def post(self, *args, **kwargs):
''' Submit cracked hashes get checked '''
# Get target display_name
try:
display_name = self.get_argument("display_name")
except:
self.render("hashes/error.html", operation = "Hash cracking", errors = "No user name")
# Get preimage
try:
preimage = self.get_argument("preimage")
except:
self.render("hashes/error.html", errors = "No password", operation = "Hash cracking")
user = User.by_user_name(self.session.data['user_name'])
target = User.by_display_name(display_name)
if target == None or user == None or target.has_permission("admin"):
self.render("hashes/error.html", operation = "Hash cracking", errors = "That user does not exist")
elif target in user.team.members:
self.render("hashes/error.html", operation = "Hash cracking", errors = "You can't crack hashes from your own team")
elif target.score <= 0:
self.render("hashes/error.html", operation = "Hash cracking", errors = "Target user must have a score greater than zero")
elif target.validate_password(preimage):
self.notify(user, target)
value = self.steal_points(user, target)
self.add_to_wall(user, target, preimage, value)
self.render("hashes/success.html", user = user, target = target )
else:
self.render("hashes/error.html", operation = "Hash cracking", errors = "Wrong password, try again")
def get(self, *args, **kwargs):
''' Renders a user details div, requested via AJAX '''
try:
display_name = self.get_argument("user_details")
except:
self.write("No Data")
user = User.by_display_name(display_name)
if user == None:
self.write("No Data")
else:
self.render("hashes/user_details.html", user = user)
def get(self, *args, **kwargs):
''' Registers a reporting service on a remote box '''
box = Box.by_ip_address(self.request.remote_ip)
if box != None:
try:
display_name = self.get_argument("handle")
user = User.by_display_name(display_name)
if user != None and not user.team.is_controlling(box):
user.give_control(box)
self.dbsession.add(user)
self.dbsession.flush()
self.notify(user, box)
self.write(unicode(user.team.listen_port))
else:
self.write("Invalid handle")
except:
self.write("Missing parameter")
else:
self.write("Invalid ip address")
self.finish()
