def post(self, *args, **kwargs): """ Check validity of flag submissions """ box_id = self.get_argument("box_id", None) uuid = self.get_argument("uuid", "") token = self.get_argument("token", "") user = self.get_current_user() if (box_id and Box.by_id(box_id).locked) or ( box_id is None and uuid and Flag.by_uuid(uuid).box.locked): self.render( "missions/status.html", errors=None, info=["This box is currently locked by the Admin."], ) return if (token is not None and box_id is not None and Box.by_id(box_id).flag_submission_type == FlagsSubmissionType.SINGLE_SUBMISSION_BOX): flag = Flag.by_token_and_box_id(token, box_id) else: flag = Flag.by_uuid(uuid) if (flag is not None and Penalty.by_count(flag, user.team) >= self.config.max_flag_attempts): self.render_page_by_flag( flag, info=[ "Max attempts reached - you can no longer answer this flag." ], ) return if flag and flag in user.team.flags: self.render_page_by_flag(flag) return elif (flag is None or flag.game_level.type == "none" or flag.game_level in user.team.game_levels): submission = "" if flag is not None and flag.is_file: if hasattr(self.request, "files") and "flag" in self.request.files: submission = self.request.files["flag"][0]["body"] else: submission = self.get_argument("token", "").replace("__quote__", '"') if len(submission) == 0: self.render_page_by_flag( flag, info=["No flag was provided - try again."]) return old_reward = flag.dynamic_value( user.team) if flag is not None else 0 if flag is not None and self.attempt_capture(flag, submission): self.add_content_policy("script", "'unsafe-eval'") success = self.success_capture(flag, old_reward) if self.config.story_mode: box = flag.box if not (len(box.capture_message) > 0 and box.is_complete(user)): box = None has_capture_message = (len(flag.capture_message) > 0 or box is not None) if has_capture_message: self.render( "missions/captured.html", flag=flag, box=box, reward=old_reward, success=success, ) return self.render_page_by_flag(flag, success=success) return else: self.failed_attempt(flag, user, submission, box_id) else: self.render("public/404.html")
def post(self, *args, **kwargs): ''' Check validity of flag submissions ''' box_id = self.get_argument('box_id', None) uuid = self.get_argument('uuid', '') token = self.get_argument('token', '') user = self.get_current_user() if(box_id is not None and token is not None): flag = Flag.by_token_and_box_id(token, box_id) else: flag = Flag.by_uuid(uuid) if flag is not None and Penalty.by_count(flag, user.team) >= self.config.max_flag_attempts: self.render_page_by_flag(flag, info=["Max attempts reached - you can no longer answer this flag."]) return if flag and flag in user.team.flags: self.render_page_by_flag(flag) elif flag is None or flag.game_level.type == 'none' or flag.game_level in user.team.game_levels: submission = '' if flag is not None and flag.is_file: if hasattr(self.request, 'files') and 'flag' in self.request.files: submission = self.request.files['flag'][0]['body'] else: submission = self.get_argument('token', '') old_reward = flag.value if flag is not None else 0 if flag is not None and self.attempt_capture(flag, submission): self.add_content_policy('script', "'unsafe-eval'") if self.config.story_mode: self.render('missions/captured.html', flag=flag, reward=old_reward) else: success = self.success_capture(flag) self.render_page_by_flag(flag, success=success) else: if flag is None or Penalty.by_token_count(flag, user.team, submission) == 0: if self.config.teams: teamval = "team's " else: teamval = "" penalty = self.failed_capture(flag, submission) if flag is not None else 0 penalty_dialog = "Sorry - Try Again" if penalty: if self.config.banking: penalty_dialog = "$" + str(penalty) + " has been deducted from your " + teamval + "account." else: if penalty == 1: point = " point has" else: point = " points have" penalty_dialog = str(penalty) + point + " been deducted from your " + teamval + "score." if flag is None: self.render_page_by_box_id(box_id, errors=[penalty_dialog]) else: self.render_page_by_flag(flag, errors=[penalty_dialog]) else: if self.config.teams: teamdup = " by your team. Try Again" else: teamdup = " by you. Try Again" self.render_page_by_flag(flag, info=["Duplicate submission - this answer has already been attempted" + teamdup]) else: self.render('public/404.html')
def post(self, *args, **kwargs): """ Check validity of flag submissions """ box_id = self.get_argument("box_id", None) uuid = self.get_argument("uuid", "") token = self.get_argument("token", "") user = self.get_current_user() if not self.application.settings["game_started"] and not user.is_admin( ): self.render( "missions/status.html", errors=None, info=["The game has not started yet"], ) return if box_id is not None and token is not None: flag = Flag.by_token_and_box_id(token, box_id) else: flag = Flag.by_uuid(uuid) if (flag is not None and Penalty.by_count(flag, user.team) >= self.config.max_flag_attempts): self.render_page_by_flag( flag, info=[ "Max attempts reached - you can no longer answer this flag." ], ) return if flag and flag in user.team.flags: self.render_page_by_flag(flag) elif (flag is None or flag.game_level.type == "none" or flag.game_level in user.team.game_levels): submission = "" if flag is not None and flag.is_file: if hasattr(self.request, "files") and "flag" in self.request.files: submission = self.request.files["flag"][0]["body"] else: submission = self.get_argument("token", "") if len(submission) == 0: self.render_page_by_flag( flag, info=["No flag was provided - try again."]) old_reward = flag.value if flag is not None else 0 if flag is not None and self.attempt_capture(flag, submission): self.add_content_policy("script", "'unsafe-eval'") success = self.success_capture(flag, old_reward) if self.config.story_mode: box = flag.box if not (len(box.capture_message) > 0 and box.is_complete(user)): box = None has_capture_message = (len(flag.capture_message) > 0 or box is not None) if has_capture_message: self.render( "missions/captured.html", flag=flag, box=box, reward=old_reward, success=success, ) return self.render_page_by_flag(flag, success=success) else: if (flag is None or Penalty.by_token_count( flag, user.team, submission) == 0): if self.config.teams: teamval = "team's " else: teamval = "" penalty = (self.failed_capture(flag, submission) if flag is not None else 0) penalty_dialog = "Sorry - Try Again" if penalty: if self.config.banking: penalty_dialog = ("$" + str(penalty) + " has been deducted from your " + teamval + "account.") else: if penalty == 1: point = " point has" else: point = " points have" penalty_dialog = (str(penalty) + point + " been deducted from your " + teamval + "score.") if flag is None: self.render_page_by_box_id(box_id, errors=[penalty_dialog]) else: self.render_page_by_flag(flag, errors=[penalty_dialog]) else: if self.config.teams: teamdup = " by your team. Try Again" else: teamdup = " by you. Try Again" self.render_page_by_flag( flag, info=[ "Duplicate submission - this answer has already been attempted" + teamdup ], ) else: self.render("public/404.html")
def post(self, *args, **kwargs): ''' Check validity of flag submissions ''' box_id = self.get_argument('box_id', None) uuid = self.get_argument('uuid', '') token = self.get_argument('token', '') user = self.get_current_user() if not self.application.settings['game_started'] and not user.is_admin(): self.render('missions/status.html', errors=None, info=["The game has not started yet"]) return if(box_id is not None and token is not None): flag = Flag.by_token_and_box_id(token, box_id) else: flag = Flag.by_uuid(uuid) if flag is not None and Penalty.by_count(flag, user.team) >= self.config.max_flag_attempts: self.render_page_by_flag(flag, info=["Max attempts reached - you can no longer answer this flag."]) return if flag and flag in user.team.flags: self.render_page_by_flag(flag) elif flag is None or flag.game_level.type == 'none' or flag.game_level in user.team.game_levels: submission = '' if flag is not None and flag.is_file: if hasattr(self.request, 'files') and 'flag' in self.request.files: submission = self.request.files['flag'][0]['body'] else: submission = self.get_argument('token', '') if len(submission) == 0: self.render_page_by_flag(flag, info=["No flag was provided - try again."]) old_reward = flag.value if flag is not None else 0 if flag is not None and self.attempt_capture(flag, submission): self.add_content_policy('script', "'unsafe-eval'") if self.config.story_mode and flag.capture_message and len(flag.capture_message) > 0: self.render('missions/captured.html', flag=flag, reward=old_reward) else: success = self.success_capture(flag, old_reward) self.render_page_by_flag(flag, success=success) else: if flag is None or Penalty.by_token_count(flag, user.team, submission) == 0: if self.config.teams: teamval = "team's " else: teamval = "" penalty = self.failed_capture(flag, submission) if flag is not None else 0 penalty_dialog = "Sorry - Try Again" if penalty: if self.config.banking: penalty_dialog = "$" + str(penalty) + " has been deducted from your " + teamval + "account." else: if penalty == 1: point = " point has" else: point = " points have" penalty_dialog = str(penalty) + point + " been deducted from your " + teamval + "score." if flag is None: self.render_page_by_box_id(box_id, errors=[penalty_dialog]) else: self.render_page_by_flag(flag, errors=[penalty_dialog]) else: if self.config.teams: teamdup = " by your team. Try Again" else: teamdup = " by you. Try Again" self.render_page_by_flag(flag, info=["Duplicate submission - this answer has already been attempted" + teamdup]) else: self.render('public/404.html')
def post(self, *args, **kwargs): """ Check validity of flag submissions """ box_id = self.get_argument("box_id", None) uuid = self.get_argument("uuid", "") token = self.get_argument("token", "") user = self.get_current_user() if not self.application.settings["game_started"] and not user.is_admin(): self.render( "missions/status.html", errors=None, info=["The game has not started yet"], ) return if box_id is not None and token is not None: flag = Flag.by_token_and_box_id(token, box_id) else: flag = Flag.by_uuid(uuid) if ( flag is not None and Penalty.by_count(flag, user.team) >= self.config.max_flag_attempts ): self.render_page_by_flag( flag, info=["Max attempts reached - you can no longer answer this flag."], ) return if flag and flag in user.team.flags: self.render_page_by_flag(flag) return elif ( flag is None or flag.game_level.type == "none" or flag.game_level in user.team.game_levels ): submission = "" if flag is not None and flag.is_file: if hasattr(self.request, "files") and "flag" in self.request.files: submission = self.request.files["flag"][0]["body"] else: submission = self.get_argument("token", "") if len(submission) == 0: self.render_page_by_flag( flag, info=["No flag was provided - try again."] ) return old_reward = flag.value if flag is not None else 0 if flag is not None and self.attempt_capture(flag, submission): self.add_content_policy("script", "'unsafe-eval'") success = self.success_capture(flag, old_reward) if self.config.story_mode: box = flag.box if not (len(box.capture_message) > 0 and box.is_complete(user)): box = None has_capture_message = ( len(flag.capture_message) > 0 or box is not None ) if has_capture_message: self.render( "missions/captured.html", flag=flag, box=box, reward=old_reward, success=success, ) return self.render_page_by_flag(flag, success=success) return else: self.failed_attempt(flag, user, submission, box_id) else: self.render("public/404.html")