def to_dict(self):
""" Returns public data as a dict """
box = Box.by_id(self.box_id)
if self.lock_id:
lock_uuid = Flag.by_id(self.lock_id).uuid
else:
lock_uuid = ""
case_sensitive = self.case_sensitive
if case_sensitive != 0:
case_sensitive = 1
return {
"name": self.name,
"uuid": self.uuid,
"description": self.description,
"capture_message": self.capture_message,
"value": self.value,
"original_value": self.original_value,
"box": box.uuid,
"token": self.token,
"lock_uuid": lock_uuid,
"case-sensitive": case_sensitive,
"flagtype": self.type,
"choices": self.choices(),
"order": self.order,
}
def edit_hint(self):
""" Edit a hint object """
try:
hint = Hint.by_uuid(self.get_argument("uuid", ""))
if hint is None:
raise ValidationError("Hint does not exist")
logging.debug("Edit hint object with uuid of %s" % hint.uuid)
price = self.get_argument("price", "")
if hint.price != price:
hint.price = price
description = self.get_argument("description", "")
hint.description = description
flag = Flag.by_uuid(self.get_argument("hint-flag_uuid", ""))
if flag:
flag_id = flag.id
else:
flag_id = None
hint.flag_id = flag_id
box = Box.by_id(flag.box_id)
self.dbsession.add(hint)
self.dbsession.commit()
self.redirect("/admin/view/game_objects#%s" % box.uuid)
except ValidationError as error:
self.render("admin/view/game_objects.html",
success=None,
errors=[str(error)])
def render_page(self, flag, errors=[]):
''' Wrapper to .render() to avoid duplicate code '''
user = self.get_current_user()
box = Box.by_id(flag.box_id)
self.render('missions/box.html',
box=box,
team=user.team,
errors=errors)
def render_page(self, flag, errors=[]):
''' Wrapper to .render() to avoid duplicate code '''
user = self.get_current_user()
box = Box.by_id(flag.box_id)
self.render('missions/box.html',
box=box,
team=user.team,
errors=errors)
def to_dict(self):
''' Returns public data as a dict '''
box = Box.by_id(self.box_id)
return {
'name': self.name,
'uuid': self.uuid,
'description': self.description,
'capture_message': self.capture_message,
'value': self.value,
'box': box.uuid,
'token': self.token,
}
def to_dict(self):
''' Returns public data as a dict '''
box = Box.by_id(self.box_id)
return {
'name': self.name,
'uuid': self.uuid,
'description': self.description,
'capture_message': self.capture_message,
'value': self.value,
'box': box.uuid,
'token': self.token,
}
def to_dict(self):
""" Returns public data as a dict """
box = Box.by_id(self.box_id)
return {
"name": self.name,
"uuid": self.uuid,
"description": self.description,
"capture_message": self.capture_message,
"value": self.value,
"box": box.uuid,
"token": self.token,
}
def to_dict(self):
''' Returns public data as a dict '''
box = Box.by_id(self.box_id)
if self.lock_id:
lock_uuid = Flag.by_id(self.lock_id).uuid
else:
lock_uuid = ''
case_sensitive = self.case_sensitive
if case_sensitive != 0:
case_sensitive = 1
return {
'name': self.name,
'uuid': self.uuid,
'description': self.description,
'capture_message': self.capture_message,
'value': self.value,
'box': box.uuid,
'token': self.token,
'lock_uuid': lock_uuid,
'case-sensitive': case_sensitive,
'flagtype': self.type,
'choices': self.choices()
}
def to_dict(self):
''' Returns public data as a dict '''
box = Box.by_id(self.box_id)
if self.lock_id:
lock_uuid = Flag.by_id(self.lock_id).uuid
else:
lock_uuid = ''
case_sensitive = self.case_sensitive
if case_sensitive != 0:
case_sensitive = 1
return {
'name': self.name,
'uuid': self.uuid,
'description': self.description,
'capture_message': self.capture_message,
'value': self.value,
'original_value': self.original_value,
'box': box.uuid,
'token': self.token,
'lock_uuid': lock_uuid,
'case-sensitive': case_sensitive,
'flagtype': self.type,
'choices': self.choices()
}
def edit_hint(self):
''' Edit a hint object '''
try:
hint = Hint.by_uuid(self.get_argument('uuid', ''))
if hint is None:
raise ValidationError("Hint does not exist")
logging.debug("Edit hint object with uuid of %s" % hint.uuid)
price = self.get_argument('price', '')
if hint.price != price:
hint.price = price
description = self.get_argument('description', '')
hint.description = description
flag = Flag.by_uuid(self.get_argument('hint-flag_uuid', ''))
if flag:
flag_id = flag.id
else:
flag_id = None
hint.flag_id = flag_id
box = Box.by_id(flag.box_id)
self.dbsession.add(hint)
self.dbsession.commit()
self.redirect("/admin/view/game_objects#%s" % box.uuid)
except ValidationError as error:
self.render("admin/view/game_objects.html", errors=[str(error), ])
def render_page_by_box_id(self, box_id, errors=[], success=[], info=[]):
box = Box.by_id(box_id)
self.render_page_by_box(box, errors, success, info)
def post(self, *args, **kwargs):
""" Check validity of flag submissions """
box_id = self.get_argument("box_id", None)
uuid = self.get_argument("uuid", "")
token = self.get_argument("token", "")
user = self.get_current_user()
if (box_id and Box.by_id(box_id).locked) or (
box_id is None and uuid and Flag.by_uuid(uuid).box.locked):
self.render(
"missions/status.html",
errors=None,
info=["This box is currently locked by the Admin."],
)
return
if (token is not None and box_id is not None
and Box.by_id(box_id).flag_submission_type
== FlagsSubmissionType.SINGLE_SUBMISSION_BOX):
flag = Flag.by_token_and_box_id(token, box_id)
else:
flag = Flag.by_uuid(uuid)
if (flag is not None and Penalty.by_count(flag, user.team) >=
self.config.max_flag_attempts):
self.render_page_by_flag(
flag,
info=[
"Max attempts reached - you can no longer answer this flag."
],
)
return
if flag and flag in user.team.flags:
self.render_page_by_flag(flag)
return
elif (flag is None or flag.game_level.type == "none"
or flag.game_level in user.team.game_levels):
submission = ""
if flag is not None and flag.is_file:
if hasattr(self.request,
"files") and "flag" in self.request.files:
submission = self.request.files["flag"][0]["body"]
else:
submission = self.get_argument("token",
"").replace("__quote__", '"')
if len(submission) == 0:
self.render_page_by_flag(
flag, info=["No flag was provided - try again."])
return
old_reward = flag.dynamic_value(
user.team) if flag is not None else 0
if flag is not None and self.attempt_capture(flag, submission):
self.add_content_policy("script", "'unsafe-eval'")
success = self.success_capture(flag, old_reward)
if self.config.story_mode:
box = flag.box
if not (len(box.capture_message) > 0
and box.is_complete(user)):
box = None
has_capture_message = (len(flag.capture_message) > 0
or box is not None)
if has_capture_message:
self.render(
"missions/captured.html",
flag=flag,
box=box,
reward=old_reward,
success=success,
)
return
self.render_page_by_flag(flag, success=success)
return
else:
self.failed_attempt(flag, user, submission, box_id)
else:
self.render("public/404.html")
def box(self):
return Box.by_id(self.box_id)
def render_page_by_box_id(self, box_id, errors=[], success=[], info=[]):
box = Box.by_id(box_id)
self.render_page_by_box(box, errors, success, info)
def box(self):
return Box.by_id(self.box_id)
