def handle_request():
args = parser.parse_args()
if None in args.values():
return '110 // Checker error // Incorrect arguments', 404
w = Worker(**args)
user, password = generator.generate_userpass(args['flag_id'])[0]
result = w.put(user, password)
w.begin_loop(50)
db_manager.add_job(HOST, PORT, **args)
return result, 200
def _begin_loop(self, loop_seconds):
users = generator.generate_userpass(self.flag_id)
start_time = time.time()
for userpass in users[1:]:
user, password = userpass[0], userpass[1]
# print(user)
# print(password)
if time.time() < start_time + loop_seconds:
# Если воркера объявили дауном, значит и работу отобрали.
if self.get_current_state() == 'down':
db_manager.add_free_worker(HOST, PORT)
return
self.put(user, password)
self.get(user, password)
self.send_state()
print('finished')
db_manager.remove_job(self.team_ip, self.vuln)
def on_get(team_ip: str, flag_id: str, flag: str) -> Verdict:
user, password = generator.generate_userpass(flag_id)[0]
try:
cookie = beacons_api.sign_in(team_ip, user, password)
except requests.exceptions.ConnectionError:
return Verdict.DOWN('down', 'ConnectionError')
if not cookie:
return Verdict.MUMBLE('', "no session cookie, can't sign in")
beacons = beacons_api.get_all_user_beacons(team_ip, cookie)
if not beacons:
return Verdict.MUMBLE('', 'no beacon')
comments = []
for id in beacons:
comments.append(beacons_api.get_beacon_comment(team_ip, cookie, id))
if flag in comments:
# print(comments)
# print(flag)
return Verdict.OK()
return Verdict.CORRUPT('', 'hz')
def on_put(team_ip: str, flag_id: str, flag: str) -> Verdict:
global STATES
# print('\nputting')
for i in range(6):
try:
user, password = generator.generate_userpass(flag_id)[0]
session = beacons_api.register_user(team_ip, user, password)
except requests.exceptions.ConnectionError:
return Verdict.DOWN('down', 'ConnectionError')
if session:
break
if i == 5:
return Verdict.MUMBLE("Can;t register user", '')
beacon_name = generator.generate_beacon_name()
for i in range(7):
x, y = generator.generate_coords()
beacon_id = beacons_api.add_beacon(team_ip, session, x, y, beacon_name,
flag)
if beacon_id:
return Verdict.OK()
return Verdict.MUMBLE("Can't add new beacon", '')
beacons = beacons_api.get_all_user_beacons(team_ip, session_cookie)
if not beacons:
print('no beacons')
return {"code": 103}
print('beacons: ' + str(beacons))
driver.get(f"http://{team_ip}:{SERVICE_PORT}/")
driver.add_cookie({
'name': 'session',
'value': session_cookie,
'domain': "." + team_ip,
'path': '/'
})
for beacon_id in beacons:
driver.get(f'http://{team_ip}:{SERVICE_PORT}/Beacon/{beacon_id}')
print(driver.current_url)
# print(driver.page_source)
if beacon_id in driver.current_url:
print('fine')
return {"code": 101}
return {'code': 110}
if __name__ == '__main__':
# testing
seed = '928akl23skkk43f4hjdse83ueje89n0000'
u, p = generator.generate_userpass(seed)[4]
s = beacons_api.register_user('127.0.0.1', u, p)
print(s)
beacons_api.add_beacon('localhost', s, 8439, 9099, 'ddud', 'frfrfrfr')
aaa = make_request('localhost', u, p)
def on_check(team_ip: str) -> Verdict:
private_result = False
public_result = False
sharing_result = False
# check adding pictures, sharing links and devices
image_name = generator.get_image()
try:
for i in range(6):
user, password = generator.generate_userpass(None)[0]
cookie = beacons_api.register_user(team_ip, user, password)
if cookie:
break
if i == 5:
return Verdict.MUMBLE("Can't register new user",
"Can't register new user")
except requests.exceptions.ConnectionError:
return Verdict.DOWN('down', 'ConnectionError')
# могжет не подойти название, коммент или координаты оказаться использованными
for i in range(5):
name = generator.generate_beacon_name()
private_x, private_y = generator.generate_coords()
x, y = generator.generate_coords()
private_comment = generator.generate_comment()
public_comment = generator.generate_comment()
beacon_id_private = beacons_api.add_beacon(team_ip, cookie, private_x,
private_y, name,
private_comment)
beacon_id_public = beacons_api.add_beacon(team_ip, cookie, x, y, name,
public_comment, False)
if beacon_id_private and beacon_id_public:
break
if i == 4:
return Verdict.MUMBLE("Can't add new beacon",
"Can't add new beacon")
invite_code = beacons_api.get_beacon_invite(team_ip, cookie,
beacon_id_private)
if not invite_code:
return Verdict.MUMBLE("Can't get invite code", "Can't get invite code")
image_id_private = beacons_api.upload_image(team_ip, cookie,
beacon_id_private, image_name)
image_id_public = beacons_api.upload_image(team_ip, cookie,
beacon_id_public, image_name)
if not image_id_private or not image_id_public:
return Verdict.MUMBLE("Can't upload image", "Can't upload image")
images = beacons_api.get_image_ids(team_ip, cookie, beacon_id_private)
if image_id_private in [img['id'] for img in images]:
# print(1)
private_result = True
logout = beacons_api.logout(team_ip, cookie)
if logout != 200:
return Verdict.MUMBLE('no logout', 'no logout')
# check availability of public image
for i in range(4):
new_user, new_pass = generator.generate_userpass(None)[0]
another_user_cookie = beacons_api.register_user(
team_ip, new_user, new_pass)
if another_user_cookie:
break
if i == 3:
return Verdict.MUMBLE("Can't register user", "Can't register user")
images = beacons_api.get_image_ids(team_ip, another_user_cookie,
beacon_id_public)
if image_id_public in [img['id'] for img in images]:
# print(2)
public_result = True
# check the possibility to get shared beacons
is_private = beacons_api.get_shared_beacon(team_ip, another_user_cookie,
invite_code)
if not is_private:
# print(3)
sharing_result = True
logout = beacons_api.logout(team_ip, another_user_cookie)
if logout != 200:
return Verdict.MUMBLE('no logout', 'no logout')
if private_result and public_result and sharing_result:
return Verdict.OK()
return Verdict.MUMBLE("Can't get images", "Can't get images")