def login(self):
name = self.state['model'].get_new_login()
self.write('login ' + name + '\n')
var = Variable('token' + str(self.state['model'].get_new_variable()))
var.set_re('.*')
self.state['model'].set_variable(name, var)
self.read(delim='\n', assign=var)
self.read(delim='\n', expect=self.SUCCESS)
def test_variable(self):
with self.assertRaises(TypeError):
Variable()
with self.assertRaises(AssertionError):
Variable('!')
x = Variable('foo')
# can't 'set' without defining the value to set
with self.assertRaises(AssertionError):
x.get_set()
# can't 'read' without defining what to read
with self.assertRaises(AssertionError):
x.get_read()
# can't 'write' until value has been set
with self.assertRaises(AssertionError):
x.get_write()
with self.assertRaises(AssertionError):
x.set_re(None)
x.set_re('(.*)')
self.assertEquals(
x.get_read(), '<assign> <var>foo</var> '
'<pcre>(.*)</pcre> </assign>')
x.set_value('hi')
with self.assertRaises(AssertionError):
x.get_read()
self.assertEquals(
x.get_set(), '<decl> <var>foo</var> '
'<value> <data>hi</data> </value> </decl>')
with self.assertRaises(AssertionError):
x.set_slice("1")
with self.assertRaises(AssertionError):
x.set_slice(0, "1")
x.set_slice(0)
self.assertEquals(
x.get_read(), '<assign> <var>foo</var> <slice '
'begin="0" /> </assign>')
x.set_slice(1, 2)
self.assertEquals(
x.get_read(), '<assign> <var>foo</var> <slice '
'begin="1" end="2" /> </assign>')
self.assertEquals(x.get_write(), '<var>foo</var>')
def cmd_auth(self):
cmd = struct.pack('<b16s', CMD_AUTH, self.state['g_mkey'])
cmd = struct.pack('<I', len(cmd)) + cmd
self.write(cmd)
skey = Variable('skey')
skey.set_re('(.*)')
self.read(length=1, expect='\x00')
self.read(length=4, expect=struct.pack('<I', 16))
self.read(length=16, assign=skey)
self.state['g_session_key'] = skey
self.state['g_auth'] = 3
def request_resource_wrong_token_failure(self):
auth_val = Variable('authval')
if len(filter(lambda x: x[1], self.users)) == 0:
self.auth_success_with_auth_val()
user = random.choice(filter(lambda x: x[1], self.users))
user_id_str = pack('l', user[0][0])
resource = random.choice(user[1])
self.write("REQR" + user_id_str + self.token + resource[0] + '\x07')
regex_str = 'Authentication failed for resource %s(.*)\x0a' % resource[0]
auth_val.set_re(regex_str, group=1)
self.read(delim="\n", assign=auth_val)
self.read(delim="\n", expect = "Please re-authenticate.\n")
def request_success(self):
my_token = Variable('token')
if len(filter(lambda x: x[1], self.users)) == 0:
self.auth_success_with_auth_val()
user = random.choice(filter(lambda x: x[1], self.users))
user_id_str = pack('l', user[0][0])
resource = random.choice(user[1])
self.write("REQR" + user_id_str)
self.write(resource[1])
self.write(resource[0] + '\x07')
regex_str = 'Access to %s is granted!(.*)\x0a' % resource[0]
my_token.set_re(regex_str, group=1)
self.read(delim="\n", assign=my_token)
def request_success(self):
my_token = Variable('token')
if len(filter(lambda x: x[1], self.users)) == 0:
self.auth_success_with_auth_val()
user = random.choice(filter(lambda x: x[1], self.users))
user_id_str = pack('l', user[0][0])
resource = random.choice(user[1])
self.write("REQR" + user_id_str)
self.write(resource[1])
self.write(resource[0] + '\x07')
regex_str = 'Access to %s is granted!(.*)\x0a' % resource[0]
my_token.set_re(regex_str, group=1)
self.read(delim="\n", assign=my_token)
def request_resource_wrong_token_failure(self):
auth_val = Variable('authval')
if len(filter(lambda x: x[1], self.users)) == 0:
self.auth_success_with_auth_val()
user = random.choice(filter(lambda x: x[1], self.users))
user_id_str = pack('l', user[0][0])
resource = random.choice(user[1])
self.write("REQR" + user_id_str + self.token + resource[0] + '\x07')
regex_str = 'Authentication failed for resource %s(.*)\x0a' % resource[
0]
auth_val.set_re(regex_str, group=1)
self.read(delim="\n", assign=auth_val)
self.read(delim="\n", expect="Please re-authenticate.\n")
def test_variable(self):
with self.assertRaises(TypeError):
Variable()
with self.assertRaises(AssertionError):
Variable('!')
x = Variable('foo')
# can't 'set' without defining the value to set
with self.assertRaises(AssertionError):
x.get_set()
# can't 'read' without defining what to read
with self.assertRaises(AssertionError):
x.get_read()
# can't 'write' until value has been set
with self.assertRaises(AssertionError):
x.get_write()
with self.assertRaises(AssertionError):
x.set_re(None)
x.set_re('(.*)')
self.assertEquals(x.get_read(), '<assign> <var>foo</var> '
'<pcre>(.*)</pcre> </assign>')
x.set_value('hi')
with self.assertRaises(AssertionError):
x.get_read()
self.assertEquals(x.get_set(), '<decl> <var>foo</var> '
'<value> <data>hi</data> </value> </decl>')
with self.assertRaises(AssertionError):
x.set_slice("1")
with self.assertRaises(AssertionError):
x.set_slice(0, "1")
x.set_slice(0)
self.assertEquals(x.get_read(), '<assign> <var>foo</var> <slice '
'begin="0" /> </assign>')
x.set_slice(1, 2)
self.assertEquals(x.get_read(), '<assign> <var>foo</var> <slice '
'begin="1" end="2" /> </assign>')
self.assertEquals(x.get_write(), '<var>foo</var>')
def auth_failure_new_user(self):
user_id = random.randint(2,100000)
while Counter(elem[0][0] for elem in self.users)[user_id] > 0:
user_id = random.randint(2,100000)
user_id_str = pack('l', user_id)
varname = "user"+str(user_id)
variable = Variable(varname)
user_item = [user_id, variable]
self.users.append([user_item, []])
resource = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(10))
self.write("AUTH" + user_id_str + self.token + resource + '\x07')
regex_str = 'Authentication failed for resource %s(.*)\x0a' % resource
variable.set_re(regex_str, group=1)
self.read(delim="\n", assign=variable)
def auth_success_with_auth_val(self):
user = random.choice(self.users)
user_id_str = pack('l', user[0][0])
resource = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(9))
varname = resource+str(user[0][0])
variable = Variable(varname)
resource_item = [resource, variable]
user[1].append(resource_item)
self.write("AUTH" + user_id_str)
self.write(user[0][1])
self.write(resource + '\x07')
regex_str = 'Access to %s is granted!(.*)\x0a' % resource
variable.set_re(regex_str, group=1)
self.read(delim="\n", assign=variable)
class Router(Actions):
def start(self):
self.username = random.choice(users)
self.uid = Variable('uid')
self.uid.set_re("HELLO " + self.username + " YOUR UID IS ([a-f0-9]+) HOW CAN I HELP YOU\\n", group=1)
def say_hi_good(self):
self.write("HELLO I AM " + self.username + "\n")
self.read(delim='\n', assign=self.uid)
def say_hi_bad(self):
self.write("HI I AM " + self.username + "\n")
self.read(delim='\n', expect="BAD CMD\n")
def get_page(self):
pass
def get_page_good(self):
s = random.choice(servers)
url = s + "/" + random.choice(pages[s])
self.write(self.uid)
self.write(" SAYS GET " + url + " PLEASE\n" )
self.read(delim=termDelim)
def get_page_bad(self):
bServer = random.randint(0,1)
s = random.choice(servers)
p = random.choice(pages[s])
if bServer :
s += ".test"
url = s + "/" + p + ".test"
self.write(self.uid)
self.write(" SAYS GET " + url + " PLEASE\n" )
if bServer :
self.read(delim='\n', expect="SERVER [" + s + "] NOT FOUND\n")
else :
self.read(delim=termDelim, expect=p + ".test : PAGE NOT FOUND\n" + termDelim)
def say_bye(self):
self.write("GOODBYE\n")
self.read(delim='\n', expect="GOODBYE\n")
def end(self):
pass
def start(self):
"""
Intialize state.
"""
self.state['credits'] = 0
# get a legal filename (for use in other functions)
self.write("SUP\n")
self.read(delim='\n', expect="here're your files, plebian:")
self.read(delim='\n', expect="----------------------------")
token = Variable('legalfilename')
token.set_re(r'([a-z]{16})')
self.read(delim='\r', assign=token)
self.state['filename'] = token
def pov2(self):
command = "newTokens"
auth_type = "UserPass"
id_str = "4175" #str(self.id)
user = "******"
password = "******"
credential = user + "/" + password
payload = "AAAABBBBCCCCDDDDAAAABBBBCCCCD"
body = "Use=" + payload
message = command + "," + auth_type + "," + id_str + "," + credential + "," + body + "!"
self.write(message)
flag_re = r'Token=[0-9]{8};Expiration=[0-9]*;Use=AAAABBBBCCCCDDDDAAAABBBBCCCCD\?(.*)'
flag = Variable('flag')
flag.set_re(flag_re, group=1)
self.read(length=104, assign=flag)
def _auth(self, channel):
command = "/auth/" + channel + "\n"
user = random.choice(self.users)
if channel is "FLAG":
password = self._getAdminPassword()
if len(user['subscriptions']) == 0:
user['password'] = password
else:
password = user['password']
args = ":" + user['name'] + ":" + password + "\n"
self.write(command)
self.write(user['token'])
self.write(args)
if channel not in user['subscriptions'].keys():
user['subscriptions'][channel] = {'deliveryType': "latest"}
user['subscriptions'][channel]['index'] = len(
self.channels[channel]['queue'])
self.channels[channel]['subscriptions'][user['name']] = {
'index': user['subscriptions'][channel]['index']
}
command = "/token/" + channel + "\n"
subscriptions_string = ''.join(key
for key in user['subscriptions'].keys())
args_regex = "0" + ":" + user['name'] + ":" + "([0-9a-f]{" + str(
len(subscriptions_string) * 2) + "})" + ":"
args_regex += ','.join(
key for key in reversed(user['subscriptions'].keys()))
args_regex += "\n"
signature = Variable('signature')
signature.set_re(args_regex, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=signature)
args1 = "0" + ":" + user['name'] + ":"
args3 = ":" + ','.join(
key for key in reversed(user['subscriptions'].keys())) + "\n"
self.write(command)
self.write(args1)
self.write(signature)
self.write(args3)
command = "/subscribe/" + channel + "\n"
deliveryType = user['subscriptions'][channel][
'deliveryType'] #random.choice(self.deliveryType)
token_name = user['name'] + "token"
token_re = "([0-9a-zA-Z]{9}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{3}):" + deliveryType + "\n"
user['token'] = Variable(token_name)
user['token'].set_re(token_re, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=user['token'])
def auth_success_with_auth_val(self):
user = random.choice(self.users)
user_id_str = pack('l', user[0][0])
resource = ''.join(
random.choice(string.ascii_letters + string.digits)
for _ in range(9))
varname = resource + str(user[0][0])
variable = Variable(varname)
resource_item = [resource, variable]
user[1].append(resource_item)
self.write("AUTH" + user_id_str)
self.write(user[0][1])
self.write(resource + '\x07')
regex_str = 'Access to %s is granted!(.*)\x0a' % resource
variable.set_re(regex_str, group=1)
self.read(delim="\n", assign=variable)
def auth_failure_new_user(self):
user_id = random.randint(2, 100000)
while Counter(elem[0][0] for elem in self.users)[user_id] > 0:
user_id = random.randint(2, 100000)
user_id_str = pack('l', user_id)
varname = "user" + str(user_id)
variable = Variable(varname)
user_item = [user_id, variable]
self.users.append([user_item, []])
resource = ''.join(
random.choice(string.ascii_letters + string.digits)
for _ in range(10))
self.write("AUTH" + user_id_str + self.token + resource + '\x07')
regex_str = 'Authentication failed for resource %s(.*)\x0a' % resource
variable.set_re(regex_str, group=1)
self.read(delim="\n", assign=variable)
def printStats(self):
self.write("6")
total = Variable('totalwon')
total.set_re("Total won: (\d+)")
self.read(delim="\n", assign=total)
self.read(delim="\n", expect="Total lost: \d+", expect_format='pcre')
self.read(delim="\n", expect="Equations solved correctly: {}".format(self.state['solveEquation_correct']), expect_format='pcre')
self.read(delim="\n", expect="Equations solved incorrectly: {}".format(self.state['solveEquation'] - self.state['solveEquation_correct']), expect_format='pcre')
self.read(delim="\n", expect="Equations created correctly: {}".format(self.state['createEquation_correct']), expect_format='pcre')
self.read(delim="\n", expect="Equations created incorrectly: {}".format(self.state['createEquation'] - self.state['createEquation_correct']), expect_format='pcre')
self.read(delim="\n", expect="Solved perimeter problems {}".format(self.state['solvePerimeter_correct']), expect_format='pcre')
self.read(delim="\n", expect="Unsolved perimeter problems {}".format(self.state['solvePerimeter'] - self.state['solvePerimeter_correct']), expect_format='pcre')
self.read(delim="\n", expect="Solved volume problems {}".format(self.state['solveVolume_correct']), expect_format='pcre')
self.read(delim="\n", expect="Unsolved volume problems {}".format(self.state['solveVolume'] - self.state['solveVolume_correct']), expect_format='pcre')
self.read(delim="\n", expect="Solved area problems {}".format(self.state['solveArea_correct']), expect_format='pcre')
self.read(delim="\n", expect="Unsolved area problems {}".format(self.state['solveArea'] - self.state['solveArea_correct']), expect_format='pcre')
def start(self):
"""
Intialize state.
"""
self.state['credits'] = 0
# get a legal filename (for use in other functions)
self.write("SUP\n")
self.read(
delim='\n',
expect="here're your files, plebian:")
self.read(
delim='\n',
expect="----------------------------")
token = Variable('legalfilename')
token.set_re(r'([a-z]{16})')
self.read(delim='\r', assign=token)
self.state['filename'] = token
def _rightWin(self):
length = random.randint(5,20)
name = ''.join(random.choice(string.ascii_letters) for _ in range(length))
eip = 'AAAA'
ebp = 'BBBB'
sled = '0'*42
#name = sled + ebp + eip
win_pcre = r'You found the treasure at position x:([0-9]*) y:([0-9]*) after ([0-9]*) moves\n'
self.user_id += 1
varname = "user"+str(self.user_id)
win = Variable(varname)
win.set_re(win_pcre, group=3)
self.write(self.state['right'])
self.write("\n")
self.read(delim="\n", assign=win)
move_pcre = r'Move list: (.*)\n'
self.read(delim="\n", expect=move_pcre, expect_format='pcre')
get_name_msg = "Please enter your name: "
self.read(length=len(get_name_msg), expect=get_name_msg)
self.highScores.append(dict(name=name, score=win))
self.write(name+"\n")
def _auth(self, channel):
command = "/auth/" + channel + "\n"
user = random.choice(self.users)
if channel is "FLAG":
password = self._getAdminPassword()
if len(user['subscriptions']) == 0:
user['password'] = password
else:
password = user['password']
args = ":" + user['name'] + ":" + password + "\n"
self.write(command)
self.write(user['token'])
self.write(args)
if channel not in user['subscriptions'].keys():
user['subscriptions'][channel] = {'deliveryType':"latest"}
user['subscriptions'][channel]['index'] = len(self.channels[channel]['queue'])
self.channels[channel]['subscriptions'][user['name']] = {'index': user['subscriptions'][channel]['index']}
command = "/token/" + channel + "\n"
subscriptions_string = ''.join(key for key in user['subscriptions'].keys())
args_regex = "0" + ":" + user['name'] + ":" + "([0-9a-f]{" + str(len(subscriptions_string)*2) + "})" + ":"
args_regex += ','.join(key for key in reversed(user['subscriptions'].keys()))
args_regex += "\n"
signature = Variable('signature')
signature.set_re(args_regex, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=signature)
args1 = "0" + ":" + user['name'] + ":"
args3 = ":" + ','.join(key for key in reversed(user['subscriptions'].keys())) + "\n"
self.write(command)
self.write(args1)
self.write(signature)
self.write(args3)
command = "/subscribe/" + channel + "\n"
deliveryType = user['subscriptions'][channel]['deliveryType'] #random.choice(self.deliveryType)
token_name = user['name'] + "token"
token_re = "([0-9a-zA-Z]{9}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{3}):" + deliveryType + "\n"
user['token'] = Variable(token_name)
user['token'].set_re(token_re, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=user['token'])
def POV1(self):
command = "/auth/FLAG\n"
args1 = "0:povuser:password\n"
self.write(command)
self.write(args1)
password_regex = '(.*)\n'
flagPassword = Variable('flagPassword')
flagPassword.set_re(password_regex, group=1)
self.read(delim="\n", assign=flagPassword)
args2 = "0:povuser:"******"\n")
command = "/token/FLAG\n"
subscriptions_string = "FLAG"
args_regex = "0:povuser:"******"([0-9a-f]{" + str(
len(subscriptions_string) * 2) + "})" + ":"
args_regex += "FLAG"
args_regex += "\n"
signature = Variable('signature')
signature.set_re(args_regex, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=signature)
args1 = "0:povuser:"******":FLAG\n"
self.write(command)
self.write(args1)
self.write(signature)
self.write(args3)
command = "/subscribe/FLAG\n"
token_re = "([0-9a-zA-Z]{9}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{3}):latest\n"
token = Variable("token")
token.set_re(token_re, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=token)
command = "/in/FLAG\n"
args = ":AAAAA:high\n"
self.write(command)
self.write(token)
self.write(args)
command = "/out/FLAG\n"
self.write(command)
self.write(token)
self.write(":end\n")
flag_re = "(.*)\n"
flag = Variable("flag")
flag.set_re(flag_re, group=1)
self.read(delim="\n", assign=flag)
def POV1(self):
command = "/auth/FLAG\n"
args1 = "0:povuser:password\n"
self.write(command)
self.write(args1)
password_regex = '(.*)\n'
flagPassword = Variable('flagPassword')
flagPassword.set_re(password_regex, group=1)
self.read(delim="\n", assign=flagPassword)
args2 = "0:povuser:"******"\n")
command = "/token/FLAG\n"
subscriptions_string = "FLAG"
args_regex = "0:povuser:"******"([0-9a-f]{" + str(len(subscriptions_string)*2) + "})" + ":"
args_regex += "FLAG"
args_regex += "\n"
signature = Variable('signature')
signature.set_re(args_regex, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=signature)
args1 = "0:povuser:"******":FLAG\n"
self.write(command)
self.write(args1)
self.write(signature)
self.write(args3)
command = "/subscribe/FLAG\n"
token_re = "([0-9a-zA-Z]{9}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{8}-[0-9a-zA-Z]{3}):latest\n"
token = Variable("token")
token.set_re(token_re, group=1)
self.read(delim="\n", expect=command)
self.read(delim="\n", assign=token)
command = "/in/FLAG\n"
args = ":AAAAA:high\n"
self.write(command)
self.write(token)
self.write(args)
command = "/out/FLAG\n"
self.write(command)
self.write(token)
self.write(":end\n")
flag_re = "(.*)\n"
flag = Variable("flag")
flag.set_re(flag_re, group=1)
self.read(delim="\n", assign=flag)
def start(self):
#self.delay(100)
self.magic_idx = 0
reg_ex = '(.*)\?'
certificate = Variable('certificate')
certificate.set_re(reg_ex, group=1)
self.state['certificate'] = certificate
self.state['token'] = ''
revoked_token = Variable('revokedToken')
revoked_token.set_re(reg_ex, group=1)
self.state['revoked_token'] = revoked_token
revoked_cert = Variable('revokedCert')
revoked_cert.set_re(reg_ex, group=1)
self.state['revoked_cert'] = revoked_cert
issuer = Variable('issuer')
reg_ex = "Issuer=(.*);"
issuer.set_re(reg_ex, group=1)
self.state['issuer'] = issuer
signature = Variable('signature')
self.state['signature'] = signature
expiration = Variable('expiration')
self.state['expiration'] = expiration
self.id = random.randint(1,10000)
pass
def attack1(self):
self.catchCriminalInCar()
self._getXInBoat()
self._getYInBoat()
self.x = 4
self.y = -1
moves = 0
criminalX_re = r'Criminal at \((-?\d+),'
criminalY_re = r' (-?\d+)\)\n'
criminalX = Variable('criminalX')
criminalY = Variable('criminalY')
criminalX.set_re(criminalX_re, group=1)
criminalY.set_re(criminalY_re, group=1)
#criminal_str = "Criminal at (" + str(self.x) + ", " + str(self.y) + ")\n"
#self.read(delim="\n", expect=criminal_str)
self.read(delim=",", assign=criminalX)
self.read(delim="\n", assign=criminalY)
move_str = self._makeMoveInBoat() + "#"
moves += 1
while moves < 100000:
while not self.harborMap[23 - self.y - 13][self.x + 10] == 1:
self._moveCriminalInBoat()
move_str += self._makeMoveInBoat() + "#"
moves += 1
self._moveCriminalInBoat()
move_str += self._moveLeftInBoat() + "#"
moves += 1
while not self.harborMap[23 - self.y - 13][self.x + 10] == 0:
self._moveCriminalInBoat()
move_str += self._makeMoveInBoat() + "#"
self.write(move_str)
caught_str = 'Criminal caught in ([0-9]*) moves\n'
self.read(delim="\n", expect=caught_str, expect_format='pcre')
flag_re = r'(.*)'
flag = Variable('flag')
flag.set_re(flag_re, group=1)
self.read(length=40, assign=flag)
class TemplateGenerator(Actions):
def start(self):
self.results = 0
self.result_xml = []
self.balance = random.randint(1, 20) * 2
self.purchase_song_sid = ""
self.price = 0
self.term = Variable('term')
self.attribute = Variable('attribute')
self.limit = Variable('limit')
self.songsLeft = self.balance
self.read(delim="\n", expect=r'ID=[A-z]{32}\n', expect_format='pcre')
self.write("BALANCE=" + str(self.balance) + "\x07")
def get_search(self):
self.results = random.randint(10, 100)
self.result_xml = []
self.purchase_song_sid = ""
self.price = 0
self.term.set_re(r'term=([A-z]*)&')
self.read(delim="&", assign=self.term)
self.attribute.set_re(r'attribute=([A-z]*)&')
self.read(delim="&", assign=self.attribute)
self.limit.set_re(r'limit=([0-9]*)\n')
self.read(delim="\n", assign=self.limit)
def create_artist_result(self):
if (self.results == 0):
return
price_val = 2
price = '&price=' + str(price_val)
sid = str(random.randint(1, 999999999))
if self.purchase_song_sid == "":
self.purchase_song_sid = sid + '\n'
self.price = price_val
sid = 'sid=' + sid
album_len = random.randint(1, 50)
album = ''.join(
random.choice(string.ascii_letters) for _ in range(album_len))
album = ''.join(['&album=', album])
song_len = random.randint(1, 50)
song = ''.join(
random.choice(string.ascii_letters) for _ in range(song_len))
song = ''.join(['&song=', song, '\x07'])
self.write(sid, price, '&artist=', self.term, album, song)
self.results -= 1
def create_album_result(self):
if (self.results == 0):
return
price_val = 2
price = '&price=' + str(price_val)
sid = str(random.randint(1, 999999999))
if self.purchase_song_sid == "":
self.purchase_song_sid = sid + '\n'
self.price = price_val
sid = 'sid=' + sid
artist_len = random.randint(1, 50)
artist = ''.join(
random.choice(string.ascii_letters) for _ in range(artist_len))
artist = ''.join(['&artist=', artist])
song_len = random.randint(1, 50)
song = ''.join(
random.choice(string.ascii_letters) for _ in range(song_len))
song = ''.join(['&song=', song, '\x07'])
self.write(sid, price, artist, '&album=', self.term, song)
self.results -= 1
def create_song_result(self):
if (self.results == 0):
return
price_val = 2
price = '&price=' + str(price_val)
sid = str(random.randint(1, 999999999))
if self.purchase_song_sid == "":
self.purchase_song_sid = sid + '\n'
self.price = price_val
sid = 'sid=' + sid
artist_len = random.randint(1, 50)
artist = ''.join(
random.choice(string.ascii_letters) for _ in range(artist_len))
artist = ''.join(['&artist=', artist])
album_len = random.randint(1, 50)
album = ''.join(
random.choice(string.ascii_letters) for _ in range(album_len))
album = ''.join(['&album=', album])
self.write(sid, price, artist, album, '&song=', self.term, '\x07')
self.results -= 1
def send_results(self):
while (self.results > 0):
self.create_artist_result()
def send_number(self):
self.write("NUMBER=" + str(self.results) + "\x07")
def purchase_song(self):
if self.songsLeft == 0:
pass
self.read(delim="\n", expect=self.purchase_song_sid)
self.balance -= self.price
self.songsLeft -= 1
self.write("BALANCE=" + str(self.balance) + "\x07")
if self.balance == 0:
self.quit()
def quit(self):
while (self.balance > 0 and self.songsLeft > 0):
self.get_search()
self.send_number()
self.create_artist_result()
self.send_results()
self.purchase_song()
return -1
class TemplateGenerator(Actions):
def start(self):
self.results = 0
self.result_xml = []
self.balance = random.randint(1,20)*2
self.purchase_song_sid = ""
self.price = 0
self.term = Variable('term')
self.attribute = Variable('attribute')
self.limit = Variable('limit')
self.songsLeft = self.balance
self.read(delim="\n",
expect=r'ID=[A-z]{32}\n',
expect_format='pcre')
self.write("BALANCE=" + str(self.balance) + "\x07")
def get_search(self):
self.results = random.randint(10,100)
self.result_xml = []
self.purchase_song_sid = ""
self.price = 0
self.term.set_re(r'term=([A-z]*)&')
self.read(delim="&", assign=self.term)
self.attribute.set_re(r'attribute=([A-z]*)&')
self.read(delim="&", assign=self.attribute)
self.limit.set_re(r'limit=([0-9]*)\n')
self.read(delim="\n", assign=self.limit)
def create_artist_result(self):
if(self.results == 0):
return
price_val = 2
price = '&price=' + str(price_val)
sid = str(random.randint(1,999999999))
if self.purchase_song_sid == "":
self.purchase_song_sid = sid + '\n'
self.price = price_val
sid = 'sid=' + sid
album_len = random.randint(1, 50)
album = ''.join(random.choice(string.ascii_letters) for _ in
range(album_len))
album = ''.join(['&album=',album])
song_len = random.randint(1, 50)
song = ''.join(random.choice(string.ascii_letters) for _ in
range(song_len))
song = ''.join(['&song=',song,'\x07'])
self.write(sid, price, '&artist=', self.term, album, song)
self.results-=1
def create_album_result(self):
if(self.results == 0):
return
price_val = 2
price = '&price=' + str(price_val)
sid = str(random.randint(1,999999999))
if self.purchase_song_sid == "":
self.purchase_song_sid = sid + '\n'
self.price = price_val
sid = 'sid=' + sid
artist_len = random.randint(1, 50)
artist = ''.join(random.choice(string.ascii_letters) for _ in
range(artist_len))
artist = ''.join(['&artist=',artist])
song_len = random.randint(1, 50)
song = ''.join(random.choice(string.ascii_letters) for _ in
range(song_len))
song = ''.join(['&song=',song,'\x07'])
self.write(sid, price, artist, '&album=', self.term, song)
self.results-=1
def create_song_result(self):
if(self.results == 0):
return
price_val = 2
price = '&price=' + str(price_val)
sid = str(random.randint(1,999999999))
if self.purchase_song_sid == "":
self.purchase_song_sid = sid + '\n'
self.price = price_val
sid = 'sid=' + sid
artist_len = random.randint(1, 50)
artist = ''.join(random.choice(string.ascii_letters) for _ in
range(artist_len))
artist = ''.join(['&artist=',artist])
album_len = random.randint(1, 50)
album = ''.join(random.choice(string.ascii_letters) for _ in
range(album_len))
album = ''.join(['&album=',album])
self.write(sid, price, artist, album, '&song=', self.term, '\x07')
self.results-=1
def send_results(self):
while(self.results>0):
self.create_artist_result()
def send_number(self):
self.write("NUMBER="+str(self.results)+"\x07")
def purchase_song(self):
if self.songsLeft == 0:
pass
self.read(delim="\n", expect=self.purchase_song_sid)
self.balance-=self.price
self.songsLeft-=1
self.write("BALANCE=" + str(self.balance) + "\x07")
if self.balance == 0:
self.quit()
def quit(self):
while(self.balance > 0 and self.songsLeft > 0):
self.get_search()
self.send_number()
self.create_artist_result()
self.send_results()
self.purchase_song()
return -1
def hello(self):
self.write('HELLO\n')
token = Variable('token')
token.set_re('OK ([0-9A-F]*)\n', group=1)
self.read(delim='\n', assign=token)
self.state['has_token'] = token
def hello(self):
self.write('HELLO\n')
token = Variable('token')
token.set_re('OK ([0-9A-F]*)\n', group=1)
self.read(delim='\n', assign=token)
self.state['has_token'] = token
def attack1(self):
self.VIEW_HEIGHT = 13
self.VIEW_WIDTH = 25
self.write(self.state['play'])
self.write("\n")
for _ in range(64):
self._move_left()
for _ in range(64):
self._move_left()
self._move_right()
self._move_right()
self._move_right()
self._move_right()
self._move_right()
self._move_right()
self._jumpRight()
self._jumpRight()
self._jumpRight()
self._jumpRight()
self._move_right()
self._move_right()
self._move_right()
self._move_right()
self._jumpRight()
self._jumpRight()
self._jumpRight()
self._move_right()
self._jumpRight()
self._move_right()
self._move_right()
self._jumpRight()
self._wait()
self._wait()
self._jumpRight()
self._move_right()
self._move_right()
self._move_right()
self._move_right()
self._jumpRight()
self._jumpRight()
self._jumpRight()
self._move_right()
self._jumpRight()
self._move_right()
self._move_right()
self._jumpRight()
for _ in range(12):
self._wait()
self._jumpRight()
for _ in range(8):
self._move_right()
self._move_left()
self._move_left()
self._move_left()
self._wait()
self._wait()
self._wait()
self._jump()
self._move_right()
self._wait()
self._wait()
self._jumpRight()
self._move_right()
self._move_right()
self._move_right()
self._jumpLeft()
self._move_left()
self._jumpLeft()
self._jumpRight()
for _ in range(7):
self._move_right()
self._jumpRight()
for _ in range(8):
self._wait()
self._jumpRight()
self._move_right()
self._move_right()
self._move_right()
self._jumpRight()
self._jumpRight()
self._jumpRight()
self._move_right()
for _ in range(27):
self._wait()
self._jumpRight()
self._move_right()
self._move_right()
self._jumpRight()
for _ in range(15):
self._wait()
self._jumpRight()
self._move_right()
self._move_right()
self._wait()
self._wait()
self._wait()
self._wait()
self._move_right()
self._jumpRight()
self._jumpRight()
self._wait()
self._wait()
self._wait()
self._jumpRight()
self._jumpRight()
self._wait()
self._wait()
self._wait()
self._wait()
self._wait()
self._jumpRight()
self._jumpRight()
self._jumpRight()
self._jumpRight()
self._move_right()
self.write(self.state['right'])
self.write("\n")
self.read(delim="\n", assign=self.state['win'])
first_pcre = r'Move list: (.{512})'
flag_pcre = r'(.{40})'
last_pcre = r'(.*)\n'
flag = Variable('flag')
flag.set_re(flag_pcre, group=1)
self.state['flag'] = flag
self.read(length=523, expect=first_pcre, expect_format='pcre')
self.read(length=40, assign=self.state['flag'])
self.read(delim="\n", expect=last_pcre, expect_format='pcre')
def start(self):
#self.delay(100)
self.magic_idx = 0
self.user_id = 0
self.highScores = []
self.highScores.append(dict(name=self._getRandomName(), score=600))
self.highScores.append(dict(name=self._getRandomName(), score=601))
self.highScores.append(dict(name=self._getRandomName(), score=999999))
play_re = "Play game: (.*)\n"
play = Variable('play')
play.set_re(play_re, group=1)
self.state['play'] = play
instructions_re = "Get instructions: (.*)\n"
instructions = Variable('instructions')
instructions.set_re(instructions_re, group=1)
self.state['instructions'] = instructions
scores_re = "High Scores: (.*)\n"
scores = Variable('highScore')
scores.set_re(scores_re, group=1)
self.state['highScore'] = scores
quit_re = "Quit game: (.*)\n"
quit = Variable('quit')
quit.set_re(quit_re, group=1)
self.state['quit'] = quit
left_re = "Left: (.*)\n"
left = Variable('left')
left.set_re(left_re, group=1)
self.state['left'] = left
right_re = "Right: (.*)\n"
right = Variable('right')
right.set_re(right_re, group=1)
self.state['right'] = right
jump_re = "Jump: (.*)\n"
jump = Variable('jump')
jump.set_re(jump_re, group=1)
self.state['jump'] = jump
jumpleft_re = "Jump Left: (.*)\n"
jumpleft = Variable('jumpleft')
jumpleft.set_re(jumpleft_re, group=1)
self.state['jumpleft'] = jumpleft
jumpright_re = "Jump Right: (.*)\n"
jumpright = Variable('jumpright')
jumpright.set_re(jumpright_re, group=1)
self.state['jumpright'] = jumpright
wait_re = "Wait: (.*)\n"
wait = Variable('wait')
wait.set_re(wait_re, group=1)
self.state['wait'] = wait
self._getMenuInstruction()
self._firstScores()
self.menu()