def test_old_flag(self):
timestamp = int(time.time() - 12)
test_flag = flag.generate(12,
13,
b'secret',
'FLAGPREFIX-',
timestamp=timestamp)
with self.assertRaises(flag.FlagExpired):
flag.verify(test_flag, b'secret', 'FLAGPREFIX-')
def test_invalid_mac(self):
test_flag = flag.generate(12, 13, b'secret')
# Replace last character of the flag with a differnt one
chars = set("0123456789")
try:
chars.remove(test_flag[-1])
except KeyError:
pass
wrong_flag = test_flag[:-1] + random.choice(list(chars))
with self.assertRaises(flag.InvalidFlagMAC):
flag.verify(wrong_flag, b'secret')
def test_known_flags(self, time_mock):
expected_flags = [
'FAUST_XtS7wAAXDQ1BPIUAAAAAWz1i7pmtp/HY',
'FAUST_XuP+AAAXDfJgMq8AAAAA347vpisJsQcT',
'FAUST_XtS7wAAXDXBheWxvYWQxDcM2TNj0lCu7',
'FAUST_XuP+AAAXDXBheWxvYWQxmIKxwcEmDxQX',
'FAUST_XtS7wAAXDQ1BPIUAAAAAxR5C9S9LXgdi',
'FAUST_XuP+AAAXDfJgMq8AAAAAcqut7dVSvNOl',
'FAUST_XtS7wAAXDXBheWxvYWQxrwHKd/CNJgkB',
'FAUST_XuP+AAAXDXBheWxvYWQxn04LGjrQe4V8',
'FAUST_XtS7wAAXJTj0lH8AAAAArnmozMnyfMVb',
'FAUST_XuP+AAAXJcfVmlUAAAAAkUsJ65SCvAZW',
'FAUST_XtS7wAAXJXBheWxvYWQxIg0Sd0Ll06VT',
'FAUST_XuP+AAAXJXBheWxvYWQxGiKffkwjRTte',
'FAUST_XtS7wAAXJTj0lH8AAAAAUAFSjo0EF01t',
'FAUST_XuP+AAAXJcfVmlUAAAAAoeDpxI2QPjsv',
'FAUST_XtS7wAAXJXBheWxvYWQx+aIiPy4SC0+Q',
'FAUST_XuP+AAAXJXBheWxvYWQxYObaBlsWnmOE',
'FAUST_XtS7wAAqDWepdDsAAAAAfPNLsph2Jw8v',
'FAUST_XuP+AAAqDZiIehEAAAAA3Q30bTHWo1l9',
'FAUST_XtS7wAAqDXBheWxvYWQxLdYijGTcd2O3',
'FAUST_XuP+AAAqDXBheWxvYWQxsOqqEGk2u52r',
'FAUST_XtS7wAAqDWepdDsAAAAAhQontK+Uoy9h',
'FAUST_XuP+AAAqDZiIehEAAAAAYmCIMEQJotc4',
'FAUST_XtS7wAAqDXBheWxvYWQxvzsgxZioxnxY',
'FAUST_XuP+AAAqDXBheWxvYWQxLDqRTwxgE3yG',
'FAUST_XtS7wAAqJVIc3MEAAAAAdGtfQQkMd1VT',
'FAUST_XuP+AAAqJa090usAAAAAk+AN2kRqIVQs',
'FAUST_XtS7wAAqJXBheWxvYWQxjF+S/iA5tzxY',
'FAUST_XuP+AAAqJXBheWxvYWQxabGjcfYW9js/',
'FAUST_XtS7wAAqJVIc3MEAAAAAWUdMoH5KV/un',
'FAUST_XuP+AAAqJa090usAAAAAUeOaXaFLlwEj',
'FAUST_XtS7wAAqJXBheWxvYWQxFKDfL+/qydWm',
'FAUST_XuP+AAAqJXBheWxvYWQxzirUWWy6MwKe'
]
actual_flags = []
for team in (23, 42):
for service in (13, 37):
for secret in (b'secret1', b'secret2'):
for payload in (None, b'payload1'):
for timestamp in (1591000000, 1592000000):
actual_flag = flag.generate(
team, service, secret, 'FAUST_', payload,
timestamp)
actual_flags.append(actual_flag)
time_mock.return_value = timestamp - 5
actual_team, actual_service, actual_payload, actual_timestamp = \
flag.verify(actual_flag, secret, 'FAUST_')
self.assertEqual(actual_team, team)
self.assertEqual(actual_service, service)
if payload is not None:
self.assertEqual(actual_payload, payload)
self.assertEqual(actual_timestamp, timestamp)
self.assertEqual(actual_flags, expected_flags)
def _handle_flag(self):
if self.buffer == b'':
self._reply(b"418 I'm a teapot!")
return
if self.buffer == b'666':
self._reply(b"So this, then, was the kernel of the brute!")
return
now = datetime.datetime.now(tz=datetime.timezone.utc)
if now < self._conteststart:
self._reply(b"Contest didn't even start yet!")
return
if now > self._contestend:
self._reply(b"Contest already over!")
return
try:
curflag = self.buffer.decode('us-ascii')
except UnicodeDecodeError as e:
self._reply(u"Flags should be of the Format [-_a-zA-Z0-9]+".encode(
'utf-8'))
return
try:
protecting_team, service, _, timestamp = flag.verify(
curflag, self._secret)
except flag.InvalidFlagFormat:
self._reply(b"Flag not recognized")
return
except flag.InvalidFlagMAC:
self._reply(b"No such Flag")
return
except flag.FlagExpired as e:
self._reply(
(u"Flag expired since %.1f seconds" % e.args).encode('utf-8'))
return
if protecting_team == self.capturing_team:
self._reply(b"Can't submit a flag for your own team")
return
try:
result = self._store_capture(protecting_team, service, timestamp)
if result:
self._reply(u"Thank you for your submission!".encode('utf-8'))
except psycopg2.DatabaseError as psqle:
self._logger.exception(
"Error while inserting values into database")
self._logger.warning("%s: %s", psqle.diag.severity,
psqle.diag.message_primary)
self._logger.info(psqle.diag.internal_query)
self._reply(
u"Something went wrong with your submission!".encode('utf-8'))
def test_valid_flag(self):
payload = b'\x01\x02\x03\x04\x05\x06\x07\x08'
timestamp = int(time.time() + 12)
team = 12
service = 13
flag1 = flag.generate(team, service, b'secret', payload=payload, timestamp=timestamp)
team_, service_, payload_, timestamp_ = flag.verify(flag1, b'secret')
self.assertEqual(team, team_)
self.assertEqual(service, service_)
self.assertEqual(payload, payload_)
self.assertEqual(timestamp, timestamp_)
def _handle_flag(self):
now = datetime.datetime.now(tz=datetime.timezone.utc)
if now < self._conteststart:
self._reply(b"ERR game not running")
return
if now > self._contestend:
self._reply(b"ERR game not running")
return
try:
curflag = self.buffer.decode('us-ascii')
except UnicodeDecodeError as e:
self._reply(b"ERR invalid flag format")
return
try:
team, service, _, timestamp = flag.verify(curflag, self._secret)
except flag.InvalidFlagFormat:
self._reply(b"ERR invalid flag format")
return
except flag.InvalidFlagMAC:
self._reply(b"ERR unknown flag")
return
except flag.FlagExpired as e:
self._reply(b"ERR flag too old")
return
if team == self.team:
self._reply(b"ERR your own flag")
return
try:
result = self._store_capture(team, service, timestamp)
if result:
self._reply(b"OK thank you for reporting this data leak!")
except psycopg2.DatabaseError as psqle:
self._logger.exception(
"Error while inserting values into database")
self._logger.warning("%s: %s", psqle.diag.severity,
psqle.diag.message_primary)
self._logger.info(psqle.diag.internal_query)
self._reply(b"ERR internal error")
def test_invalid_format(self):
with self.assertRaises(flag.InvalidFlagFormat):
flag.verify('ABC123', b'secret')