def admin_keys_view(keyid): if request.method == 'GET': if keyid: saved_key = Keys.query.filter_by(id=keyid).first_or_404() json_data = { 'id': saved_key.id, 'key': saved_key.flag, 'data': saved_key.data, 'chal': saved_key.chal, 'type': saved_key.key_type, 'type_name': get_key_class(saved_key.key_type).name } return jsonify(json_data) elif request.method == 'POST': chal = request.form.get('chal') flag = request.form.get('key') data = request.form.get('keydata') key_type = int(request.form.get('key_type')) if not keyid: k = Keys(chal, flag, key_type) k.data = data db.session.add(k) else: k = Keys.query.filter_by(id=keyid).first() k.chal = chal k.flag = flag k.data = data k.key_type = key_type db.session.commit() db.session.close() return '1'
def admin_create_chal(): if request.method == 'POST': files = request.files.getlist('files[]') # Create challenge chal = Challenges(request.form['name'], request.form['desc'], request.form['value'], request.form['category'], int(request.form['chaltype'])) if 'hidden' in request.form: chal.hidden = True else: chal.hidden = False db.session.add(chal) db.session.flush() flag = Keys(chal.id, request.form['key'], int(request.form['key_type[0]'])) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit() for f in files: upload_file(file=f, chalid=chal.id) db.session.commit() db.session.close() return redirect(url_for('admin_challenges.admin_chals')) else: return render_template('admin/chals/create.html')
def create(request): """ This method is used to process the challenge creation request. :param request: :return: """ # Create challenge chal = AnonymousChallenge( name=request.form['name'], value=request.form['value'], category=request.form['category'], type=request.form['chaltype'], ) chal.hidden = True # The challenge should always be hidden chal.max_attempts = 0 # Unlimited attempts for this type of challenge db.session.add(chal) db.session.commit() flag = Keys(chal.id, request.form['key'], 'static') # request.form['key_type[0]']) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit() files = request.files.getlist('files[]') for f in files: utils.upload_file(file=f, chalid=chal.id) db.session.commit()
def create(request): """ This method is used to process the challenge creation request. :param request: :return: """ files = request.files.getlist('files[]') # Create challenge chal = BonusChallenges( name=request.form['name'], description=request.form['desc'], value=request.form['value'], category='Bonus Flag', type=request.form['chaltype'], ) chal.hidden = True db.session.add(chal) db.session.commit() flag = Keys(chal.id, request.form['key'], request.form['key_type[0]']) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit()
def admin_create_chal(): if request.method == 'POST': files = request.files.getlist('files[]') # Create challenge chal = Challenges(request.form['name'], request.form['desc'], request.form['value'], request.form['category'], int(request.form['chaltype'])) if 'hidden' in request.form: chal.hidden = True else: chal.hidden = False max_attempts = request.form.get('max_attempts') if max_attempts and max_attempts.isdigit(): chal.max_attempts = int(max_attempts) db.session.add(chal) db.session.flush() flag = Keys(chal.id, request.form['key'], int(request.form['key_type[0]'])) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit() for f in files: utils.upload_file(file=f, chalid=chal.id) db.session.commit() db.session.close() return redirect(url_for('admin_challenges.admin_chals')) else: return render_template('admin/chals/create.html')
def create(request): """ This method is used to process the challenge creation request. :param request: :return: """ files = request.files.getlist('files[]') keys = {} for i in range(len(request.form)): key_name = 'key_name[{}]'.format(i) key_sol = 'key_solution[{}]'.format(i) key_type = 'key_type[{}]'.format(i) if key_name in request.form: keys[request.form[key_name]] = { 'key': request.form[key_sol], 'type': request.form[key_type] } else: break # Create challenge chal = MultiQuestionChallengeModel( name=request.form['name'], description=request.form['description'], value=request.form['value'], category=request.form['category'], type=request.form['chaltype']) if 'hidden' in request.form: chal.hidden = True else: chal.hidden = False max_attempts = request.form.get('max_attempts') if max_attempts and max_attempts.isdigit(): chal.max_attempts = int(max_attempts) db.session.add(chal) db.session.commit() for key, value in keys.iteritems(): flag = Keys(chal.id, value['key'], value['type']) flag.data = json.dumps({key: False}) db.session.add(flag) db.session.commit() for f in files: utils.upload_file(file=f, chalid=chal.id) db.session.commit() db.session.close()
def create(request): """ This method is used to process the challege creation request. :param request: :return: """ buildingList = [] for item in request.form: if "buildingId" in item: buildingList.append(request.form[item]) buildingListString = [str(x) for x in buildingList] print(buildingListString) files = request.files.getlist('files[]') chal = SmartCityChallenge(name=request.form['name'], category=request.form['category'], description=request.form['description'], value=request.form['value'], buildingId=str(buildingListString), soundId=request.form['soundId'], type=request.form['chaltype']) if 'hidden' in request.form: chal.hidden = True else: chal.hidden = False max_attempts = request.form.get('max_attempts') if max_attempts and max_attempts.isdigit(): chal.max_attempts = int(max_attempts) #logger.debug("Genereted buildingId " + chal.buildingId + " for challenge " + chal.name) db.session.add(chal) db.session.commit() flag = Keys(chal.id, request.form['key'], request.form['key_type[0]']) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit() for f in files: utils.upload_file(file=f, chalid=chal.id) db.session.commit()
def create(request): """ This method is used to process the challenge creation request. :param request: :return: """ # Create challenge chal = Challenges( name=request.form['name'], description=request.form['description'], value=request.form['value'], category=request.form['category'], type=request.form['chaltype'], penalty = request.form['penalty'] ) if 'hidden' in request.form: chal.hidden = True else: chal.hidden = False max_attempts = request.form.get('max_attempts') if max_attempts and max_attempts.isdigit(): chal.max_attempts = int(max_attempts) db.session.add(chal) db.session.commit() flag = Keys(chal.id, request.form['key'], request.form['key_type[0]']) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit() files = request.files.getlist('files[]') for f in files: utils.upload_file(file=f, chalid=chal.id) file_generators = request.files.getlist('file_generators[]') for g in file_generators: utils.upload_file(file=g, chalid=chal.id, isgenerator=True) db.session.commit()
def create(request): """ This method is used to process the challenge creation request. :param request: :return: """ # Create challenge chal = CommunityChallengeModel(name=request.form['name'], description=request.form['description'], value=request.form['value'], category=request.form['category'], type=request.form['chaltype'], owner=session['id']) # Never hide Community challenges chal.hidden = False max_attempts = request.form.get('max_attempts') if max_attempts and max_attempts.isdigit(): chal.max_attempts = int(max_attempts) db.session.add(chal) db.session.commit() flag = Keys(chal.id, request.form['key'], request.form['key_type[0]']) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit() files = request.files.getlist('files[]') for f in files: utils.upload_file(file=f, chalid=chal.id) db.session.commit()
def create(request): """ This method is used to process the challenge creation request. :param request: :return: """ files = request.files.getlist('files[]') # Liste de tuples de 3 éléments : # - solution (le flag à trouver) # - type ("static" ou "regex") # - data (JSON string) keys = [] index_key = 0 while ('key_solution[%s]' % index_key) in request.form: key_solution = request.form['key_solution[%s]' % index_key] if key_solution: key_type = request.form.get('key_type[%s]' % index_key, '') if key_type not in ('static', 'regex'): key_type = 'static' award = request.form.get('award_interm[%s]' % index_key, 0) try: award = int(award) except ValueError: award = 0 congrat_msg = request.form.get('congrat_msg[%s]' % index_key, '') congrat_img_url = request.form.get( 'congrat_img_url[%s]' % index_key, '') doc_filename = request.form.get('doc_filename[%s]' % index_key, '') is_public = request.form.get('public[%s]' % index_key, '') == 'yes' cancel_score = request.form.get('cancel_score[%s]' % index_key, '') == 'yes' key_data = { 'congrat_msg': congrat_msg, 'congrat_img_url': congrat_img_url, 'doc_filename': doc_filename, 'award': award, 'public': is_public, 'cancel_score': cancel_score, } key_data = json.dumps(key_data) key_infos = (key_solution, key_type, key_data) keys.append(key_infos) index_key += 1 # Create challenge chal = IntermediateFlagChallengeModel( name=request.form['name'], description=request.form['description'], value=request.form['value'], category=request.form['category'], type=request.form['chaltype']) chal.hidden = 'hidden' in request.form max_attempts = request.form.get('max_attempts') if max_attempts and max_attempts.isdigit(): chal.max_attempts = int(max_attempts) db.session.add(chal) db.session.commit() for key_solution, key_type, key_data in keys: record_key = Keys(chal.id, key_solution, key_type) record_key.data = key_data db.session.add(record_key) db.session.commit() for f in files: utils.upload_file(file=f, chalid=chal.id) db.session.commit() db.session.close()
def admin_create_chal(): if request.method == 'POST': print("[DEBUG] Post request sent to my modified admin_create_chal") files = request.files.getlist('files[]') # Create challenge chal = Challenges( name=request.form['name'], description=request.form['desc'], value=request.form['value'], category=request.form['category'], type=request.form['chaltype'], ) if 'hidden' in request.form: chal.hidden = True else: chal.hidden = False max_attempts = request.form.get('max_attempts') if max_attempts and max_attempts.isdigit(): chal.max_attempts = int(max_attempts) db.session.add(chal) db.session.flush() # This if added by me print("[DEBUG] chal.id: " + str(chal.id)) if chal.type == 'ethereum': solidity = request.form['solidity'] test_func = request.form['test_func'] args = request.form['args'] starting_ether = request.form['starting-ether'] flag = request.form['key'] print("[DEBUG] Type is ethereum!") if ethereumctf.compile_contract(str(chal.id), solidity, test_func, ast.literal_eval(args), starting_ether, flag): print("[DEBUG] successful compile!") else: db.session.rollback() print("[DEBUG] failed compile") return redirect( url_for('admin_challenges.admin_create_chal') ) # TODO: Fail better db.session.commit() flag = Keys(chal.id, request.form['key'], int(request.form['key_type[0]'])) if request.form.get('keydata'): flag.data = request.form.get('keydata') db.session.add(flag) db.session.commit() for f in files: utils.upload_file(file=f, chalid=chal.id) db.session.commit() db.session.close() return redirect(url_for('admin_challenges.admin_chals')) else: return render_template('admin/chals/create.html')