def add_test_or_crash(args): p = subprocess.Popen([shellphish_qemu.qemu_path('cgc-base'), args.cb], stdin=subprocess.PIPE) p.poll() test = "" if args.batch: test = sys.stdin.read() p.communicate(test) else: try: while p.returncode is None: r, _, _ = select([sys.stdin], [], [], 0.05) if r is not None: b = sys.stdin.read(1) test += b p.stdin.write(b) p.poll() except KeyboardInterrupt: p.returncode = 0 except IOError: p.returncode = 1 if p.returncode == 0: print "Finished test, inserting now..." cs = CS.select().where(CS.name == args.cs) # first we have to make a fake job job = Job.create(cs=cs, completed_at=datetime.datetime.now(), worker="garbage") Test.create(cs=cs, job=job, blob=test) print "Test inserted!" else: print "Found a crash, inserting now..." qc = QuickCrash(args.cb, test) print "appears to be of type " + qc.kind print "cs = " + args.cs cs = CS.select().where(CS.name == args.cs) # first we have to make a fake job job = Job.create(cs=cs, completed_at=datetime.datetime.now(), worker="garbage") Crash.create(cs=cs, job=job, blob=test, kind=qc.kind) print "Crash inserted!"
def upload_cbns(args): cs = CS.select().where(CS.name == args.cs) patch_type, _ = PT.get_or_create(name="manual", functionality_risk=1.0, exploitability=0.0) cbns = [] for patched_file in args.patched_files: with open(patched_file) as f: content = f.read() try: cbn = CBN.create(cs=cs, blob=content, name=patched_file, patch_type=patch_type) except peewee.IntegrityError: print "CBN already exists. Fetching." cbn = CBN.select().where(CBN.name == args.patched_file, CBN.cs == cs, CBN.blob == content) cbns.append(cbn) if args.field: ids = IDSRule.get_or_create(cs=target_cs, rules='') CSSubmissionCable.get_or_create(cs=target_cs, cbns=cbns, ids=ids, round=Round.current_round()) if args.eF is not None and args.eT is not None and args.eM is not None and cbn.patch_type is not None: perf_score = { 'score': { 'ref': { 'task_clock': 1.0, 'rss': 1.0, 'flt': 1.0, 'file_size': 1.0 }, 'rep': { 'task_clock': args.eT, 'file_size': args.size_overhead, 'rss': args.eM, 'flt': args.eM, } } } PS.create(cs=cs, perf_score=perf_score, patch_type=cbn.patch_type, has_failed_polls=args.eF != 0, failed_polls=args.eF) if args.pT is not None and args.pM is not None and args.pS is not None: csf.poll_feedback = PF.create(cs=cs, round_id=Round.current_round().id, success=args.pS, time_overhead=args.pT, memory_overhead=args.pM, size_overhead=args.size_overhead) csf.save()
def insert_test(args): cs = CS.select().where(CS.name == args.cs) test = args.test.read() # first we have to make a fake job job = Job.create(cs=cs, completed_at=datetime.datetime.now(), worker="garbage") Test.create(cs=cs, job=job, blob=test)
def test_get_or_create(self): assert_equals(len(ChallengeSet.select()), 0) r1 = Round.create(num=0) cs1, _ = ChallengeSet.get_or_create(name="foo") cs2, _ = ChallengeSet.get_or_create(name="foo") cs3, _ = ChallengeSet.get_or_create(name="bar") for cs in [cs1, cs2, cs3]: cs.rounds = [r1.id] assert_equals(len(ChallengeSet.select()), 2) assert_equals(cs2.id, cs1.id) assert_not_equals(cs3.id, cs1.id) cs3.delete_instance(recursive=True) cs2.delete_instance(recursive=True) cs1.delete_instance(recursive=True) r1.delete_instance(recursive=True) ChallengeSet._meta.database.commit()
def insert_crash(args): cs = CS.select().where(CS.name == args.cs) test = args.crash.read() kind = args.crash_kind # first we have to make a fake job job = Job.create(cs=cs, completed_at=datetime.datetime.now(), worker="garbage") Crash.create(cs=cs, kind=kind, job=job, blob=test)
def field_cbns(args): cs = CS.select().where(CS.name == args.cs) # i know i could use one query for this, but then we might get duplicate CBNs and more than we want cbns = [ CBN.get(CBN.cs == cs, CBN.sha256 == sha) for sha in args.patched_shas ] ids, _ = IDSRule.get_or_create(cs=cs, rules='') CSSubmissionCable.get_or_create(cs=cs, cbns=cbns, ids=ids, round=Round.current_round())
def create_round(args): if not len(args.challenge_sets): fielded = [cs.name for cs in CS.fielded_in_round()] else: fielded = args.challenge_sets new_round = Round.create( num=args.number if args.number is not None else Round.current_round() + 1) for f in fielded: cs = CS.select().where(CS.name == f).get() CSF.create(cs=cs, team=Team.get_our(), available_round=new_round)
def single_cb_challenge_sets(self, round_=None): """Return the list of single-cb challenge sets that are active in a round. :keyword round_: The round number for which the binaries should be returned (default: current round). """ csids = [ cbn.cs.id for cbn in self.cbns(round_) if not cbn.cs.is_multi_cbn ] if csids: return ChallengeSet.select().where(ChallengeSet.id << csids) else: return []
def list_patches(args): wanted_fields = (CBN.name, CBN.size, CBN.sha256, CBN.patch_type, CBN.is_blacklisted) q = CBN.select(*wanted_fields) if args.cs is not None: cs = CS.select().where(CS.name == args.cs) for patch in q.where(CBN.cs == cs): print format_patch(patch) else: for cs in CS.fielded_in_round(): print "CS {}:".format(cs.name) for patch in q.where(CBN.cs == cs): print format_patch(patch) print ""
def upload_exploit(args): cs = CS.select().where(CS.name == args.cs) exploit = args.exploit.read() source = args.source.read() if args.source is not None else None # first we have to make a fake job job = Job.create(cs=cs, completed_at=datetime.datetime.now(), worker="garbage") # now actually add the exploit Exploit.create(cs=cs, job=job, blob=exploit, pov_type=args.type, method=args.method, reliability=args.reliability, c_code=source)