class BrutalForce(Challenge):
meta = ChallengeMetadata(challenge_id="brutal_force",
name="Brutal Force",
description="Use the force",
price=6,
value=FLAGS["brutal_force_challenge"][1],
flag=FLAGS["brutal_force_challenge"][0],
js_function="brutalForce()",
sort_order=1)
def __init__(self):
super().__init__()
random.seed() # uses current system time
self.pin = random.randint(666, 9999) # The user's random PIN number
self.pin_hash = hashlib.sha256(str(
self.pin).encode('utf-8')).hexdigest()
def to_json(self):
obj = super().to_json()
obj.update({"pin_hash": self.pin_hash})
return obj
def check(self, answer):
try:
answer = int(answer)
if answer < 1 or answer > 9999:
return False
except ValueError:
return False
if answer == self.pin:
self.solved = True
return True
return False
class Xor(Challenge):
alnum = string.ascii_letters + string.digits
meta = ChallengeMetadata(challenge_id="xor",
name="XOR",
description="The most exclusive",
price=25,
value=FLAGS["xor_challenge"][1],
flag=FLAGS["xor_challenge"][0],
js_function="xor()",
sort_order=4)
def __init__(self):
super().__init__()
random.seed() # uses current system time
# NOTE: Change before deploy
self.message = "the quick brown fox jumps over the lazy dog"
self.key = ""
self.cipher_key = None
self.generate_key()
self.cipher = self.sxor(self.cipher_key, self.message)
def generate_key(self):
key_len = 6
for _ in range(key_len):
self.key += self.alnum[random.randint(0, (len(self.alnum) - 1))]
self.cipher_key = str(
self.key) * (int(len(self.message) / len(self.key)) + 1)
def sxor(self, s1, s2):
# convert strings to a list of character pair tuples
# go through each tuple, converting them to ASCII code (ord)
# perform exclusive or on the ASCII code
# then convert the result back to ASCII (chr)
# merge the resulting array of characters as a string
return bytes([(ord(a) ^ ord(b)) for a, b in zip(s1, s2)])
def to_json(self):
obj = super().to_json()
obj.update({"cipher_text": str(self.cipher.hex())})
return obj
def check(self, answer):
if answer.strip() == self.key or answer.strip() == self.cipher_key:
self.solved = True
return True
return False
class PaidContent(Challenge):
meta = ChallengeMetadata(challenge_id="paid_content",
name="Paid Content",
description="Pay for things you want!",
price=25,
value=FLAGS["paid_content_challenge"][1],
flag=FLAGS["paid_content_challenge"][0],
js_function="paidContent()",
sort_order=2)
def check(self, answer):
if isinstance(answer, AuthenticatedSession):
if answer.paid:
self.solved = True
return True
return False
class SentenceBot(Challenge):
meta = ChallengeMetadata(challenge_id="sentence_bot",
name="Sentence Bot",
description="RE The Flag",
price=0,
value=FLAGS["sentence_bot_challenge"][1],
flag="",
sort_order=0,
js_function="sentenceBot()")
def __init__(self):
super().__init__()
self.solved = True
self.purchased = True
def check(self, answer):
self.solved = True
return True
class JackIt(Challenge):
meta = ChallengeMetadata(
challenge_id="jackit_game",
name="Game Programming Challenge",
description="2D Side-scrolling game where you modify code to win",
price=0,
value=153,
flag="",
sort_order=1,
js_function="jackIt()")
def __init__(self):
super().__init__()
self.solved = True
self.purchased = True
def check(self, answer):
self.solved = True
return True
class Genetic(Challenge):
chars = string.ascii_letters + string.digits
password_len = 7
meta = ChallengeMetadata(challenge_id="genetic",
name="Nice Genes",
description="How fit are you?",
price=30,
value=FLAGS["genes"][1],
flag=FLAGS["genes"][0],
js_function="geneticGenes()",
sort_order=5)
def __init__(self):
super().__init__()
random.seed()
self.password = ""
self.score = 0
for _ in range(self.password_len):
self.password += self.chars[random.randint(0, len(self.chars) - 1)]
def to_json(self):
obj = super().to_json()
obj.update({"score": self.score})
return obj
def get_fitness(self, answer):
score = 0
for i, c in enumerate(answer):
if self.password[i] == c:
score += 1
self.score = (score / len(self.password)) * 100
if self.score == 100:
# Only solved when the score is 100
self.solved = True
def check(self, answer):
answer = answer.strip()
self.get_fitness(answer)
return True
class SuperAdmin(Challenge):
meta = ChallengeMetadata(challenge_id="super_admin",
name="Super Admin",
description="Are you admin tho?",
price=0,
value=FLAGS["super_admin_challenge"][1],
flag=FLAGS["super_admin_challenge"][0],
js_function="superAdmin()",
sort_order=0)
def __init__(self):
super().__init__()
self.solved = True
self.purchased = True
def to_json(self):
obj = super().to_json()
obj.update({"flag": self.meta.flag})
return obj
def check(self, answer):
self.solved = True
return True
class Rot(Challenge):
ALPHABET = string.ascii_lowercase
ROT_TIMEOUT = 1 # 1 minute to solve
meta = ChallengeMetadata(challenge_id="rot",
name="ROT?",
description="Ancient crypto",
price=25,
value=FLAGS["rot_challenge"][1],
flag=FLAGS["rot_challenge"][0],
js_function="rot()",
sort_order=3)
def __init__(self):
super().__init__()
random.seed() # uses current system time
# Solve 50 of them to win
self.num_to_solve = 50
# The number currently solved
self.num_solved = 0
# They will have 1 minute to solve from purchase
self.timeout = None
# Number of seconds remaining to solve
self.remaining_time = 0
self.message = ""
self.encrypted_message = ""
def purchase(self, hacker_bucks):
return_bucks = super().purchase(hacker_bucks)
if not self.purchased:
self.reset()
return return_bucks
def reset(self):
now = datetime.utcnow()
self.num_solved = 0
self.timeout = now + timedelta(minutes=self.ROT_TIMEOUT)
self.remaining_time = (self.timeout - now).total_seconds()
self.generate_enc_message()
def is_expired(self):
if self.timeout:
self.remaining_time = (self.timeout -
datetime.utcnow()).total_seconds()
if self.remaining_time <= 0:
return True
return False
def update(self):
if self.is_expired():
self.reset()
elif self.timeout is None:
self.reset()
def to_json(self):
obj = super().to_json()
self.update()
obj.update({
"num_to_solve": self.num_to_solve,
"num_solved": self.num_solved,
"remaining_time": self.remaining_time,
"encrypted_message": self.encrypted_message,
})
return obj
def generate_enc_message(self):
self.message = ""
self.encrypted_message = ""
key = random.randint(1, 25)
message_len = random.randint(4, 20)
self.message = ""
# Generate a crazy movie quote
self.message = ' '.join([
MOVIE_QUOTE_WORDS[random.randint(0,
len(MOVIE_QUOTE_WORDS) - 1)]
for _ in range(message_len)
])
# Generate the crypto message
self.encrypted_message = self.shifttext(key, self.message)
def shifttext(self, shift, msg):
msg = msg.strip().lower()
data = []
for c in msg:
if c.strip() and c in self.ALPHABET:
data.append(self.ALPHABET[(self.ALPHABET.index(c) + shift) %
26])
else:
data.append(c)
output = ''.join(data)
return output
def check(self, answer):
# Update will only change the message if the timer is expired
self.update()
if answer.strip().lower() == self.message.strip().lower():
self.num_solved += 1
if self.num_solved >= self.num_to_solve:
self.solved = True
else:
# If they're not done, generate a new encrypted message
self.generate_enc_message()
return True
# They have to get all 50 in a row correct
self.reset()
return False