def post(self, *args, **kwargs):
''' Check validity of flag submissions '''
flag = Flag.by_uuid(self.get_argument('uuid', ''))
user = self.get_current_user()
if flag and flag in user.team.flags:
self.render_page(flag)
elif flag is not None and flag.game_level in user.team.game_levels:
submission = ''
if flag.is_file:
if hasattr(self.request,
'files') and 'flag' in self.request.files:
submission = self.request.files['flag'][0]['body']
else:
submission = self.get_argument('token', '')
old_reward = flag.value
if self.attempt_capture(flag, submission):
self.add_content_policy('script', "'unsafe-eval'")
if self.config.story_mode:
self.render('missions/captured.html',
flag=flag,
reward=old_reward)
else:
success = self.success_capture(flag)
self.render_page(flag, success=success)
else:
if Penalty.by_token_count(flag, user.team, submission) == 0:
if self.config.teams:
teamval = "team's "
else:
teamval = ""
penalty = self.failed_capture(flag, submission)
penalty_dialog = "Sorry - Try Again"
if penalty:
if self.config.banking:
penalty_dialog = "$" + str(
penalty
) + " has been deducted from your " + teamval + "account."
else:
if penalty == 1:
point = " point has"
else:
point = " points have"
penalty_dialog = str(
penalty
) + point + " been deducted from your " + teamval + "score."
self.render_page(flag, errors=[penalty_dialog])
else:
if self.config.teams:
teamdup = " by your team. Try Again"
else:
teamdup = " by you. Try Again"
self.render_page(
flag,
info=[
"Duplicate submission - this answer has already been attempted"
+ teamdup
])
else:
self.render('public/404.html')
def failed_attempt(self, flag, user, submission, box_id):
if flag is None or Penalty.by_token_count(flag, user.team, submission) == 0:
if self.config.teams:
teamval = "team's "
else:
teamval = ""
penalty = self.failed_capture(flag, submission) if flag is not None else 0
penalty_dialog = "Sorry - Try Again"
if penalty:
if self.config.banking:
penalty_dialog = (
"$"
+ str(penalty)
+ " has been deducted from your "
+ teamval
+ "account."
)
else:
if penalty == 1:
point = " point has"
else:
point = " points have"
penalty_dialog = (
str(penalty)
+ point
+ " been deducted from your "
+ teamval
+ "score."
)
if flag is None:
self.render_page_by_box_id(box_id, errors=[penalty_dialog])
else:
self.render_page_by_flag(flag, errors=[penalty_dialog])
return
else:
if self.config.teams:
teamdup = " by your team. Try Again"
else:
teamdup = " by you. Try Again"
self.render_page_by_flag(
flag,
info=[
"Duplicate submission - this answer has already been attempted"
+ teamdup
],
)
return
def post(self, *args, **kwargs):
''' Check validity of flag submissions '''
box_id = self.get_argument('box_id', None)
uuid = self.get_argument('uuid', '')
token = self.get_argument('token', '')
user = self.get_current_user()
if not self.application.settings['game_started'] and not user.is_admin():
self.render('missions/status.html', errors=None, info=["The game has not started yet"])
return
if(box_id is not None and token is not None):
flag = Flag.by_token_and_box_id(token, box_id)
else:
flag = Flag.by_uuid(uuid)
if flag is not None and Penalty.by_count(flag, user.team) >= self.config.max_flag_attempts:
self.render_page_by_flag(flag, info=["Max attempts reached - you can no longer answer this flag."])
return
if flag and flag in user.team.flags:
self.render_page_by_flag(flag)
elif flag is None or flag.game_level.type == 'none' or flag.game_level in user.team.game_levels:
submission = ''
if flag is not None and flag.is_file:
if hasattr(self.request, 'files') and 'flag' in self.request.files:
submission = self.request.files['flag'][0]['body']
else:
submission = self.get_argument('token', '')
if len(submission) == 0:
self.render_page_by_flag(flag, info=["No flag was provided - try again."])
old_reward = flag.value if flag is not None else 0
if flag is not None and self.attempt_capture(flag, submission):
self.add_content_policy('script', "'unsafe-eval'")
if self.config.story_mode and flag.capture_message and len(flag.capture_message) > 0:
self.render('missions/captured.html',
flag=flag,
reward=old_reward)
else:
success = self.success_capture(flag, old_reward)
self.render_page_by_flag(flag, success=success)
else:
if flag is None or Penalty.by_token_count(flag, user.team, submission) == 0:
if self.config.teams:
teamval = "team's "
else:
teamval = ""
penalty = self.failed_capture(flag, submission) if flag is not None else 0
penalty_dialog = "Sorry - Try Again"
if penalty:
if self.config.banking:
penalty_dialog = "$" + str(penalty) + " has been deducted from your " + teamval + "account."
else:
if penalty == 1:
point = " point has"
else:
point = " points have"
penalty_dialog = str(penalty) + point + " been deducted from your " + teamval + "score."
if flag is None:
self.render_page_by_box_id(box_id, errors=[penalty_dialog])
else:
self.render_page_by_flag(flag, errors=[penalty_dialog])
else:
if self.config.teams:
teamdup = " by your team. Try Again"
else:
teamdup = " by you. Try Again"
self.render_page_by_flag(flag, info=["Duplicate submission - this answer has already been attempted" + teamdup])
else:
self.render('public/404.html')
def post(self, *args, **kwargs):
""" Check validity of flag submissions """
box_id = self.get_argument("box_id", None)
uuid = self.get_argument("uuid", "")
token = self.get_argument("token", "")
user = self.get_current_user()
if not self.application.settings["game_started"] and not user.is_admin(
):
self.render(
"missions/status.html",
errors=None,
info=["The game has not started yet"],
)
return
if box_id is not None and token is not None:
flag = Flag.by_token_and_box_id(token, box_id)
else:
flag = Flag.by_uuid(uuid)
if (flag is not None and Penalty.by_count(flag, user.team) >=
self.config.max_flag_attempts):
self.render_page_by_flag(
flag,
info=[
"Max attempts reached - you can no longer answer this flag."
],
)
return
if flag and flag in user.team.flags:
self.render_page_by_flag(flag)
elif (flag is None or flag.game_level.type == "none"
or flag.game_level in user.team.game_levels):
submission = ""
if flag is not None and flag.is_file:
if hasattr(self.request,
"files") and "flag" in self.request.files:
submission = self.request.files["flag"][0]["body"]
else:
submission = self.get_argument("token", "")
if len(submission) == 0:
self.render_page_by_flag(
flag, info=["No flag was provided - try again."])
old_reward = flag.value if flag is not None else 0
if flag is not None and self.attempt_capture(flag, submission):
self.add_content_policy("script", "'unsafe-eval'")
success = self.success_capture(flag, old_reward)
if self.config.story_mode:
box = flag.box
if not (len(box.capture_message) > 0
and box.is_complete(user)):
box = None
has_capture_message = (len(flag.capture_message) > 0
or box is not None)
if has_capture_message:
self.render(
"missions/captured.html",
flag=flag,
box=box,
reward=old_reward,
success=success,
)
return
self.render_page_by_flag(flag, success=success)
else:
if (flag is None or Penalty.by_token_count(
flag, user.team, submission) == 0):
if self.config.teams:
teamval = "team's "
else:
teamval = ""
penalty = (self.failed_capture(flag, submission)
if flag is not None else 0)
penalty_dialog = "Sorry - Try Again"
if penalty:
if self.config.banking:
penalty_dialog = ("$" + str(penalty) +
" has been deducted from your " +
teamval + "account.")
else:
if penalty == 1:
point = " point has"
else:
point = " points have"
penalty_dialog = (str(penalty) + point +
" been deducted from your " +
teamval + "score.")
if flag is None:
self.render_page_by_box_id(box_id,
errors=[penalty_dialog])
else:
self.render_page_by_flag(flag, errors=[penalty_dialog])
else:
if self.config.teams:
teamdup = " by your team. Try Again"
else:
teamdup = " by you. Try Again"
self.render_page_by_flag(
flag,
info=[
"Duplicate submission - this answer has already been attempted"
+ teamdup
],
)
else:
self.render("public/404.html")
def post(self, *args, **kwargs):
''' Check validity of flag submissions '''
box_id = self.get_argument('box_id', None)
uuid = self.get_argument('uuid', '')
token = self.get_argument('token', '')
user = self.get_current_user()
if not self.application.settings['game_started'] and not user.is_admin(
):
self.render('missions/status.html',
errors=None,
info=["The game has not started yet"])
return
if (box_id is not None and token is not None):
flag = Flag.by_token_and_box_id(token, box_id)
else:
flag = Flag.by_uuid(uuid)
if flag is not None and Penalty.by_count(
flag, user.team) >= self.config.max_flag_attempts:
self.render_page_by_flag(
flag,
info=[
"Max attempts reached - you can no longer answer this flag."
])
return
if flag and flag in user.team.flags:
self.render_page_by_flag(flag)
elif flag is None or flag.game_level.type == 'none' or flag.game_level in user.team.game_levels:
submission = ''
if flag is not None and flag.is_file:
if hasattr(self.request,
'files') and 'flag' in self.request.files:
submission = self.request.files['flag'][0]['body']
else:
submission = self.get_argument('token', '')
if len(submission) == 0:
self.render_page_by_flag(
flag, info=["No flag was provided - try again."])
old_reward = flag.value if flag is not None else 0
if flag is not None and self.attempt_capture(flag, submission):
self.add_content_policy('script', "'unsafe-eval'")
if self.config.story_mode and flag.capture_message and len(
flag.capture_message) > 0:
self.render('missions/captured.html',
flag=flag,
reward=old_reward)
else:
success = self.success_capture(flag, old_reward)
self.render_page_by_flag(flag, success=success)
else:
if flag is None or Penalty.by_token_count(
flag, user.team, submission) == 0:
if self.config.teams:
teamval = "team's "
else:
teamval = ""
penalty = self.failed_capture(
flag, submission) if flag is not None else 0
penalty_dialog = "Sorry - Try Again"
if penalty:
if self.config.banking:
penalty_dialog = "$" + str(
penalty
) + " has been deducted from your " + teamval + "account."
else:
if penalty == 1:
point = " point has"
else:
point = " points have"
penalty_dialog = str(
penalty
) + point + " been deducted from your " + teamval + "score."
if flag is None:
self.render_page_by_box_id(box_id,
errors=[penalty_dialog])
else:
self.render_page_by_flag(flag, errors=[penalty_dialog])
else:
if self.config.teams:
teamdup = " by your team. Try Again"
else:
teamdup = " by you. Try Again"
self.render_page_by_flag(
flag,
info=[
"Duplicate submission - this answer has already been attempted"
+ teamdup
])
else:
self.render('public/404.html')
