def register():
form = RegisterForm(request.form)
error = None
if request.method == "POST":
if 'name' in request.form and 'password' in request.form:
User.query.all()
user = User.query.filter_by(user_name=request.form['name']).first()
if user is None:
uid = uuid4()
# Create User
new_user = User(request.form['name'], request.form['password'], 'Alice', 'Anonymous', 'iDont Facegood, literally iDont Even. lol! #6443_EXAM_MEME', str(uid) )
User.register_user(new_user)
# Create User Mailbox
mailbox_name = b64encode(bytes(str(uid), 'utf-8')).decode('utf-8')
filepath = os.path.join(current_app.config.get("APP_BASE_DIR"), mailbox_name + ".txt")
fp = open(filepath, "wb")
fp.close()
greeting = "Welcome to Facegood, {}. I am Noone.".format(new_user.user_name)
greet_msg = Message(current_app.config.get("GREETER"), str(uid), greeting)
greet_msg.send_msg()
flash('Registration Successful')
return redirect('/login')
# Create Pubkey File Name
# Create Privkey File Name
# Generate Keypair
else:
error = "User already exists."
return render_template('forms/register.html', form=form, err=error)
def populate_db(app):
with app.app_context():
if len(User.query.all()) > 0:
return
users = [
('noone', 'noone_can_know', 'noone', 'dodgy',
'Im not who you are looking for',
'4badd00d-d11d-4bad-1dea-c001fac3db01', 1),
('admin', 'noone_can_know', 'noone', 'dodgy',
'Im not who you are looking for',
'4badd01d-d11d-4bad-1dea-c001fac3db01', 2),
('Sketch', 'temporary', 'Someone', 'Sketchy',
'Salutations, friend.', 'defec7ed-c001-face-d00d-313333333337',
1337),
# removed flag beyond spec
# ('ENUMFLAG{f1nD1nG_bUrIeD_tReAsUrE}', 'temporary', 'Ooops!', 'My', "u R hired. grats Worth nothing.", '64436443-6443-6443-6443-644364436443', 6443),
('4dm1ni5trator', 'temporary', 'Damo', 'Daz',
app.config.get("FLAG1"), '94476441-6443-9242-6445-c001fac3d00d',
9447),
('Carey', 'temporary', 'Carey', 'Spice', '*crickets*',
'01010101-0101-0101-0101-010101010101', 13337),
]
for user in users:
new_user = User(*user)
db.session.add(new_user)
db.session.commit()
ADMIN = current_app.config.get("ADMIN")
GREETER = current_app.config.get("GREETER")
a = User.query.filter_by(user_name='4dm1ni5trator').first()
n = User.query.filter_by(user_name='noone').first()
if a is not None:
# Set and touch admin mailbox.
a.change_password('administrator')
mailbox_name = b64encode(bytes(ADMIN, 'utf-8')).decode('utf-8')
mailbox_path = os.path.join(current_app.config.get("APP_BASE_DIR"),
'mailbox', mailbox_name + '.txt')
fp = open(mailbox_path, "wb")
fp.close()
else:
print("shit")
raise (NameError("Failed"))
new_msg = Message(ADMIN, GREETER,
'Greeter, can you give me the flag?.')
success = new_msg.send_msg()
new_msg = Message(GREETER, ADMIN, 'Noone is the boss of me.')
success = new_msg.send_msg()
new_msg = Message(ADMIN, GREETER, "Fine, I'll send it to myself then!")
success = new_msg.send_msg()
new_msg = Message(ADMIN, ADMIN, 'flag{411_53e1ng_eYe}')
success = new_msg.send_msg()
def send_message():
# Kickout Scrubs
if not session.get('logged_in'):
return redirect('/')
name = session['user_name']
User.query.all()
src_user = User.query.filter_by(id=int(request.form['src'])).first()
if src_user is None:
flash("User mailbox not found")
return redirect('/')
src_mailbox = src_user.user_mailbox
mailkey = b64encode(bytes(str(src_mailbox), 'utf-8')).decode('utf-8')
# Check target is valid
target = request.form['mailbox']
dst_user = User.query.filter_by(user_mailbox=target).first()
if dst_user is None:
flash("User mailbox not found")
return redirect('/message/history?v=' + mailkey)
dst_mailbox = dst_user.user_mailbox
message = request.form.get("message", '')
if src_user.id == 9447:
message = 'flag{f0reVa_Al0ne}'
src_mailbox = dst_mailbox
# Craft the message and send it.
new_msg = Message(src_mailbox, dst_mailbox, message)
success = new_msg.send_msg()
if not success:
flash("Message failed to send")
return redirect('/message/history?v=' + mailkey)
else:
# Success
return redirect('/message/history?v=' + mailkey)