def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = Config('ctf_name', ctf_name)
## CSS
css = Config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
## Index page
html = request.form['html']
page = Pages('index', html)
#max attempts per challenge
max_tries = Config("max_tries", 0)
## Start time
start = Config('start', None)
end = Config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = Config(
'view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = Config('prevent_registration', None)
setup = Config('setup', True)
db.session.add(ctf_name)
db.session.add(admin)
db.session.add(page)
db.session.add(max_tries)
db.session.add(start)
db.session.add(end)
db.session.add(view_challenges_unregistered)
db.session.add(prevent_registration)
db.session.add(css)
db.session.add(setup)
db.session.commit()
app.setup = False
return redirect('/')
print(session.get('nonce'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect('/')
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = Config('ctf_name', ctf_name)
## CSS
css = Config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
## Index page
html = request.form['html']
page = Pages('index', html)
#max attempts per challenge
max_tries = Config("max_tries",0)
## Start time
start = Config('start', None)
end = Config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = Config('view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = Config('prevent_registration', None)
setup = Config('setup', True)
db.session.add(ctf_name)
db.session.add(admin)
db.session.add(page)
db.session.add(max_tries)
db.session.add(start)
db.session.add(end)
db.session.add(view_challenges_unregistered)
db.session.add(prevent_registration)
db.session.add(css)
db.session.add(setup)
db.session.commit()
app.setup = False
return redirect('/')
print(session.get('nonce'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect('/')
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get("nonce"):
session["nonce"] = sha512(os.urandom(10))
if request.method == "POST":
ctf_name = request.form["ctf_name"]
ctf_name = Config("ctf_name", ctf_name)
## CSS
css = Config("start", "")
## Admin user
name = request.form["name"]
email = request.form["email"]
password = request.form["password"]
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
## Index page
html = request.form["html"]
page = Pages("index", html)
# max attempts per challenge
max_tries = Config("max_tries", 0)
## Start time
start = Config("start", None)
end = Config("end", None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = Config("view_challenges_unregistered", None)
## Allow/Disallow registration
prevent_registration = Config("prevent_registration", None)
setup = Config("setup", True)
db.session.add(ctf_name)
db.session.add(admin)
db.session.add(page)
db.session.add(max_tries)
db.session.add(start)
db.session.add(end)
db.session.add(view_challenges_unregistered)
db.session.add(prevent_registration)
db.session.add(css)
db.session.add(setup)
db.session.commit()
app.setup = False
return redirect("/")
print(session.get("nonce"))
return render_template("setup.html", nonce=session.get("nonce"))
return redirect("/")
def admin_create_team():
name = request.form.get('name', None)
password = request.form.get('password', None)
email = request.form.get('email', None)
website = request.form.get('website', None)
affiliation = request.form.get('affiliation', None)
country = request.form.get('country', None)
admin_user = True if request.form.get('admin', None) == 'on' else False
verified = True if request.form.get('verified', None) == 'on' else False
hidden = True if request.form.get('hidden', None) == 'on' else False
errors = []
if not name:
errors.append('The team requires a name')
elif Teams.query.filter(Teams.name == name).first():
errors.append('That name is taken')
if utils.check_email_format(name) is True:
errors.append('Team name cannot be an email address')
if not email:
errors.append('The team requires an email')
elif Teams.query.filter(Teams.email == email).first():
errors.append('That email is taken')
if email:
valid_email = utils.check_email_format(email)
if not valid_email:
errors.append("That email address is invalid")
if not password:
errors.append('The team requires a password')
if website and (website.startswith('http://')
or website.startswith('https://')) is False:
errors.append('Websites must start with http:// or https://')
if errors:
db.session.close()
return jsonify({'data': errors})
team = Teams(name, email, password)
team.website = website
team.affiliation = affiliation
team.country = country
team.admin = admin_user
team.verified = verified
team.banned = hidden
db.session.add(team)
db.session.commit()
db.session.close()
return jsonify({'data': ['success']})
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = set_config('ctf_name', ctf_name)
## CSS
css = set_config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
#max attempts per challenge
max_tries = set_config("max_tries", 0)
## Start time
start = set_config('start', None)
end = set_config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = set_config(
'view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = set_config('prevent_registration', None)
## Verify emails
verify_emails = set_config('verify_emails', None)
mail_server = set_config('mail_server', None)
mail_port = set_config('mail_port', None)
mail_tls = set_config('mail_tls', None)
mail_ssl = set_config('mail_ssl', None)
mail_username = set_config('mail_username', None)
mail_password = set_config('mail_password', None)
setup = set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
app.setup = False
return redirect('/')
return render_template('setup.html', nonce=session.get('nonce'))
return redirect('/')
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = set_config('ctf_name', ctf_name)
## CSS
css = set_config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
#max attempts per challenge
max_tries = set_config("max_tries",0)
## Start time
start = set_config('start', None)
end = set_config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = set_config('view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = set_config('prevent_registration', None)
## Verify emails
verify_emails = set_config('verify_emails', None)
mail_server = set_config('mail_server', None)
mail_port = set_config('mail_port', None)
mail_tls = set_config('mail_tls', None)
mail_ssl = set_config('mail_ssl', None)
mail_username = set_config('mail_username', None)
mail_password = set_config('mail_password', None)
setup = set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
app.setup = False
return redirect('/')
return render_template('setup.html', nonce=session.get('nonce'))
return redirect('/')
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not utils.is_setup():
if not session.get('nonce'):
session['nonce'] = utils.sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = utils.set_config('ctf_name', ctf_name)
# CSS
css = utils.set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
# Index page
index = """<div class="row">
<div class="col-md-6 offset-md-3">
<img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.png" />
<h3 class="text-center">
<p>A cool CTF platform from <a href="https://ctfd.io">ctfd.io</a></p>
<p>Follow us on social media:</p>
<a href="https://twitter.com/ctfdio"><i class="fab fa-twitter fa-2x" aria-hidden="true"></i></a>
<a href="https://facebook.com/ctfdio"><i class="fab fa-facebook fa-2x" aria-hidden="true"></i></a>
<a href="https://github.com/ctfd"><i class="fab fa-github fa-2x" aria-hidden="true"></i></a>
</h3>
<br>
<h4 class="text-center">
<a href="admin">Click here</a> to login and setup your CTF
</h4>
</div>
</div>""".format(request.script_root)
page = Pages(title=None, route='index', html=index, draft=False)
# max attempts per challenge
max_tries = utils.set_config('max_tries', 0)
# Start time
start = utils.set_config('start', None)
end = utils.set_config('end', None)
freeze = utils.set_config('freeze', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = utils.set_config(
'view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = utils.set_config('prevent_registration',
None)
# Verify emails
verify_emails = utils.set_config('verify_emails', None)
mail_server = utils.set_config('mail_server', None)
mail_port = utils.set_config('mail_port', None)
mail_tls = utils.set_config('mail_tls', None)
mail_ssl = utils.set_config('mail_ssl', None)
mail_username = utils.set_config('mail_username', None)
mail_password = utils.set_config('mail_password', None)
mail_useauth = utils.set_config('mail_useauth', None)
setup = utils.set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
session['username'] = admin.name
session['id'] = admin.id
session['admin'] = admin.admin
session['nonce'] = utils.sha512(os.urandom(10))
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = set_config('ctf_name', ctf_name)
## CSS
css = set_config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
## Index page
page = Pages('index', """<div class="container main-container">
<img class="logo" src="/static/img/logo.png" />
<h3 class="text-center">
Welcome to a cool CTF framework written by <a href="https://github.com/ColdHeat">Kevin Chung</a> of <a href="https://github.com/isislab">@isislab</a>
</h3>
<h4 class="text-center">
<a href="/admin">Click here</a> to login and setup your CTF
</h4>
</div>""")
#max attempts per challenge
max_tries = set_config("max_tries",0)
## Start time
start = set_config('start', None)
end = set_config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = set_config('view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = set_config('prevent_registration', None)
## Verify emails
verify_emails = set_config('verify_emails', None)
mail_server = set_config('mail_server', None)
mail_port = set_config('mail_port', None)
mail_tls = set_config('mail_tls', None)
mail_ssl = set_config('mail_ssl', None)
mail_username = set_config('mail_username', None)
mail_password = set_config('mail_password', None)
setup = set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
app.setup = False
return redirect('/')
return render_template('setup.html', nonce=session.get('nonce'))
return redirect('/')
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = set_config('ctf_name', ctf_name)
flag_format = request.form['flag_format']
flag_format = set_config('flag_format', flag_format)
# CSS
css = set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
# Index page
page = Pages(
'index', """
<img class="logo" src="{0}/static/original/img/logo.png" />
<h3 class="text-center">
Welcome to the THC CTF 2017 !
</h3>
<br/>
<h6 class="text-center">
<a href="https://github.com/ToulouseHackingConvention/CTFd/">scoreboard</a> based on <a href="https://github.com/isislab/CTFd">CTFd</a> and modified by <a href="https://github.com/arthaud">maxima</a>, <a href="https://github.com/palkeo">palkeo</a> and <a href="https://github.com/zadlg">zadig</a>.
</h6>""".format(request.script_root))
# max attempts per challenge
max_tries = set_config("max_tries", 0)
# Start time
start = set_config('start', None)
end = set_config('end', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = set_config(
'view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = set_config('prevent_registration', None)
# Verify emails
verify_emails = set_config('verify_emails', None)
mail_server = set_config('mail_server', None)
mail_port = set_config('mail_port', None)
mail_tls = set_config('mail_tls', None)
mail_ssl = set_config('mail_ssl', None)
mail_username = set_config('mail_username', None)
mail_password = set_config('mail_password', None)
setup = set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.index'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.index'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = Config('ctf_name', ctf_name)
## CSS
css = Config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
## Index page
html = request.form['html']
page = Pages('index', html)
#max attempts per challenge
max_tries = Config("max_tries",0)
## Start time
start = Config('start', None)
end = Config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = Config('view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = Config('prevent_registration', None)
setup = Config('setup', True)
evidence = [
["sample1", "Encrypted Zip", "{N3xt_l3v3l_encryption}"],
["sample2", "Caesar Cipher Sample", "{c1pherz_are_kewl}"],
["police_profile", "Police Profile", "{and_so_1t_begins}"],
["caesar_cipher", "Phone Pattern Clue", "{i_love_caesar_sal4ds}"],
["gesture_key_hash", "Gesture Key Hash", "{they_were_to0_young_to_d1e}"],
["victims_contacts", "Victim's Contacts", "{I_just_w4nt_To_phone_home}"],
["victims_history", "Victim's History", "{Back_to_the_H1story}"],
["sd_card", "SD Card", "{m0unting_has_never_b33n_3asier}"],
["sd_card_hidden", "SD Card Hidden Image", "{h1dden_files_4re_soooooo_s3cret}"],
["sd_card_deleted", "SD Card Deleted Image", "{ur_da7a_doesnt_go_away}"],
["agents_wallet", "Agents Wallet", "{h3_h3_m3_c01n5_1n_B175}"],
["emails", "Victim's Emails", "{7his_15_n0t_th3_3m41l_u_w4nt}"],
["hacktivists_website", "Hacktivist's Website", "{t3h_h4ckers_sp4c3}"],
["consulting_company_it_portal", "Consulting Company IT Portal", "{SYS_4DM11111111N_P0RTAAAAL}"],
["hacktivists_login", "Hacktivist Login", "{h4ck3r5_log1n_700}"],
["voting_database_corrupt", "Voting Database", "{17_corrup73d_:-(}"],
["personnel_database", "Personnel Database", "{4uthor1zed_per50nnel_0nly}"],
["hacktivists_pcap", "Hacktivist's PCAP", "{much_sh3llsh0ck_m4ny_pack3t_7oo_FTP}"],
["encrypted_zip", "Encrypted Zip", "{7ooo_much_Encryption_b4d_four_health}"],
["construct_qr", "Construct QR Code", "{carpet_weaving_grandmaster}"],
["irc_logs", "IRC Logs", "{700_much_3ncrypted_1337_sp3ak}"]
]
for e in evidence:
exec "{0} = Evidence(\"{1}\", \"{2}\")".format(e[0], e[1], e[2])
db.session.add(eval(e[0]))
db.session.commit()
'''
connections = [
[police_profile, victims_phone],
[police_profile, sd_card],
[victims_phone, agents_wallet],
[victims_phone, emails],
[victims_phone, browser_history],
[victims_phone, contacts],
[browser_history, hacktivists_website],
[browser_history, consulting_company_it_portal],
[hacktivists_website, hacktivists_login],
[hacktivists_login, seeded_torrent],
[hacktivists_login, irc_logs],
[seeded_torrent, stolen_personnel_database],
[seeded_torrent, stolen_voting_database],
[seeded_torrent, hacktivists_pcap],
[irc_logs, seeded_torrent],
[consulting_company_it_portal, voting_database_corrupt],
[consulting_company_it_portal, personnel_database]
]
for c in connections:
c = [_.eid for _ in c]
db.session.add(EvidenceConnection(*c))
db.session.commit()
'''
db.session.add(ctf_name)
db.session.add(admin)
db.session.add(page)
db.session.add(max_tries)
db.session.add(start)
db.session.add(end)
db.session.add(view_challenges_unregistered)
db.session.add(prevent_registration)
db.session.add(css)
db.session.add(setup)
db.session.commit()
app.setup = False
return redirect('/')
print(session.get('nonce'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect('/')
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not utils.is_setup():
if not session.get('nonce'):
session['nonce'] = utils.sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = utils.set_config('ctf_name', ctf_name)
# CSS
css = utils.set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
# Index page
index = """<div class="row">
<div class="col-md-12">
<img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.png" />
<br>
<h3 class="text-center">
<div style='font-size:0;'>
<div style='width:100%; margin:0 auto 0 auto; text-align:center; display:inline-block;'>
<a href='https://interferencias.tech/'><img src='themes/core/static/img/interferencias.png' height="200px" alt='Logo Interferencias'></a>
<a href='http://www.hackingdesdecero.org/'><img src='themes/core/static/img/hdc.png' height="190px" alt='Logo HDC'></a>
</div>
</div>
</h3>
</div>
</div>""".format(request.script_root)
page = Pages(title=None, route='index', html=index, draft=False)
# max attempts per challenge
max_tries = utils.set_config('max_tries', 0)
# Start time
start = utils.set_config('start', None)
end = utils.set_config('end', None)
freeze = utils.set_config('freeze', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = utils.set_config(
'view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = utils.set_config('prevent_registration',
None)
# Verify emails
verify_emails = utils.set_config('verify_emails', None)
mail_server = utils.set_config('mail_server', None)
mail_port = utils.set_config('mail_port', None)
mail_tls = utils.set_config('mail_tls', None)
mail_ssl = utils.set_config('mail_ssl', None)
mail_username = utils.set_config('mail_username', None)
mail_password = utils.set_config('mail_password', None)
mail_useauth = utils.set_config('mail_useauth', None)
setup = utils.set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
session['username'] = admin.name
session['id'] = admin.id
session['admin'] = admin.admin
session['nonce'] = utils.sha512(os.urandom(10))
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not utils.is_setup():
if not session.get('nonce'):
session['nonce'] = utils.sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = utils.set_config('ctf_name', ctf_name)
# CSS
css = utils.set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password, '', '')
admin.admin = True
admin.banned = True
# Index page
index = """<div class="row">
<div class="col-md-6 offset-md-3">
<img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.jpg" />
<h3 class="text-center">
一个正经的CTF平台
</h3>
<br>
</div>
</div>""".format(request.script_root)
page = Pages(title=None, route='index', html=index, draft=False)
# max attempts per challenge
max_tries = utils.set_config('max_tries', 0)
# Start time
start = utils.set_config('start', None)
end = utils.set_config('end', None)
freeze = utils.set_config('freeze', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = utils.set_config(
'view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = utils.set_config('prevent_registration',
None)
# Verify emails
verify_emails = utils.set_config('verify_emails', None)
mail_server = utils.set_config('mail_server', None)
mail_port = utils.set_config('mail_port', None)
mail_tls = utils.set_config('mail_tls', None)
mail_ssl = utils.set_config('mail_ssl', None)
mail_username = utils.set_config('mail_username', None)
mail_password = utils.set_config('mail_password', None)
mail_useauth = utils.set_config('mail_useauth', None)
setup = utils.set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
session['username'] = admin.name
session['id'] = admin.id
session['admin'] = admin.admin
session['nonce'] = utils.sha512(os.urandom(10))
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not utils.is_setup():
if not session.get('nonce'):
session['nonce'] = utils.sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = utils.set_config('ctf_name', ctf_name)
# CSS
css = utils.set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
# Index page
page = Pages(
'index', """<div class="container main-container">
<img class="logo" src="themes/original/static/img/logo.png" />
<h3 class="text-center">
<p>Demon CTF <a href="http://demonteam.org">demonteam.org</a></p>
</h3>
<br>
<h4 class="text-center">
<a href="admin">Click here</a> to login and setup your CTF
</h4>
</div>""".format(request.script_root))
# max attempts per challenge
max_tries = utils.set_config('max_tries', 0)
# Start time
start = utils.set_config('start', None)
end = utils.set_config('end', None)
freeze = utils.set_config('freeze', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = utils.set_config(
'view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = utils.set_config('prevent_registration',
None)
# Verify emails
verify_emails = utils.set_config('verify_emails', None)
mail_server = utils.set_config('mail_server', None)
mail_port = utils.set_config('mail_port', None)
mail_tls = utils.set_config('mail_tls', None)
mail_ssl = utils.set_config('mail_ssl', None)
mail_username = utils.set_config('mail_username', None)
mail_password = utils.set_config('mail_password', None)
mail_useauth = utils.set_config('mail_useauth', None)
setup = utils.set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
session['username'] = admin.name
session['id'] = admin.id
session['admin'] = admin.admin
session['nonce'] = utils.sha512(os.urandom(10))
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not utils.is_setup():
if not session.get('nonce'):
session['nonce'] = utils.sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = utils.set_config('ctf_name', ctf_name)
# CSS
css = utils.set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
# Index page
index = """<div class="row">
<style>
.col-container:after { content: ""; display: table; clear: both; }
.col { float: left; }
.clearfix::after {
content: "";
display: table;
clear: both;
}
.footer-nav{
float: left;
}
.logo{
float: right;
}
.footer-nav,
.footer-nav li{
display: inline;
}
</style>
<div class="col-md-6 offset-md-3">
<h1 class="text-center" style="padding-top: 10vh; font-size: 50px;">
<b>Haaukins</b>
</h1>
<p class="text-center">
A platform for Cyber Security Exercises
</p>
<p class="text-center">
Founded by <a href="http://danishcybersecurityclusters.dk/">Danish Cyber Security Clusters</a> and supported by
</p>
<a href="https://www.industriensfond.dk/">
<img class="w-100 mx-auto d-block" style="max-width: 300px; padding: 3vh 0 4vh 0;" src="/themes/core/static/img/logo_industrienfond.jpg">
</a>
<p class="text-center">
<p class="text-center">
Developed at <a href="http://es.aau.dk/">Aalborg University</a> (Department of Electronic Systems) by:
</p>
<div class="col-container" style="margin-top: 40px;">
<div class="col" style="width: 40%">
<img src="/themes/core/static/img/haaukins_logo_blue240px.png" style="margin-left: 20px; max-width: 170px;">
</div>
<div class="col" style="width: 60%; font-size:14px;">
<p><a href="https://mrturkmen.com">Ahmet Turkmen</a> (Research Assistant)</p>
<p><a href="https://github.com/eyJhb">Gian Marco Mennecozzi</a> (Research Assistant)</p>
<p><a href="https://github.com/kdhageman">Kaspar Hageman</a> (Ph.D. Student)</p>
<p><a href="https://github.com/tpanum">Thomas Kobber Panum</a> (Ph.D. Student)</p>
<p><a href="https://github.com/eyJhb">Johan Hempel Bengtson</a> (Student Helper)</p>
</div>
</div>
</p>
<div class="card-deck py-4">
<div class="card">
<div class="card-body">
<h5 class="card-title">Tips and tricks</h5>
<div class="card-text">
Stuck at a certain challenge? Or do you just want to know more about a certain topic?
</div>
</div>
<div class="card-footer">
<a href="https://aau-network-security.github.io/tips-and-tricks/" target="_blank">Vist the tips & tricks page</a>
</div>
</div>
<div class="card">
<div class="card-body">
<h5 class="card-title">Survey</h5>
<p>You can help us improve the platform by taking our survey to let us know about your experiences!</p>
</div>
<div class="card-footer">
<a href="https://www.survey-xact.dk/LinkCollector?key=KDRVSTDJJN15" target="_blank">Fill out the survey here</a>
</div>
</div>
</div>
<p class="text-center">
Feel free to join our local Facebook Group:
</p>
<p class="text-center">
<a href="https://www.facebook.com/groups/957517617737780"><i class="fab fa-facebook" aria-hidden="true"></i> AAU Hackers & Friends</a>
</p>
<div class="container">
<footer>
<ul class="footer-nav">
<li><a href="https://eadania.dk/"> <img src="/themes/core/static/img/da-90.png" style= "width:90px; height:75px;" ></a></li>
<li><a href="https://www.dtu.dk/"><img src="/themes/core/static/img/dtu-90.png" style= "width:90px; height:75px;"></a></li>
<li><a href="https://kea.dk/"> <img src="/themes/core/static/img/kea-90.jpg" style= "width:90px; height:75px;" ></a></li>
<li><a href="https://happy42.dk/"> <img src="/themes/core/static/img/happy-90.png" style= "width:90px; height:75px;" ></a></li>
<li><a href="https://www.eaaa.dk/"><img src="/themes/core/static/img/eaa-90.png" style= "width:90px; height:75px;"></a></li>
</ul>
</footer>
</div>
</div>
</div>"""
page = Pages(title=None, route='index', html=index, draft=False)
# max attempts per challenge
max_tries = utils.set_config('max_tries', 0)
# Start time
start = utils.set_config('start', None)
end = utils.set_config('end', None)
freeze = utils.set_config('freeze', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = utils.set_config(
'view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = utils.set_config('prevent_registration',
None)
# Verify emails
verify_emails = utils.set_config('verify_emails', None)
mail_server = utils.set_config('mail_server', None)
mail_port = utils.set_config('mail_port', None)
mail_tls = utils.set_config('mail_tls', None)
mail_ssl = utils.set_config('mail_ssl', None)
mail_username = utils.set_config('mail_username', None)
mail_password = utils.set_config('mail_password', None)
mail_useauth = utils.set_config('mail_useauth', None)
setup = utils.set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
session['username'] = admin.name
session['id'] = admin.id
session['admin'] = admin.admin
session['nonce'] = utils.sha512(os.urandom(10))
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not utils.is_setup():
if not session.get('nonce'):
session['nonce'] = utils.sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = utils.set_config('ctf_name', ctf_name)
# CSS
css = utils.set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
# Index page
index = """<div class="row">
<div class="intro">
<img width=30 src="themes/arg/static/img/logo.png" />
<br>
<br>
<p>
the console will set you free
</p>
<script>
console_message('ef98fe223e630bbb82dd9c41323e3290')
</script>
<br>
</div>
</div>""".format(request.script_root)
page = Pages(title=None, route='index', html=index, draft=False)
# max attempts per challenge
max_tries = utils.set_config('max_tries', 0)
# Start time
start = utils.set_config('start', None)
end = utils.set_config('end', None)
freeze = utils.set_config('freeze', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = utils.set_config(
'view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = utils.set_config('prevent_registration',
None)
# Verify emails
verify_emails = utils.set_config('verify_emails', None)
mail_server = utils.set_config('mail_server', None)
mail_port = utils.set_config('mail_port', None)
mail_tls = utils.set_config('mail_tls', None)
mail_ssl = utils.set_config('mail_ssl', None)
mail_username = utils.set_config('mail_username', None)
mail_password = utils.set_config('mail_password', None)
mail_useauth = utils.set_config('mail_useauth', None)
setup = utils.set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
session['username'] = admin.name
session['id'] = admin.id
session['admin'] = admin.admin
session['nonce'] = utils.sha512(os.urandom(10))
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = set_config('ctf_name', ctf_name)
## CSS
css = set_config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
## Index page
page = Pages(
'index', """<div class="container main-container">
<img class="logo" src="{0}/static/original/img/logo.png" />
<h3 class="text-center">
Welcome to a cool CTF framework written by <a href="https://github.com/ColdHeat">Kevin Chung</a> of <a href="https://github.com/isislab">@isislab</a>
</h3>
<h4 class="text-center">
<a href="{0}/admin">Click here</a> to login and setup your CTF
</h4>
</div>""".format(request.script_root))
#max attempts per challenge
max_tries = set_config("max_tries", 0)
## Start time
start = set_config('start', None)
end = set_config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = set_config(
'view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = set_config('prevent_registration', None)
## Verify emails
verify_emails = set_config('verify_emails', None)
mail_server = set_config('mail_server', None)
mail_port = set_config('mail_port', None)
mail_tls = set_config('mail_tls', None)
mail_ssl = set_config('mail_ssl', None)
mail_username = set_config('mail_username', None)
mail_password = set_config('mail_password', None)
setup = set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not is_setup():
if not session.get('nonce'):
session['nonce'] = sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = set_config('ctf_name', ctf_name)
## CSS
css = set_config('start', '')
## Admin user
name = request.form['name']
email = request.form['email']
schoolCode = '12345'
password = request.form['password']
admin = Teams(name, email, schoolCode, password)
admin.admin = True
admin.banned = True
## Index page
page = Pages('index', """<div class="container main-container">
<img class="logo" src="/static/img/logo.png" />
<h3 class="text-center">
Welcome to the <span class="main-name">NeverLAN CTF</span>
</h3>
<h4 class="text-center">
<a href="/login">Click here</a> to login or <a href="/register">here</a> to register
</h4>
</div>""")
#max attempts per challenge
max_tries = set_config("max_tries",0)
## Start time
start = set_config('start', None)
end = set_config('end', None)
## Challenges cannot be viewed by unregistered users
view_challenges_unregistered = set_config('view_challenges_unregistered', None)
## Allow/Disallow registration
prevent_registration = set_config('prevent_registration', None)
## Verify emails
verify_emails = set_config('verify_emails', None)
mail_server = set_config('mail_server', None)
mail_port = set_config('mail_port', None)
mail_tls = set_config('mail_tls', None)
mail_ssl = set_config('mail_ssl', None)
mail_username = set_config('mail_username', None)
mail_password = set_config('mail_password', None)
setup = set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
app.setup = False
return redirect('/')
return render_template('setup.html', nonce=session.get('nonce'))
return redirect('/')
def setup():
# with app.app_context():
# admin = Teams.query.filter_by(admin=True).first()
if not utils.is_setup():
if not session.get('nonce'):
session['nonce'] = utils.sha512(os.urandom(10))
if request.method == 'POST':
ctf_name = request.form['ctf_name']
ctf_name = utils.set_config('ctf_name', ctf_name)
# CSS
css = utils.set_config('start', '')
# Admin user
name = request.form['name']
email = request.form['email']
password = request.form['password']
admin = Teams(name, email, password)
admin.admin = True
admin.banned = True
# Index page
page = Pages('index', """<div class="container main-container">
<img class="logo" src="themes/original/static/img/logo.png" />
<h3 class="text-center">
<p>A cool CTF platform from <a href="https://ctfd.io">ctfd.io</a></p>
<p>Follow us on social media:</p>
<a href="https://twitter.com/ctfdio"><i class="fa fa-twitter fa-2x" aria-hidden="true"></i></a>
<a href="https://facebook.com/ctfdio"><i class="fa fa-facebook-official fa-2x" aria-hidden="true"></i></a>
<a href="https://github.com/ctfd"><i class="fa fa-github fa-2x" aria-hidden="true"></i></a>
</h3>
<br>
<h4 class="text-center">
<a href="admin">Click here</a> to login and setup your CTF
</h4>
</div>""".format(request.script_root))
# max attempts per challenge
max_tries = utils.set_config('max_tries', 0)
# Start time
start = utils.set_config('start', None)
end = utils.set_config('end', None)
freeze = utils.set_config('freeze', None)
# Challenges cannot be viewed by unregistered users
view_challenges_unregistered = utils.set_config('view_challenges_unregistered', None)
# Allow/Disallow registration
prevent_registration = utils.set_config('prevent_registration', None)
# Verify emails
verify_emails = utils.set_config('verify_emails', None)
mail_server = utils.set_config('mail_server', None)
mail_port = utils.set_config('mail_port', None)
mail_tls = utils.set_config('mail_tls', None)
mail_ssl = utils.set_config('mail_ssl', None)
mail_username = utils.set_config('mail_username', None)
mail_password = utils.set_config('mail_password', None)
setup = utils.set_config('setup', True)
db.session.add(page)
db.session.add(admin)
db.session.commit()
session['username'] = admin.name
session['id'] = admin.id
session['admin'] = admin.admin
session['nonce'] = utils.sha512(os.urandom(10))
db.session.close()
app.setup = False
with app.app_context():
cache.clear()
return redirect(url_for('views.static_html'))
return render_template('setup.html', nonce=session.get('nonce'))
return redirect(url_for('views.static_html'))