenta_profile.template') else: template = os.path.join(self.settings.boot_loader_conf_template_dir, "pxeprofile.template") if kernel_path is not None: metadata["kernel_path"] = kernel_path if initrd_path is not None: metadata["initrd_path"] = initrd_path # generate the kernel options and append line: kernel_options = self.build_kernel_options(system, profile, distro, image, arch, autoinstall_path) metadata["kernel_options"] = kernel_options if distro and distro.os_version.startswith("esxi") and filename is not None: append_line = "BOOTIF=%s" % (os.path.basename(filename)) elif "initrd_path" in metadata and (not arch or arch not in ["ppc", "ppc64", "arm"]): append_line = "append initrd=%s" % (metadata["initrd_path"]) else: append_line = "append " append_line = "%s%s" % (append_line, kernel_options) if arch.startswith("ppc"): # remove the prefix "append" # TODO: this looks like it's removing more than append, really # not sure what's up here... append_line = append_line[7:] if distro and distro.os_version.startswith("xenserver620"): append_line = "%s" % (kernel_options) metadata["append_line"] = append_line # store variables for templating metadata["menu_label"] = "" if profile: if arch not in ["ppc", "ppc64"]: metadata["menu_label"] = "MENU LABEL %s" % profile.name metadata["profile_name"] = profile.name elif image: metadata["menu_label"] = "MENU LABEL %s" % image.name metadata["profile_name"] = image.name if system: metadata["system_name"] = system.name # get the template if kernel_path is not None: template_fh = open(template) template_data = template_fh.read() template_fh.close() else: # this is something we can't PXE boot template_data = "\n" # save file and/or return results, depending on how called. buffer = self.templar.render(template_data, metadata, None) if filename is not None: self.logger.info("generating: %s" % filename) fd = open(filename, "w") fd.write(buffer) fd.close() return buffer
def remove_single_image(self, name): bootloc = utils.tftpboot_location() utils.rmfile(os.path.join(bootloc, "images2", name))
key_id = matches.group(2) net_id_folder = "{}/{}".format(destination, net_id) if not os.path.isdir(net_id_folder): mkdir(net_id_folder) issue_folder = "{}/{}/".format(net_id_folder, issue_id) create_or_empty_folder(issue_folder) with open(issue_folder + "answer.zip.pgp", "w") as f: f.write(body) with open(issue_folder + "pub_key.asc", "w") as f: f.write(comments[1]) run_command("gpg --import pub_key.asc", issue_folder) run_command("gpg -o answer.zip answer.zip.pgp", issue_folder) run_command("unzip answer.zip -d ./", issue_folder) rmfile(issue_folder + "answer.zip") shutil.make_archive("{}/{}".format(net_id_folder, issue_id), "zip", issue_folder) # GitHub has a limitation for how many requests we can make per minute time.sleep(random.randint(1, 3))
def write_pxe_file(self, filename, system, profile, distro, arch, image=None, include_header=True, metadata=None, format="pxe"): """ Write a configuration file for the boot loader(s). More system-specific configuration may come in later, if so that would appear inside the system object in api.py NOTE: relevant to tftp and pseudo-PXE (s390) only ia64 is mostly the same as syslinux stuff, s390 is a bit short-circuited and simpler. All of it goes through the templating engine, see the templates in /etc/cobbler for more details Can be used for different formats, "pxe" (default) and "grub". """ if arch is None: raise "missing arch" if image and not os.path.exists(image.file): return None # nfs:// URLs or something, can't use for TFTP if metadata is None: metadata = {} (rval,settings) = utils.input_string_or_hash(self.settings.to_datastruct()) if rval: for key in settings.keys(): metadata[key] = settings[key] # --- # just some random variables template = None buffer = "" # --- kickstart_path = None kernel_path = None initrd_path = None img_path = None if image is None: # not image based, it's something normalish img_path = os.path.join("/images",distro.name) kernel_path = os.path.join("/images",distro.name,os.path.basename(distro.kernel)) initrd_path = os.path.join("/images",distro.name,os.path.basename(distro.initrd)) # Find the kickstart if we inherit from another profile if system: blended = utils.blender(self.api, True, system) else: blended = utils.blender(self.api, True, profile) kickstart_path = blended.get("kickstart","") else: # this is an image we are making available, not kernel+initrd if image.image_type == "direct": kernel_path = os.path.join("/images2",image.name) elif image.image_type == "memdisk": kernel_path = "/memdisk" initrd_path = os.path.join("/images2",image.name) else: # CD-ROM ISO or virt-clone image? We can't PXE boot it. kernel_path = None initrd_path = None if img_path is not None and not metadata.has_key("img_path"): metadata["img_path"] = img_path if kernel_path is not None and not metadata.has_key("kernel_path"): metadata["kernel_path"] = kernel_path if initrd_path is not None and not metadata.has_key("initrd_path"): metadata["initrd_path"] = initrd_path # --- # choose a template if system: if format == "grub": template = os.path.join(self.settings.pxe_template_dir, "grubsystem.template") else: # pxe if system.netboot_enabled: template = os.path.join(self.settings.pxe_template_dir,"pxesystem.template") if arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir,"pxesystem_s390x.template") elif arch == "ia64": template = os.path.join(self.settings.pxe_template_dir,"pxesystem_ia64.template") elif arch.startswith("ppc"): template = os.path.join(self.settings.pxe_template_dir,"pxesystem_ppc.template") elif arch.startswith("arm"): template = os.path.join(self.settings.pxe_template_dir,"pxesystem_arm.template") elif distro and distro.os_version.startswith("esxi"): # ESXi uses a very different pxe method, using more files than # a standard kickstart and different options - so giving it a dedicated # PXE template makes more sense than shoe-horning it into the existing # templates template = os.path.join(self.settings.pxe_template_dir,"pxesystem_esxi.template") else: # local booting on ppc requires removing the system-specific dhcpd.conf filename if arch is not None and arch.startswith("ppc"): # Disable yaboot network booting for all interfaces on the system for (name,interface) in system.interfaces.iteritems(): filename = "%s" % utils.get_config_filename(system, interface=name).lower() # Remove symlink to the yaboot binary f3 = os.path.join(self.bootloc, "ppc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Remove the interface-specific config file f3 = os.path.join(self.bootloc, "etc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Yaboot/OF doesn't support booting locally once you've # booted off the network, so nothing left to do return None elif arch is not None and arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir,"pxelocal_s390x.template") elif arch is not None and arch.startswith("ia64"): template = os.path.join(self.settings.pxe_template_dir,"pxelocal_ia64.template") else: template = os.path.join(self.settings.pxe_template_dir,"pxelocal.template") else: # not a system record, so this is a profile record or an image if arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir,"pxeprofile_s390x.template") if arch.startswith("arm"): template = os.path.join(self.settings.pxe_template_dir,"pxeprofile_arm.template") elif format == "grub": template = os.path.join(self.settings.pxe_template_dir,"grubprofile.template") elif distro and distro.os_version.startswith("esxi"): # ESXi uses a very different pxe method, see comment above in the system section template = os.path.join(self.settings.pxe_template_dir,"pxeprofile_esxi.template") else: template = os.path.join(self.settings.pxe_template_dir,"pxeprofile.template") if kernel_path is not None: metadata["kernel_path"] = kernel_path if initrd_path is not None: metadata["initrd_path"] = initrd_path # generate the kernel options and append line: kernel_options = self.build_kernel_options(system, profile, distro, image, arch, kickstart_path) metadata["kernel_options"] = kernel_options if distro and distro.os_version.startswith("esxi") and filename is not None: append_line = "BOOTIF=%s" % (os.path.basename(filename)) elif metadata.has_key("initrd_path") and (not arch or arch not in ["ia64", "ppc", "ppc64", "arm"]): append_line = "append initrd=%s" % (metadata["initrd_path"]) else: append_line = "append " append_line = "%s%s" % (append_line, kernel_options) if arch.startswith("ppc") or arch.startswith("s390"): # remove the prefix "append" # TODO: this looks like it's removing more than append, really # not sure what's up here... append_line = append_line[7:] metadata["append_line"] = append_line # store variables for templating metadata["menu_label"] = "" if profile: if not arch in [ "ia64", "ppc", "ppc64", "s390", "s390x" ]: metadata["menu_label"] = "MENU LABEL %s" % profile.name metadata["profile_name"] = profile.name elif image: metadata["menu_label"] = "MENU LABEL %s" % image.name metadata["profile_name"] = image.name if system: metadata["system_name"] = system.name # get the template if kernel_path is not None: template_fh = open(template) template_data = template_fh.read() template_fh.close() else: # this is something we can't PXE boot template_data = "\n" # save file and/or return results, depending on how called. buffer = self.templar.render(template_data, metadata, None) if filename is not None: self.logger.info("generating: %s" % filename) fd = open(filename, "w") fd.write(buffer) fd.close() return buffer
def write_all_system_files(self, system): profile = system.get_conceptual_parent() if profile is None: raise CX("system %(system)s references a missing profile %(profile)s" % { "system" : system.name, "profile" : system.profile}) distro = profile.get_conceptual_parent() image_based = False image = None if distro is None: if profile.COLLECTION_TYPE == "profile": raise CX("profile %(profile)s references a missing distro %(distro)s" % { "profile" : system.profile, "distro" : profile.distro}) else: image_based = True image = profile # hack: s390 generates files per system not per interface if not image_based and distro.arch.startswith("s390"): # Always write a system specific _conf and _parm file f2 = os.path.join(self.bootloc, "s390x", "s_%s" % system.name) cf = "%s_conf" % f2 pf = "%s_parm" % f2 template_cf = open("/etc/cobbler/pxe/s390x_conf.template") template_pf = open("/etc/cobbler/pxe/s390x_parm.template") blended = utils.blender(self.api, True, system) self.templar.render(template_cf, blended, cf) # FIXME: profiles also need this data! # FIXME: the _conf and _parm files are limited to 80 characters in length try: ipaddress = socket.gethostbyname_ex(blended["http_server"])[2][0] except socket.gaierror: ipaddress = blended["http_server"] kickstart_path = "http://%s/cblr/svc/op/ks/system/%s" % (ipaddress, system.name) # gather default kernel_options and default kernel_options_s390x kopts = blended.get("kernel_options","") hkopts = shlex.split(utils.hash_to_string(kopts)) blended["kickstart_expanded"] = "ks=%s" % kickstart_path blended["kernel_options"] = hkopts self.templar.render(template_pf, blended, pf) # Write system specific zPXE file if system.is_management_supported(): self.write_pxe_file(f2, system, profile, distro, distro.arch) else: # ensure the file doesn't exist utils.rmfile(f2) return pxe_metadata = {'pxe_menu_items': self.get_menu_items()['pxe'] } # generate one record for each described NIC .. for (name,interface) in system.interfaces.iteritems(): ip = interface["ip_address"] f1 = utils.get_config_filename(system, interface=name) if f1 is None: self.logger.warning("invalid interface recorded for system (%s,%s)" % (system.name,name)) continue; if image_based: working_arch = image.arch else: working_arch = distro.arch if working_arch is None: raise "internal error, invalid arch supplied" # for tftp only ... grub_path = None if working_arch in [ "i386", "x86", "x86_64", "arm", "standard"]: # pxelinux wants a file named $name under pxelinux.cfg f2 = os.path.join(self.bootloc, "pxelinux.cfg", f1) # Only generating grub menus for these arch's: grub_path = os.path.join(self.bootloc, "grub", f1.upper()) elif working_arch == "ia64": # elilo expects files to be named "$name.conf" in the root # and can not do files based on the MAC address if ip is not None and ip != "": self.logger.warning("Warning: Itanium system object (%s) needs an IP address to PXE" % system.name) filename = "%s.conf" % utils.get_config_filename(system,interface=name) f2 = os.path.join(self.bootloc, filename) elif working_arch.startswith("ppc"): # Determine filename for system-specific yaboot.conf filename = "%s" % utils.get_config_filename(system, interface=name).lower() f2 = os.path.join(self.bootloc, "etc", filename) # Link to the yaboot binary f3 = os.path.join(self.bootloc, "ppc", filename) if os.path.lexists(f3): utils.rmfile(f3) os.symlink("../yaboot", f3) else: continue if system.is_management_supported(): if not image_based: self.write_pxe_file(f2, system, profile, distro, working_arch, metadata=pxe_metadata) if grub_path: self.write_pxe_file(grub_path, system, profile, distro, working_arch, format="grub") else: self.write_pxe_file(f2, system, None, None, working_arch, image=profile, metadata=pxe_metadata) else: # ensure the file doesn't exist utils.rmfile(f2) if grub_path: utils.rmfile(grub_path)
def write_all_system_files(self, system, menu_items): profile = system.get_conceptual_parent() if profile is None: raise CX("system %(system)s references a missing profile %(profile)s" % {"system": system.name, "profile": system.profile}) distro = profile.get_conceptual_parent() image_based = False image = None if distro is None: if profile.COLLECTION_TYPE == "profile": raise CX("profile %(profile)s references a missing distro %(distro)s" % {"profile": system.profile, "distro": profile.distro}) else: image_based = True image = profile pxe_metadata = {'pxe_menu_items': menu_items} # generate one record for each described NIC .. for (name, interface) in system.interfaces.iteritems(): f1 = utils.get_config_filename(system, interface=name) if f1 is None: self.logger.warning("invalid interface recorded for system (%s,%s)" % (system.name, name)) continue if image_based: working_arch = image.arch else: working_arch = distro.arch if working_arch is None: raise "internal error, invalid arch supplied" # for tftp only ... grub_path = None if working_arch in ["i386", "x86", "x86_64", "arm", "standard"]: # pxelinux wants a file named $name under pxelinux.cfg f2 = os.path.join(self.bootloc, "pxelinux.cfg", f1) # Only generating grub menus for these arch's: grub_path = os.path.join(self.bootloc, "grub", f1.upper()) elif working_arch.startswith("ppc"): # Determine filename for system-specific yaboot.conf filename = "%s" % utils.get_config_filename(system, interface=name).lower() f2 = os.path.join(self.bootloc, "etc", filename) # Link to the yaboot binary f3 = os.path.join(self.bootloc, "ppc", filename) if os.path.lexists(f3): utils.rmfile(f3) os.symlink("../yaboot", f3) else: continue if system.is_management_supported(): if not image_based: self.write_pxe_file(f2, system, profile, distro, working_arch, metadata=pxe_metadata) if grub_path: self.write_pxe_file(grub_path, system, profile, distro, working_arch, format="grub") else: self.write_pxe_file(f2, system, None, None, working_arch, image=profile, metadata=pxe_metadata) else: # ensure the file doesn't exist utils.rmfile(f2) if grub_path: utils.rmfile(grub_path)
def write_pxe_file(self,filename,system,profile,distro,arch,image=None,include_header=True): """ Write a configuration file for the boot loader(s). More system-specific configuration may come in later, if so that would appear inside the system object in api.py NOTE: relevant to tftp and pseudo-PXE (s390) only ia64 is mostly the same as syslinux stuff, s390 is a bit short-circuited and simpler. All of it goes through the templating engine, see the templates in /etc/cobbler for more details """ if arch is None: raise "missing arch" if image and not os.path.exists(image.file): return None # nfs:// URLs or something, can't use for TFTP # --- # just some random variables template = None metadata = {} buffer = "" # --- kickstart_path = None kernel_path = None initrd_path = None if image is None: # not image based, it's something normalish kernel_path = os.path.join("/images",distro.name,os.path.basename(distro.kernel)) initrd_path = os.path.join("/images",distro.name,os.path.basename(distro.initrd)) # Find the kickstart if we inherit from another profile if system: blended = utils.blender(self.api, True, system) else: blended = utils.blender(self.api, True, profile) kickstart_path = blended.get("kickstart","") else: # this is an image we are making available, not kernel+initrd if image.image_type == "direct": kernel_path = os.path.join("/images2",image.name) elif image.image_type == "memdisk": kernel_path = "/memdisk" initrd_path = os.path.join("/images2",image.name) else: # CD-ROM ISO or virt-clone image? We can't PXE boot it. kernel_path = None initrd_path = None # --- # choose a template if system: if system.netboot_enabled: template = os.path.join(self.settings.pxe_template_dir,"pxesystem.template") if arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir,"pxesystem_s390x.template") elif arch == "ia64": template = os.path.join(self.settings.pxe_template_dir,"pxesystem_ia64.template") elif arch.startswith("ppc"): template = os.path.join(self.settings.pxe_template_dir,"pxesystem_ppc.template") else: # local booting on ppc requires removing the system-specific dhcpd.conf filename if arch is not None and arch.startswith("ppc"): # Disable yaboot network booting for all interfaces on the system for (name,interface) in system.interfaces.iteritems(): filename = "%s" % utils.get_config_filename(system, interface=name).lower() # Remove symlink to the yaboot binary f3 = os.path.join(self.bootloc, "ppc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Remove the interface-specific config file f3 = os.path.join(self.bootloc, "etc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Yaboot/OF doesn't support booting locally once you've # booted off the network, so nothing left to do return None elif arch is not None and arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir,"pxelocal_s390x.template") elif arch is not None and arch.startswith("ia64"): template = os.path.join(self.settings.pxe_template_dir,"pxelocal_ia64.template") else: template = os.path.join(self.settings.pxe_template_dir,"pxelocal.template") else: # not a system record, so this is a profile record if arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir,"pxeprofile_s390x.template") else: template = os.path.join(self.settings.pxe_template_dir,"pxeprofile.template") # now build the kernel command line if system is not None: blended = utils.blender(self.api, True, system) elif profile is not None: blended = utils.blender(self.api, True, profile) else: blended = utils.blender(self.api, True, image) kopts = blended.get("kernel_options","") # generate the append line hkopts = utils.hash_to_string(kopts) if initrd_path and (not arch or arch not in ["ia64", "ppc", "ppc64"]): append_line = "append initrd=%s %s" % (initrd_path, hkopts) else: append_line = "append %s" % hkopts # FIXME - the append_line length limit is architecture specific if len(append_line) >= 255 + len("append "): self.logger.warning("warning: kernel option length exceeds 255") # kickstart path rewriting (get URLs for local files) if kickstart_path is not None and kickstart_path != "": # FIXME: need to make shorter rewrite rules for these URLs if system is not None and kickstart_path.startswith("/"): kickstart_path = "http://%s/cblr/svc/op/ks/system/%s" % (blended["http_server"], system.name) elif kickstart_path.startswith("/"): kickstart_path = "http://%s/cblr/svc/op/ks/profile/%s" % (blended["http_server"], profile.name) if distro.breed is None or distro.breed == "redhat": append_line = "%s ks=%s" % (append_line, kickstart_path) elif distro.breed == "suse": append_line = "%s autoyast=%s" % (append_line, kickstart_path) elif distro.breed == "debian" or distro.breed == "ubuntu": append_line = "%s auto url=%s" % (append_line, kickstart_path) # rework kernel options for debian distros translations = { 'ksdevice':"interface" , 'lang':"locale" } for k,v in translations.iteritems(): append_line = append_line.replace("%s="%k,"%s="%v) # interface=bootif causes a failure append_line = append_line.replace("interface=bootif","") elif distro.breed == "vmware": append_line = "%s vmkopts=debugLogToSerial:1 mem=512M ks=%s" % (append_line, kickstart_path) # interface=bootif causes a failure append_line = append_line.replace("ksdevice=bootif","") if distro is not None and (distro.breed in [ "debian", "ubuntu" ]): # Hostname is required as a parameter, the one in the preseed is # not respected, so calculate if we have one here. # We're trying: first part of FQDN in hostname field, then system # name, then profile name. # In Ubuntu, this is at least used for the volume group name when # using LVM. domain = "local.lan" if system is not None: if system.hostname is not None: # If this is a FQDN, grab the first bit hostname = system.hostname.split(".")[0] _domain = system.hostname.split(".")[1:] if _domain: domain = ".".join( _domain ) else: hostname = system.name else: hostname = profile.name # At least for debian deployments configured for DHCP networking # this values are not used, but specifying here avoids questions append_line = "%s hostname=%s" % (append_line, hostname) append_line = "%s domain=%s" % (append_line, domain) # A similar issue exists with suite name, as installer requires # the existence of "stable" in the dists directory append_line = "%s suite=%s" % (append_line, distro.os_version) if arch.startswith("ppc") or arch.startswith("s390"): # remove the prefix "append" append_line = append_line[7:] # store variables for templating metadata["menu_label"] = "" if profile: if not arch in [ "ia64", "ppc", "ppc64", "s390", "s390x" ]: metadata["menu_label"] = "MENU LABEL %s" % profile.name metadata["profile_name"] = profile.name elif image: metadata["menu_label"] = "MENU LABEL %s" % image.name metadata["profile_name"] = image.name if system: metadata["system_name"] = system.name if kernel_path is not None: metadata["kernel_path"] = kernel_path if initrd_path is not None: metadata["initrd_path"] = initrd_path metadata["append_line"] = append_line # get the template if kernel_path is not None: template_fh = open(template) template_data = template_fh.read() template_fh.close() else: # this is something we can't PXE boot template_data = "\n" # save file and/or return results, depending on how called. buffer = self.templar.render(template_data, metadata, None) if filename is not None: self.logger.info("generating: %s" % filename) fd = open(filename, "w") fd.write(buffer) fd.close() return buffer
def remove_single_profile(self, name): # delete profiles/$name file in webdir utils.rmfile(os.path.join(self.settings.webdir, "profiles", name)) # delete contents on kickstarts/$name directory in webdir utils.rmtree(os.path.join(self.settings.webdir, "kickstarts", name))
def verify_issue(defender, repo_name, issue_no, config, github, target_commit=None): timeout = config["exploit_timeout"]["exercise_phase"] repo_owner = config['repo_owner'] title, submitter, create_time, content = \ get_github_issue(repo_owner, repo_name, issue_no, github) # Issue convention: "exploit-[branch_name]" target_branch = title[8:] clone(repo_owner, repo_name) # Write the fetched issue content to temp file tmpfile = "/tmp/gitctf_%s.issue" % random_string(6) tmpdir = "/tmp/gitctf_%s.dir" % random_string(6) with open(tmpfile, "w") as f: f.write(content) # Decrypt the exploit mkdir(tmpdir) team = defender decrypt_exploit(tmpfile, config, team, tmpdir, submitter) rmfile(tmpfile) # Now iterate through branches and verify exploit # zchn: not sure about this, was: branches = list_branches(repo_name) bug_branches = config['teams'][team]['bug_branches'] branches = bug_branches + ['master'] if len(bug_branches) > 0 \ else list_branches(repo_name) candidates = [] if (target_branch in branches) and (target_commit is None): # Iterate through branches and collect candidates commit = get_latest_commit_hash(repo_name, create_time, target_branch) candidates.append((target_branch, commit)) verified_branch = None verified_commit = None log = 'About %s (exploit-service branch)\n' % title for (branch, commit) in candidates: if branch in title: result, log = verify_exploit(tmpdir, repo_name, commit, timeout, \ config, log=log) else: result, _ = verify_exploit(tmpdir, repo_name, commit, timeout, \ config) if result: verified_branch = branch verified_commit = commit break rmdir(tmpdir) rmdir(repo_name) if verified_branch is None: print("[*] The exploit did not work against branch '%s'" % \ target_branch) else: print("[*] The exploit has been verified against branch '%s'" % verified_branch) return (verified_branch, verified_commit, submitter, log)
def write_pxe_file(self, filename, system, profile, distro, arch, image=None, include_header=True): """ Write a configuration file for the boot loader(s). More system-specific configuration may come in later, if so that would appear inside the system object in api.py NOTE: relevant to tftp and pseudo-PXE (s390) only ia64 is mostly the same as syslinux stuff, s390 is a bit short-circuited and simpler. All of it goes through the templating engine, see the templates in /etc/cobbler for more details """ if arch is None: raise "missing arch" if image and not os.path.exists(image.file): return None # nfs:// URLs or something, can't use for TFTP # --- # just some random variables template = None metadata = {} buffer = "" # --- kickstart_path = None kernel_path = None initrd_path = None if image is None: # not image based, it's something normalish kernel_path = os.path.join("/images", distro.name, os.path.basename(distro.kernel)) initrd_path = os.path.join("/images", distro.name, os.path.basename(distro.initrd)) # Find the kickstart if we inherit from another profile if system: blended = utils.blender(self.api, True, system) else: blended = utils.blender(self.api, True, profile) kickstart_path = blended.get("kickstart", "") else: # this is an image we are making available, not kernel+initrd if image.image_type == "direct": kernel_path = os.path.join("/images2", image.name) elif image.image_type == "memdisk": kernel_path = "/memdisk" initrd_path = os.path.join("/images2", image.name) else: # CD-ROM ISO or virt-clone image? We can't PXE boot it. kernel_path = None initrd_path = None # --- # choose a template if system: if system.netboot_enabled: template = os.path.join(self.settings.pxe_template_dir, "pxesystem.template") if arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir, "pxesystem_s390x.template") elif arch == "ia64": template = os.path.join(self.settings.pxe_template_dir, "pxesystem_ia64.template") elif arch.startswith("ppc"): template = os.path.join(self.settings.pxe_template_dir, "pxesystem_ppc.template") else: # local booting on ppc requires removing the system-specific dhcpd.conf filename if arch is not None and arch.startswith("ppc"): # Disable yaboot network booting for all interfaces on the system for (name, interface) in system.interfaces.iteritems(): filename = "%s" % utils.get_config_filename( system, interface=name).lower() # Remove symlink to the yaboot binary f3 = os.path.join(self.bootloc, "ppc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Remove the interface-specific config file f3 = os.path.join(self.bootloc, "etc", filename) if os.path.lexists(f3): utils.rmfile(f3) # Yaboot/OF doesn't support booting locally once you've # booted off the network, so nothing left to do return None elif arch is not None and arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir, "pxelocal_s390x.template") elif arch is not None and arch.startswith("ia64"): template = os.path.join(self.settings.pxe_template_dir, "pxelocal_ia64.template") else: template = os.path.join(self.settings.pxe_template_dir, "pxelocal.template") else: # not a system record, so this is a profile record if arch.startswith("s390"): template = os.path.join(self.settings.pxe_template_dir, "pxeprofile_s390x.template") else: template = os.path.join(self.settings.pxe_template_dir, "pxeprofile.template") # now build the kernel command line if system is not None: blended = utils.blender(self.api, True, system) elif profile is not None: blended = utils.blender(self.api, True, profile) else: blended = utils.blender(self.api, True, image) kopts = blended.get("kernel_options", "") # generate the append line hkopts = utils.hash_to_string(kopts) if initrd_path and (not arch or arch not in ["ia64", "ppc", "ppc64"]): append_line = "append initrd=%s %s" % (initrd_path, hkopts) else: append_line = "append %s" % hkopts # FIXME - the append_line length limit is architecture specific if len(append_line) >= 255 + len("append "): self.logger.warning("warning: kernel option length exceeds 255") # kickstart path rewriting (get URLs for local files) if kickstart_path is not None and kickstart_path != "": # FIXME: need to make shorter rewrite rules for these URLs if system is not None and kickstart_path.startswith("/"): kickstart_path = "http://%s/cblr/svc/op/ks/system/%s" % ( blended["http_server"], system.name) elif kickstart_path.startswith("/"): kickstart_path = "http://%s/cblr/svc/op/ks/profile/%s" % ( blended["http_server"], profile.name) if distro.breed is None or distro.breed == "redhat": append_line = "%s ks=%s" % (append_line, kickstart_path) elif distro.breed == "suse": append_line = "%s autoyast=%s" % (append_line, kickstart_path) elif distro.breed == "debian" or distro.breed == "ubuntu": append_line = "%s auto url=%s" % (append_line, kickstart_path) # rework kernel options for debian distros translations = {'ksdevice': "interface", 'lang': "locale"} for k, v in translations.iteritems(): append_line = append_line.replace("%s=" % k, "%s=" % v) # interface=bootif causes a failure append_line = append_line.replace("interface=bootif", "") if distro is not None and (distro.breed in ["debian", "ubuntu"]): # Hostname is required as a parameter, the one in the preseed is # not respected, so calculate if we have one here. # We're trying: first part of FQDN in hostname field, then system # name, then profile name. # In Ubuntu, this is at least used for the volume group name when # using LVM. domain = "local.lan" if system is not None: if system.hostname is not None: # If this is a FQDN, grab the first bit hostname = system.hostname.split(".")[0] _domain = system.hostname.split(".")[1:] if _domain: domain = ".".join(_domain) else: hostname = system.name else: hostname = profile.name # At least for debian deployments configured for DHCP networking # this values are not used, but specifying here avoids questions append_line = "%s hostname=%s" % (append_line, hostname) append_line = "%s domain=%s" % (append_line, domain) # A similar issue exists with suite name, as installer requires # the existence of "stable" in the dists directory append_line = "%s suite=%s" % (append_line, distro.os_version) if arch.startswith("ppc") or arch.startswith("s390"): # remove the prefix "append" append_line = append_line[7:] # store variables for templating metadata["menu_label"] = "" if profile: if not arch in ["ia64", "ppc", "ppc64", "s390", "s390x"]: metadata["menu_label"] = "MENU LABEL %s" % profile.name metadata["profile_name"] = profile.name elif image: metadata["menu_label"] = "MENU LABEL %s" % image.name metadata["profile_name"] = image.name if system: metadata["system_name"] = system.name if kernel_path is not None: metadata["kernel_path"] = kernel_path if initrd_path is not None: metadata["initrd_path"] = initrd_path metadata["append_line"] = append_line # get the template if kernel_path is not None: template_fh = open(template) template_data = template_fh.read() template_fh.close() else: # this is something we can't PXE boot template_data = "\n" # save file and/or return results, depending on how called. buffer = self.templar.render(template_data, metadata, None) if filename is not None: self.logger.info("generating: %s" % filename) fd = open(filename, "w") fd.write(buffer) fd.close() return buffer