def handle_request(): args = parser.parse_args() if None in args.values(): return '110 // Checker error // Incorrect arguments', 404 w = Worker(**args) user, password = generator.generate_userpass(args['flag_id'])[0] result = w.put(user, password) w.begin_loop(50) db_manager.add_job(HOST, PORT, **args) return result, 200
def _begin_loop(self, loop_seconds): users = generator.generate_userpass(self.flag_id) start_time = time.time() for userpass in users[1:]: user, password = userpass[0], userpass[1] # print(user) # print(password) if time.time() < start_time + loop_seconds: # Если воркера объявили дауном, значит и работу отобрали. if self.get_current_state() == 'down': db_manager.add_free_worker(HOST, PORT) return self.put(user, password) self.get(user, password) self.send_state() print('finished') db_manager.remove_job(self.team_ip, self.vuln)
def on_get(team_ip: str, flag_id: str, flag: str) -> Verdict: user, password = generator.generate_userpass(flag_id)[0] try: cookie = beacons_api.sign_in(team_ip, user, password) except requests.exceptions.ConnectionError: return Verdict.DOWN('down', 'ConnectionError') if not cookie: return Verdict.MUMBLE('', "no session cookie, can't sign in") beacons = beacons_api.get_all_user_beacons(team_ip, cookie) if not beacons: return Verdict.MUMBLE('', 'no beacon') comments = [] for id in beacons: comments.append(beacons_api.get_beacon_comment(team_ip, cookie, id)) if flag in comments: # print(comments) # print(flag) return Verdict.OK() return Verdict.CORRUPT('', 'hz')
def on_put(team_ip: str, flag_id: str, flag: str) -> Verdict: global STATES # print('\nputting') for i in range(6): try: user, password = generator.generate_userpass(flag_id)[0] session = beacons_api.register_user(team_ip, user, password) except requests.exceptions.ConnectionError: return Verdict.DOWN('down', 'ConnectionError') if session: break if i == 5: return Verdict.MUMBLE("Can;t register user", '') beacon_name = generator.generate_beacon_name() for i in range(7): x, y = generator.generate_coords() beacon_id = beacons_api.add_beacon(team_ip, session, x, y, beacon_name, flag) if beacon_id: return Verdict.OK() return Verdict.MUMBLE("Can't add new beacon", '')
beacons = beacons_api.get_all_user_beacons(team_ip, session_cookie) if not beacons: print('no beacons') return {"code": 103} print('beacons: ' + str(beacons)) driver.get(f"http://{team_ip}:{SERVICE_PORT}/") driver.add_cookie({ 'name': 'session', 'value': session_cookie, 'domain': "." + team_ip, 'path': '/' }) for beacon_id in beacons: driver.get(f'http://{team_ip}:{SERVICE_PORT}/Beacon/{beacon_id}') print(driver.current_url) # print(driver.page_source) if beacon_id in driver.current_url: print('fine') return {"code": 101} return {'code': 110} if __name__ == '__main__': # testing seed = '928akl23skkk43f4hjdse83ueje89n0000' u, p = generator.generate_userpass(seed)[4] s = beacons_api.register_user('127.0.0.1', u, p) print(s) beacons_api.add_beacon('localhost', s, 8439, 9099, 'ddud', 'frfrfrfr') aaa = make_request('localhost', u, p)
def on_check(team_ip: str) -> Verdict: private_result = False public_result = False sharing_result = False # check adding pictures, sharing links and devices image_name = generator.get_image() try: for i in range(6): user, password = generator.generate_userpass(None)[0] cookie = beacons_api.register_user(team_ip, user, password) if cookie: break if i == 5: return Verdict.MUMBLE("Can't register new user", "Can't register new user") except requests.exceptions.ConnectionError: return Verdict.DOWN('down', 'ConnectionError') # могжет не подойти название, коммент или координаты оказаться использованными for i in range(5): name = generator.generate_beacon_name() private_x, private_y = generator.generate_coords() x, y = generator.generate_coords() private_comment = generator.generate_comment() public_comment = generator.generate_comment() beacon_id_private = beacons_api.add_beacon(team_ip, cookie, private_x, private_y, name, private_comment) beacon_id_public = beacons_api.add_beacon(team_ip, cookie, x, y, name, public_comment, False) if beacon_id_private and beacon_id_public: break if i == 4: return Verdict.MUMBLE("Can't add new beacon", "Can't add new beacon") invite_code = beacons_api.get_beacon_invite(team_ip, cookie, beacon_id_private) if not invite_code: return Verdict.MUMBLE("Can't get invite code", "Can't get invite code") image_id_private = beacons_api.upload_image(team_ip, cookie, beacon_id_private, image_name) image_id_public = beacons_api.upload_image(team_ip, cookie, beacon_id_public, image_name) if not image_id_private or not image_id_public: return Verdict.MUMBLE("Can't upload image", "Can't upload image") images = beacons_api.get_image_ids(team_ip, cookie, beacon_id_private) if image_id_private in [img['id'] for img in images]: # print(1) private_result = True logout = beacons_api.logout(team_ip, cookie) if logout != 200: return Verdict.MUMBLE('no logout', 'no logout') # check availability of public image for i in range(4): new_user, new_pass = generator.generate_userpass(None)[0] another_user_cookie = beacons_api.register_user( team_ip, new_user, new_pass) if another_user_cookie: break if i == 3: return Verdict.MUMBLE("Can't register user", "Can't register user") images = beacons_api.get_image_ids(team_ip, another_user_cookie, beacon_id_public) if image_id_public in [img['id'] for img in images]: # print(2) public_result = True # check the possibility to get shared beacons is_private = beacons_api.get_shared_beacon(team_ip, another_user_cookie, invite_code) if not is_private: # print(3) sharing_result = True logout = beacons_api.logout(team_ip, another_user_cookie) if logout != 200: return Verdict.MUMBLE('no logout', 'no logout') if private_result and public_result and sharing_result: return Verdict.OK() return Verdict.MUMBLE("Can't get images", "Can't get images")