Esempi in Python per Challenges.max_attempts, esempi in Python per CTFd.models.Challenges.max_attempts

Esempio n. 1

0

Mostra file

def admin_create_chal():
    if request.method == 'POST':
        files = request.files.getlist('files[]')

        # Create challenge
        chal = Challenges(request.form['name'], request.form['desc'], request.form['value'], request.form['category'], int(request.form['chaltype']))
        if 'hidden' in request.form:
            chal.hidden = True
        else:
            chal.hidden = False

        max_attempts = request.form.get('max_attempts')
        if max_attempts and max_attempts.isdigit():
            chal.max_attempts = int(max_attempts)

        db.session.add(chal)
        db.session.flush()

        flag = Keys(chal.id, request.form['key'], int(request.form['key_type[0]']))
        if request.form.get('keydata'):
            flag.data = request.form.get('keydata')
        db.session.add(flag)

        db.session.commit()

        for f in files:
            utils.upload_file(file=f, chalid=chal.id)

        db.session.commit()
        db.session.close()
        return redirect(url_for('admin_challenges.admin_chals'))
    else:
        return render_template('admin/chals/create.html')

Esempio n. 2

0

Mostra file

File: challenges.py Progetto: semprix/CTFIgniter

def admin_create_chal():
    if request.method == 'POST':
        files = request.files.getlist('files[]')

        # Create challenge
        chal = Challenges(request.form['name'], request.form['desc'], request.form['value'], request.form['category'], int(request.form['chaltype']))
        if 'hidden' in request.form:
            chal.hidden = True
        else:
            chal.hidden = False

        max_attempts = request.form.get('max_attempts')
        if max_attempts and max_attempts.isdigit():
            chal.max_attempts = int(max_attempts)

        db.session.add(chal)
        db.session.flush()

        flag = Keys(chal.id, request.form['key'], int(request.form['key_type[0]']))
        if request.form.get('keydata'):
            flag.data = request.form.get('keydata')
        db.session.add(flag)

        db.session.commit()

        for f in files:
            utils.upload_file(file=f, chalid=chal.id)

        db.session.commit()
        db.session.close()
        return redirect(url_for('admin_challenges.admin_chals'))
    else:
        return render_template('admin/chals/create.html')

Esempio n. 3

0

Mostra file

    def create(request):
        """
        This method is used to process the challenge creation request.

        :param request:
        :return:
        """
        # Create challenge
        chal = Challenges(
            name=request.form['name'],
            description=request.form['description'],
            value=request.form['value'],
            category=request.form['category'],
            type=request.form['chaltype'],
            penalty = request.form['penalty']
        )

        if 'hidden' in request.form:
            chal.hidden = True
        else:
            chal.hidden = False

        max_attempts = request.form.get('max_attempts')
        if max_attempts and max_attempts.isdigit():
            chal.max_attempts = int(max_attempts)

        db.session.add(chal)
        db.session.commit()

        flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
        if request.form.get('keydata'):
            flag.data = request.form.get('keydata')
        db.session.add(flag)

        db.session.commit()

        files = request.files.getlist('files[]')
        for f in files:
            utils.upload_file(file=f, chalid=chal.id)
   
        file_generators = request.files.getlist('file_generators[]')
        for g in file_generators:
            utils.upload_file(file=g, chalid=chal.id, isgenerator=True)

        db.session.commit()

Esempio n. 4

0

Mostra file

File: importer.py Progetto: sathovsepyan/ctfd-portable-challenges-plugin

def import_challenges(in_file, dst_attachments, move=False):
    from CTFd.models import db, Challenges, Flags, Tags, ChallengeFiles, Hints
    from CTFd.utils import uploads
    from CTFd.plugins.dynamic_challenges import DynamicChallenge, DynamicValueChallenge

    with open(in_file, "r") as in_stream:
        data = list(yaml.safe_load_all(in_stream))
        if len(data) == 0 or data[0] is None or "challs" not in data[
                0] or data[0]["challs"] is None:
            raise ValueError("Invalid YAML format. Missing field 'challs'.")

        for chal in data[0]["challs"]:
            for req_field in REQ_FIELDS:
                if req_field not in chal:
                    raise ValueError(
                        "Invalid YAML format. Missing field '{0}'.".format(
                            req_field))

            if chal.get("type", "standard") == "dynamic":
                for req_field in ["minimum", "decay"]:
                    if req_field not in chal:
                        raise ValueError(
                            "Invalid YAML format. Missing field '{0}'.".format(
                                req_field))

            if chal["flags"] is None:
                raise ValueError("Invalid YAML format. Missing field 'flag'.")

            for flag in chal["flags"]:
                if "flag" not in flag:
                    raise ValueError(
                        "Invalid YAML format. Missing field 'flag'.")

                flag["flag"] = flag["flag"].strip()
                if "type" not in flag:
                    flag["type"] = "static"

            matching_chal = Challenges.query.filter_by(
                name=chal["name"].strip()).first()
            if matching_chal:
                print(("Updating {}: Duplicate challenge "
                       "found in DB (id: {})").format(
                           chal["name"].encode("utf8"), matching_chal.id))
                Tags.query.filter_by(challenge_id=matching_chal.id).delete()
                ChallengeFiles.query.filter_by(
                    challenge_id=matching_chal.id).delete()
                Flags.query.filter_by(challenge_id=matching_chal.id).delete()
                Hints.query.filter_by(challenge_id=matching_chal.id).delete()

                matching_chal.name = chal["name"].strip()
                matching_chal.description = chal["description"].strip()
                matching_chal.category = chal["category"].strip()

                if chal.get("type", "standard") == "standard":
                    matching_chal.value = chal["value"]

                if chal.get("type", "standard") == "dynamic":
                    matching_chal.minimum = chal["minimum"]
                    matching_chal.decay = chal["decay"]
                    matching_chal.initial = chal["value"]
                    DynamicValueChallenge.calculate_value(matching_chal)

                db.session.commit()
                chal_dbobj = matching_chal

            else:
                print("Adding {}".format(chal["name"].encode("utf8")))

                chal_type = chal.get("type", "standard")
                if chal_type == "standard":
                    # We ignore traling and leading whitespace when
                    # importing challenges
                    chal_dbobj = Challenges(
                        name=chal["name"].strip(),
                        description=chal["description"].strip(),
                        value=chal["value"],
                        category=chal["category"].strip(),
                    )
                elif chal_type == "dynamic":
                    # We ignore traling and leading whitespace when
                    # importing challenges
                    chal_dbobj = DynamicChallenge(
                        name=chal["name"].strip(),
                        description=chal["description"].strip(),
                        category=chal["category"].strip(),
                        value=int(chal["value"]),
                        minimum=int(chal["minimum"]),
                        decay=int(chal["decay"]),
                    )
                else:
                    raise ValueError("Unknown type of challenge")

                db.session.add(chal_dbobj)
                db.session.commit()

            for tag in chal.get("tags", []):
                tag_dbobj = Tags(challenge_id=chal_dbobj.id, value=tag)
                db.session.add(tag_dbobj)

            for flag in chal["flags"]:
                flag_db = Flags(challenge_id=chal_dbobj.id,
                                content=flag["flag"],
                                type=flag["type"])
                db.session.add(flag_db)

            for hint in chal.get("hints", []):
                hint_dbobj = Hints(challenge_id=chal_dbobj.id,
                                   content=hint["content"],
                                   cost=hint["cost"])
                db.session.add(hint_dbobj)

            chal_dbobj.state = "hidden" if (
                "hidden" in chal and chal["hidden"] == True) else "visible"
            chal_dbobj.max_attempts = chal[
                "max_attempts"] if "max_attempts" in chal else 0

            if "files" in chal:
                from io import FileIO

                for filename in chal["files"]:
                    try:
                        # upload_file takes a werkzeug.FileStorage object, but we
                        # can get close enough with a file object with a
                        # filename property added
                        filepath = os.path.join(os.path.dirname(in_file),
                                                filename)
                        with FileIO(filepath, mode="rb") as f:
                            f.filename = os.path.basename(f.name)
                            uploads.upload_file(file=f,
                                                challenge=chal_dbobj.id,
                                                type="challenge")
                    except FileNotFoundError:
                        raise ValueError(
                            "Unable to import challenges. Missing file: " +
                            filename)

    db.session.commit()

    # update challenge prerequisites after all the challenges were created
    with open(in_file, "r") as in_stream:
        data = list(yaml.safe_load_all(in_stream))
        for chal in data[0]["challs"]:

            chal_dbobj = Challenges.query.filter_by(
                name=chal["name"].strip()).first()

            prerequisites = set()
            for prerequisite in chal.get("prerequisites", []):
                prerequisites.update([
                    c.id for c in Challenges.query.filter_by(
                        name=prerequisite).all()
                ])
            chal_dbobj.requirements = {"prerequisites": list(prerequisites)}

    db.session.commit()
    db.session.close()

Esempio n. 5

0

Mostra file

    def admin_create_chal():
        if request.method == 'POST':
            print("[DEBUG] Post request sent to my modified admin_create_chal")
            files = request.files.getlist('files[]')

            # Create challenge
            chal = Challenges(
                name=request.form['name'],
                description=request.form['desc'],
                value=request.form['value'],
                category=request.form['category'],
                type=request.form['chaltype'],
            )

            if 'hidden' in request.form:
                chal.hidden = True
            else:
                chal.hidden = False

            max_attempts = request.form.get('max_attempts')
            if max_attempts and max_attempts.isdigit():
                chal.max_attempts = int(max_attempts)

            db.session.add(chal)
            db.session.flush()

            # This if added by me
            print("[DEBUG] chal.id: " + str(chal.id))
            if chal.type == 'ethereum':
                solidity = request.form['solidity']
                test_func = request.form['test_func']
                args = request.form['args']
                starting_ether = request.form['starting-ether']
                flag = request.form['key']
                print("[DEBUG] Type is ethereum!")
                if ethereumctf.compile_contract(str(chal.id), solidity,
                                                test_func,
                                                ast.literal_eval(args),
                                                starting_ether, flag):
                    print("[DEBUG] successful compile!")
                else:
                    db.session.rollback()
                    print("[DEBUG] failed compile")
                    return redirect(
                        url_for('admin_challenges.admin_create_chal')
                    )  # TODO: Fail better

            db.session.commit()

            flag = Keys(chal.id, request.form['key'],
                        int(request.form['key_type[0]']))
            if request.form.get('keydata'):
                flag.data = request.form.get('keydata')
            db.session.add(flag)

            db.session.commit()

            for f in files:
                utils.upload_file(file=f, chalid=chal.id)

            db.session.commit()
            db.session.close()
            return redirect(url_for('admin_challenges.admin_chals'))
        else:
            return render_template('admin/chals/create.html')