def admin_pages_view(route): if request.method == 'GET' and request.args.get('mode') == 'create': return render_template('admin/editor.html') if route and request.method == 'GET': page = Pages.query.filter_by(route=route).first() return render_template('admin/editor.html', page=page) if route and request.method == 'POST': page = Pages.query.filter_by(route=route).first() errors = [] html = request.form['html'] route = request.form['route'] if not route: errors.append('Missing URL route') if errors: page = Pages(html, '') return render_template('/admin/editor.html', page=page) if page: page.route = route page.html = html db.session.commit() db.session.close() with app.app_context(): cache.clear() return redirect(url_for('admin_pages.admin_pages_view')) page = Pages(route, html) db.session.add(page) db.session.commit() db.session.close() with app.app_context(): cache.clear() return redirect(url_for('admin_pages.admin_pages_view')) pages = Pages.query.all() return render_template('admin/pages.html', routes=pages, css=utils.get_config('css'))
def delete_page(pageroute): page = Pages.query.filter_by(route=pageroute).first_or_404() db.session.delete(page) db.session.commit() db.session.close() with app.app_context(): cache.clear() return '1'
def admin_css(): if request.method == 'POST': css = request.form['css'] css = utils.set_config('css', css) with app.app_context(): cache.clear() return '1' return '0'
def admin_css(): if request.method == 'POST': css = request.form['css'] css = set_config('css', css) with app.app_context(): cache.clear() return '1' return '0'
def destroy_ctfd(app): with app.app_context(): app.db.session.commit() app.db.session.close_all() gc.collect() # Garbage collect (necessary in the case of dataset freezes to clean database connections) app.db.drop_all() cache.clear() drop_database(app.config['SQLALCHEMY_DATABASE_URI'])
def delete_page(): id = request.form['id'] page = Pages.query.filter_by(id=id).first_or_404() db.session.delete(page) db.session.commit() db.session.close() with app.app_context(): cache.clear() return '1'
def set_option(): with app.app_context(): cache.clear() selected_option = request.form.get('selected_option', None) if selected_option: utils.set_config('private_registration_option', selected_option) override_register_template() return '1' else: return '0'
def admin_plugin_config(plugin): if request.method == 'GET': if plugin in utils.get_configurable_plugins(): config = open( os.path.join(app.root_path, 'plugins', plugin, 'config.html')).read() return render_template_string(config) abort(404) elif request.method == 'POST': for k, v in request.form.items(): if k == "nonce": continue utils.set_config(k, v) with app.app_context(): cache.clear() return '1'
def admin_plugin_config(plugin): if request.method == 'GET': plugins_path = os.path.join(app.root_path, 'plugins') config_html_plugins = [name for name in os.listdir(plugins_path) if os.path.isfile(os.path.join(plugins_path, name, 'config.html'))] if plugin in config_html_plugins: config = open(os.path.join(app.root_path, 'plugins', plugin, 'config.html')).read() return render_template_string(config) abort(404) elif request.method == 'POST': for k, v in request.form.items(): if k == "nonce": continue utils.set_config(k, v) with app.app_context(): cache.clear() return '1'
def admin_config(): if request.method == "POST": start = None end = None freeze = None if request.form.get('start'): start = int(request.form['start']) if request.form.get('end'): end = int(request.form['end']) if request.form.get('freeze'): freeze = int(request.form['freeze']) try: view_challenges_unregistered = bool(request.form.get('view_challenges_unregistered', None)) view_scoreboard_if_authed = bool(request.form.get('view_scoreboard_if_authed', None)) hide_scores = bool(request.form.get('hide_scores', None)) prevent_registration = bool(request.form.get('prevent_registration', None)) prevent_name_change = bool(request.form.get('prevent_name_change', None)) view_after_ctf = bool(request.form.get('view_after_ctf', None)) verify_emails = bool(request.form.get('verify_emails', None)) mail_tls = bool(request.form.get('mail_tls', None)) mail_ssl = bool(request.form.get('mail_ssl', None)) except (ValueError, TypeError): view_challenges_unregistered = None view_scoreboard_if_authed = None hide_scores = None prevent_registration = None prevent_name_change = None view_after_ctf = None verify_emails = None mail_tls = None mail_ssl = None finally: view_challenges_unregistered = utils.set_config('view_challenges_unregistered', view_challenges_unregistered) view_scoreboard_if_authed = utils.set_config('view_scoreboard_if_authed', view_scoreboard_if_authed) hide_scores = utils.set_config('hide_scores', hide_scores) prevent_registration = utils.set_config('prevent_registration', prevent_registration) prevent_name_change = utils.set_config('prevent_name_change', prevent_name_change) view_after_ctf = utils.set_config('view_after_ctf', view_after_ctf) verify_emails = utils.set_config('verify_emails', verify_emails) mail_tls = utils.set_config('mail_tls', mail_tls) mail_ssl = utils.set_config('mail_ssl', mail_ssl) mail_server = utils.set_config("mail_server", request.form.get('mail_server', None)) mail_port = utils.set_config("mail_port", request.form.get('mail_port', None)) mail_username = utils.set_config("mail_username", request.form.get('mail_username', None)) mail_password = utils.set_config("mail_password", request.form.get('mail_password', None)) ctf_name = utils.set_config("ctf_name", request.form.get('ctf_name', None)) ctf_theme = utils.set_config("ctf_theme", request.form.get('ctf_theme', None)) mailfrom_addr = utils.set_config("mailfrom_addr", request.form.get('mailfrom_addr', None)) mg_base_url = utils.set_config("mg_base_url", request.form.get('mg_base_url', None)) mg_api_key = utils.set_config("mg_api_key", request.form.get('mg_api_key', None)) db_freeze = utils.set_config("freeze", freeze) db_start = Config.query.filter_by(key='start').first() db_start.value = start db_end = Config.query.filter_by(key='end').first() db_end.value = end db.session.add(db_start) db.session.add(db_end) db.session.commit() db.session.close() with app.app_context(): cache.clear() return redirect(url_for('admin.admin_config')) with app.app_context(): cache.clear() ctf_name = utils.get_config('ctf_name') ctf_theme = utils.get_config('ctf_theme') hide_scores = utils.get_config('hide_scores') mail_server = utils.get_config('mail_server') mail_port = utils.get_config('mail_port') mail_username = utils.get_config('mail_username') mail_password = utils.get_config('mail_password') mailfrom_addr = utils.get_config('mailfrom_addr') mg_api_key = utils.get_config('mg_api_key') mg_base_url = utils.get_config('mg_base_url') view_after_ctf = utils.get_config('view_after_ctf') start = utils.get_config('start') end = utils.get_config('end') freeze = utils.get_config('freeze') mail_tls = utils.get_config('mail_tls') mail_ssl = utils.get_config('mail_ssl') view_challenges_unregistered = utils.get_config('view_challenges_unregistered') view_scoreboard_if_authed = utils.get_config('view_scoreboard_if_authed') prevent_registration = utils.get_config('prevent_registration') prevent_name_change = utils.get_config('prevent_name_change') verify_emails = utils.get_config('verify_emails') db.session.commit() db.session.close() themes = utils.get_themes() themes.remove(ctf_theme) return render_template('admin/config.html', ctf_name=ctf_name, ctf_theme_config=ctf_theme, start=start, end=end, freeze=freeze, hide_scores=hide_scores, mail_server=mail_server, mail_port=mail_port, mail_username=mail_username, mail_password=mail_password, mail_tls=mail_tls, mail_ssl=mail_ssl, view_challenges_unregistered=view_challenges_unregistered, view_scoreboard_if_authed=view_scoreboard_if_authed, prevent_registration=prevent_registration, mailfrom_addr=mailfrom_addr, mg_base_url=mg_base_url, mg_api_key=mg_api_key, prevent_name_change=prevent_name_change, verify_emails=verify_emails, view_after_ctf=view_after_ctf, themes=themes)
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not utils.is_setup(): if not session.get('nonce'): session['nonce'] = utils.sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = utils.set_config('ctf_name', ctf_name) # CSS css = utils.set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True # Index page index = """<div class="row"> <div class="col-md-6 offset-md-3"> <img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.png" /> <h3 class="text-center"> <p>A cool CTF platform from <a href="https://ctfd.io">ctfd.io</a></p> <p>Follow us on social media:</p> <a href="https://twitter.com/ctfdio"><i class="fab fa-twitter fa-2x" aria-hidden="true"></i></a> <a href="https://facebook.com/ctfdio"><i class="fab fa-facebook fa-2x" aria-hidden="true"></i></a> <a href="https://github.com/ctfd"><i class="fab fa-github fa-2x" aria-hidden="true"></i></a> </h3> <br> <h4 class="text-center"> <a href="admin">Click here</a> to login and setup your CTF </h4> </div> </div>""".format(request.script_root) page = Pages(title=None, route='index', html=index, draft=False) # max attempts per challenge max_tries = utils.set_config('max_tries', 0) # Start time start = utils.set_config('start', None) end = utils.set_config('end', None) freeze = utils.set_config('freeze', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = utils.set_config( 'view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = utils.set_config('prevent_registration', None) # Verify emails verify_emails = utils.set_config('verify_emails', None) mail_server = utils.set_config('mail_server', None) mail_port = utils.set_config('mail_port', None) mail_tls = utils.set_config('mail_tls', None) mail_ssl = utils.set_config('mail_ssl', None) mail_username = utils.set_config('mail_username', None) mail_password = utils.set_config('mail_password', None) mail_useauth = utils.set_config('mail_useauth', None) setup = utils.set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() session['username'] = admin.name session['id'] = admin.id session['admin'] = admin.admin session['nonce'] = utils.sha512(os.urandom(10)) db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))
def admin_config(): if request.method == "POST": start = None end = None freeze = None if request.form.get('start'): start = int(request.form['start']) if request.form.get('end'): end = int(request.form['end']) if request.form.get('freeze'): freeze = int(request.form['freeze']) try: # Set checkbox config values view_challenges_unregistered = 'view_challenges_unregistered' in request.form view_scoreboard_if_authed = 'view_scoreboard_if_authed' in request.form hide_scores = 'hide_scores' in request.form prevent_registration = 'prevent_registration' in request.form prevent_name_change = 'prevent_name_change' in request.form view_after_ctf = 'view_after_ctf' in request.form verify_emails = 'verify_emails' in request.form mail_tls = 'mail_tls' in request.form mail_ssl = 'mail_ssl' in request.form mail_useauth = 'mail_useauth' in request.form workshop_mode = 'workshop_mode' in request.form paused = 'paused' in request.form finally: utils.set_config('view_challenges_unregistered', view_challenges_unregistered) utils.set_config('view_scoreboard_if_authed', view_scoreboard_if_authed) utils.set_config('hide_scores', hide_scores) utils.set_config('prevent_registration', prevent_registration) utils.set_config('prevent_name_change', prevent_name_change) utils.set_config('view_after_ctf', view_after_ctf) utils.set_config('verify_emails', verify_emails) utils.set_config('mail_tls', mail_tls) utils.set_config('mail_ssl', mail_ssl) utils.set_config('mail_useauth', mail_useauth) utils.set_config('workshop_mode', workshop_mode) utils.set_config('paused', paused) utils.set_config("mail_server", request.form.get('mail_server', None)) utils.set_config("mail_port", request.form.get('mail_port', None)) if request.form.get('mail_useauth', None) and (request.form.get( 'mail_u', None) or request.form.get('mail_p', None)): if len(request.form.get('mail_u')) > 0: utils.set_config("mail_username", request.form.get('mail_u', None)) if len(request.form.get('mail_p')) > 0: utils.set_config("mail_password", request.form.get('mail_p', None)) elif request.form.get('mail_useauth', None) is None: utils.set_config("mail_username", None) utils.set_config("mail_password", None) if request.files.get('ctf_logo_file', None): ctf_logo = request.files['ctf_logo_file'] file_id, file_loc = utils.upload_file(ctf_logo, None) utils.set_config("ctf_logo", file_loc) elif request.form.get('ctf_logo') == '': utils.set_config("ctf_logo", None) utils.set_config("ctf_name", request.form.get('ctf_name', None)) utils.set_config("ctf_theme", request.form.get('ctf_theme', None)) utils.set_config('css', request.form.get('css', None)) utils.set_config("mailfrom_addr", request.form.get('mailfrom_addr', None)) utils.set_config("mg_base_url", request.form.get('mg_base_url', None)) utils.set_config("mg_api_key", request.form.get('mg_api_key', None)) utils.set_config("freeze", freeze) db_start = Config.query.filter_by(key='start').first() db_start.value = start db_end = Config.query.filter_by(key='end').first() db_end.value = end db.session.add(db_start) db.session.add(db_end) db.session.commit() db.session.close() with app.app_context(): cache.clear() return redirect(url_for('admin.admin_config')) # Clear the cache so that we don't get stale values cache.clear() ctf_name = utils.get_config('ctf_name') ctf_logo = utils.get_config('ctf_logo') ctf_theme = utils.get_config('ctf_theme') hide_scores = utils.get_config('hide_scores') css = utils.get_config('css') mail_server = utils.get_config('mail_server') mail_port = utils.get_config('mail_port') mail_username = utils.get_config('mail_username') mail_password = utils.get_config('mail_password') mailfrom_addr = utils.get_config('mailfrom_addr') mg_api_key = utils.get_config('mg_api_key') mg_base_url = utils.get_config('mg_base_url') view_after_ctf = utils.get_config('view_after_ctf') start = utils.get_config('start') end = utils.get_config('end') freeze = utils.get_config('freeze') mail_tls = utils.get_config('mail_tls') mail_ssl = utils.get_config('mail_ssl') mail_useauth = utils.get_config('mail_useauth') view_challenges_unregistered = utils.get_config( 'view_challenges_unregistered') view_scoreboard_if_authed = utils.get_config('view_scoreboard_if_authed') prevent_registration = utils.get_config('prevent_registration') prevent_name_change = utils.get_config('prevent_name_change') verify_emails = utils.get_config('verify_emails') workshop_mode = utils.get_config('workshop_mode') paused = utils.get_config('paused') db.session.commit() db.session.close() themes = utils.get_themes() themes.remove(ctf_theme) return render_template( 'admin/config.html', ctf_name=ctf_name, ctf_logo=ctf_logo, ctf_theme_config=ctf_theme, css=css, start=start, end=end, freeze=freeze, hide_scores=hide_scores, mail_server=mail_server, mail_port=mail_port, mail_useauth=mail_useauth, mail_username=mail_username, mail_password=mail_password, mail_tls=mail_tls, mail_ssl=mail_ssl, view_challenges_unregistered=view_challenges_unregistered, view_scoreboard_if_authed=view_scoreboard_if_authed, prevent_registration=prevent_registration, mailfrom_addr=mailfrom_addr, mg_base_url=mg_base_url, mg_api_key=mg_api_key, prevent_name_change=prevent_name_change, verify_emails=verify_emails, view_after_ctf=view_after_ctf, themes=themes, workshop_mode=workshop_mode, paused=paused)
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not is_setup(): if not session.get('nonce'): session['nonce'] = sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = set_config('ctf_name', ctf_name) flag_format = request.form['flag_format'] flag_format = set_config('flag_format', flag_format) # CSS css = set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True # Index page page = Pages( 'index', """ <img class="logo" src="{0}/static/original/img/logo.png" /> <h3 class="text-center"> Welcome to the THC CTF 2017 ! </h3> <br/> <h6 class="text-center"> <a href="https://github.com/ToulouseHackingConvention/CTFd/">scoreboard</a> based on <a href="https://github.com/isislab/CTFd">CTFd</a> and modified by <a href="https://github.com/arthaud">maxima</a>, <a href="https://github.com/palkeo">palkeo</a> and <a href="https://github.com/zadlg">zadig</a>. </h6>""".format(request.script_root)) # max attempts per challenge max_tries = set_config("max_tries", 0) # Start time start = set_config('start', None) end = set_config('end', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = set_config( 'view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = set_config('prevent_registration', None) # Verify emails verify_emails = set_config('verify_emails', None) mail_server = set_config('mail_server', None) mail_port = set_config('mail_port', None) mail_tls = set_config('mail_tls', None) mail_ssl = set_config('mail_ssl', None) mail_username = set_config('mail_username', None) mail_password = set_config('mail_password', None) setup = set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.index')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.index'))
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not utils.is_setup(): if not session.get('nonce'): session['nonce'] = utils.sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = utils.set_config('ctf_name', ctf_name) # CSS css = utils.set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True # Index page page = Pages( 'index', """<div class="container main-container"> <img class="logo" src="themes/original/static/img/logo.png" /> <h3 class="text-center"> <p>Demon CTF <a href="http://demonteam.org">demonteam.org</a></p> </h3> <br> <h4 class="text-center"> <a href="admin">Click here</a> to login and setup your CTF </h4> </div>""".format(request.script_root)) # max attempts per challenge max_tries = utils.set_config('max_tries', 0) # Start time start = utils.set_config('start', None) end = utils.set_config('end', None) freeze = utils.set_config('freeze', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = utils.set_config( 'view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = utils.set_config('prevent_registration', None) # Verify emails verify_emails = utils.set_config('verify_emails', None) mail_server = utils.set_config('mail_server', None) mail_port = utils.set_config('mail_port', None) mail_tls = utils.set_config('mail_tls', None) mail_ssl = utils.set_config('mail_ssl', None) mail_username = utils.set_config('mail_username', None) mail_password = utils.set_config('mail_password', None) mail_useauth = utils.set_config('mail_useauth', None) setup = utils.set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() session['username'] = admin.name session['id'] = admin.id session['admin'] = admin.admin session['nonce'] = utils.sha512(os.urandom(10)) db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not utils.is_setup(): if not session.get('nonce'): session['nonce'] = utils.sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = utils.set_config('ctf_name', ctf_name) # CSS css = utils.set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True # Index page index = """<div class="row"> <div class="intro"> <img width=30 src="themes/arg/static/img/logo.png" /> <br> <br> <p> the console will set you free </p> <script> console_message('ef98fe223e630bbb82dd9c41323e3290') </script> <br> </div> </div>""".format(request.script_root) page = Pages(title=None, route='index', html=index, draft=False) # max attempts per challenge max_tries = utils.set_config('max_tries', 0) # Start time start = utils.set_config('start', None) end = utils.set_config('end', None) freeze = utils.set_config('freeze', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = utils.set_config( 'view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = utils.set_config('prevent_registration', None) # Verify emails verify_emails = utils.set_config('verify_emails', None) mail_server = utils.set_config('mail_server', None) mail_port = utils.set_config('mail_port', None) mail_tls = utils.set_config('mail_tls', None) mail_ssl = utils.set_config('mail_ssl', None) mail_username = utils.set_config('mail_username', None) mail_password = utils.set_config('mail_password', None) mail_useauth = utils.set_config('mail_useauth', None) setup = utils.set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() session['username'] = admin.name session['id'] = admin.id session['admin'] = admin.admin session['nonce'] = utils.sha512(os.urandom(10)) db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not utils.is_setup(): if not session.get('nonce'): session['nonce'] = utils.sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = utils.set_config('ctf_name', ctf_name) # CSS css = utils.set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True # Index page index = """<div class="row"> <style> .col-container:after { content: ""; display: table; clear: both; } .col { float: left; } .clearfix::after { content: ""; display: table; clear: both; } .footer-nav{ float: left; } .logo{ float: right; } .footer-nav, .footer-nav li{ display: inline; } </style> <div class="col-md-6 offset-md-3"> <h1 class="text-center" style="padding-top: 10vh; font-size: 50px;"> <b>Haaukins</b> </h1> <p class="text-center"> A platform for Cyber Security Exercises </p> <p class="text-center"> Founded by <a href="http://danishcybersecurityclusters.dk/">Danish Cyber Security Clusters</a> and supported by </p> <a href="https://www.industriensfond.dk/"> <img class="w-100 mx-auto d-block" style="max-width: 300px; padding: 3vh 0 4vh 0;" src="/themes/core/static/img/logo_industrienfond.jpg"> </a> <p class="text-center"> <p class="text-center"> Developed at <a href="http://es.aau.dk/">Aalborg University</a> (Department of Electronic Systems) by: </p> <div class="col-container" style="margin-top: 40px;"> <div class="col" style="width: 40%"> <img src="/themes/core/static/img/haaukins_logo_blue240px.png" style="margin-left: 20px; max-width: 170px;"> </div> <div class="col" style="width: 60%; font-size:14px;"> <p><a href="https://mrturkmen.com">Ahmet Turkmen</a> (Research Assistant)</p> <p><a href="https://github.com/eyJhb">Gian Marco Mennecozzi</a> (Research Assistant)</p> <p><a href="https://github.com/kdhageman">Kaspar Hageman</a> (Ph.D. Student)</p> <p><a href="https://github.com/tpanum">Thomas Kobber Panum</a> (Ph.D. Student)</p> <p><a href="https://github.com/eyJhb">Johan Hempel Bengtson</a> (Student Helper)</p> </div> </div> </p> <div class="card-deck py-4"> <div class="card"> <div class="card-body"> <h5 class="card-title">Tips and tricks</h5> <div class="card-text"> Stuck at a certain challenge? Or do you just want to know more about a certain topic? </div> </div> <div class="card-footer"> <a href="https://aau-network-security.github.io/tips-and-tricks/" target="_blank">Vist the tips & tricks page</a> </div> </div> <div class="card"> <div class="card-body"> <h5 class="card-title">Survey</h5> <p>You can help us improve the platform by taking our survey to let us know about your experiences!</p> </div> <div class="card-footer"> <a href="https://www.survey-xact.dk/LinkCollector?key=KDRVSTDJJN15" target="_blank">Fill out the survey here</a> </div> </div> </div> <p class="text-center"> Feel free to join our local Facebook Group: </p> <p class="text-center"> <a href="https://www.facebook.com/groups/957517617737780"><i class="fab fa-facebook" aria-hidden="true"></i> AAU Hackers & Friends</a> </p> <div class="container"> <footer> <ul class="footer-nav"> <li><a href="https://eadania.dk/"> <img src="/themes/core/static/img/da-90.png" style= "width:90px; height:75px;" ></a></li> <li><a href="https://www.dtu.dk/"><img src="/themes/core/static/img/dtu-90.png" style= "width:90px; height:75px;"></a></li> <li><a href="https://kea.dk/"> <img src="/themes/core/static/img/kea-90.jpg" style= "width:90px; height:75px;" ></a></li> <li><a href="https://happy42.dk/"> <img src="/themes/core/static/img/happy-90.png" style= "width:90px; height:75px;" ></a></li> <li><a href="https://www.eaaa.dk/"><img src="/themes/core/static/img/eaa-90.png" style= "width:90px; height:75px;"></a></li> </ul> </footer> </div> </div> </div>""" page = Pages(title=None, route='index', html=index, draft=False) # max attempts per challenge max_tries = utils.set_config('max_tries', 0) # Start time start = utils.set_config('start', None) end = utils.set_config('end', None) freeze = utils.set_config('freeze', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = utils.set_config( 'view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = utils.set_config('prevent_registration', None) # Verify emails verify_emails = utils.set_config('verify_emails', None) mail_server = utils.set_config('mail_server', None) mail_port = utils.set_config('mail_port', None) mail_tls = utils.set_config('mail_tls', None) mail_ssl = utils.set_config('mail_ssl', None) mail_username = utils.set_config('mail_username', None) mail_password = utils.set_config('mail_password', None) mail_useauth = utils.set_config('mail_useauth', None) setup = utils.set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() session['username'] = admin.name session['id'] = admin.id session['admin'] = admin.admin session['nonce'] = utils.sha512(os.urandom(10)) db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))
def admin_config(): if request.method == "POST": start = None end = None if request.form.get('start'): start = int(request.form['start']) if request.form.get('end'): end = int(request.form['end']) try: view_challenges_unregistered = bool( request.form.get('view_challenges_unregistered', None)) view_scoreboard_if_authed = bool( request.form.get('view_scoreboard_if_authed', None)) prevent_registration = bool( request.form.get('prevent_registration', None)) prevent_name_change = bool( request.form.get('prevent_name_change', None)) view_after_ctf = bool(request.form.get('view_after_ctf', None)) verify_emails = bool(request.form.get('verify_emails', None)) mail_tls = bool(request.form.get('mail_tls', None)) mail_ssl = bool(request.form.get('mail_ssl', None)) except (ValueError, TypeError): view_challenges_unregistered = None view_scoreboard_if_authed = None prevent_registration = None prevent_name_change = None view_after_ctf = None verify_emails = None mail_tls = None mail_ssl = None finally: view_challenges_unregistered = set_config( 'view_challenges_unregistered', view_challenges_unregistered) view_scoreboard_if_authed = set_config('view_scoreboard_if_authed', view_scoreboard_if_authed) prevent_registration = set_config('prevent_registration', prevent_registration) prevent_name_change = set_config('prevent_name_change', prevent_name_change) view_after_ctf = set_config('view_after_ctf', view_after_ctf) verify_emails = set_config('verify_emails', verify_emails) mail_tls = set_config('mail_tls', mail_tls) mail_ssl = set_config('mail_ssl', mail_ssl) mail_server = set_config("mail_server", request.form.get('mail_server', None)) mail_port = set_config("mail_port", request.form.get('mail_port', None)) mail_username = set_config("mail_username", request.form.get('mail_username', None)) mail_password = set_config("mail_password", request.form.get('mail_password', None)) ctf_name = set_config("ctf_name", request.form.get('ctf_name', None)) ctf_theme = set_config("ctf_theme", request.form.get('ctf_theme', None)) mailfrom_addr = set_config("mailfrom_addr", request.form.get('mailfrom_addr', None)) mg_base_url = set_config("mg_base_url", request.form.get('mg_base_url', None)) mg_api_key = set_config("mg_api_key", request.form.get('mg_api_key', None)) max_tries = set_config("max_tries", request.form.get('max_tries', None)) db_start = Config.query.filter_by(key='start').first() db_start.value = start db_end = Config.query.filter_by(key='end').first() db_end.value = end db.session.add(db_start) db.session.add(db_end) db.session.commit() db.session.close() with app.app_context(): cache.clear() return redirect(url_for('admin.admin_config')) with app.app_context(): cache.clear() ctf_name = get_config('ctf_name') ctf_theme = get_config('ctf_theme') max_tries = get_config('max_tries') mail_server = get_config('mail_server') mail_port = get_config('mail_port') mail_username = get_config('mail_username') mail_password = get_config('mail_password') mailfrom_addr = get_config('mailfrom_addr') mg_api_key = get_config('mg_api_key') mg_base_url = get_config('mg_base_url') if not max_tries: set_config('max_tries', 0) max_tries = 0 view_after_ctf = get_config('view_after_ctf') start = get_config('start') end = get_config('end') mail_tls = get_config('mail_tls') mail_ssl = get_config('mail_ssl') view_challenges_unregistered = get_config('view_challenges_unregistered') view_scoreboard_if_authed = get_config('view_scoreboard_if_authed') prevent_registration = get_config('prevent_registration') prevent_name_change = get_config('prevent_name_change') verify_emails = get_config('verify_emails') db.session.commit() db.session.close() themes = get_themes() themes.remove(ctf_theme) return render_template( 'admin/config.html', ctf_name=ctf_name, ctf_theme_config=ctf_theme, start=start, end=end, max_tries=max_tries, mail_server=mail_server, mail_port=mail_port, mail_username=mail_username, mail_password=mail_password, mail_tls=mail_tls, mail_ssl=mail_ssl, view_challenges_unregistered=view_challenges_unregistered, view_scoreboard_if_authed=view_scoreboard_if_authed, prevent_registration=prevent_registration, mailfrom_addr=mailfrom_addr, mg_base_url=mg_base_url, mg_api_key=mg_api_key, prevent_name_change=prevent_name_change, verify_emails=verify_emails, view_after_ctf=view_after_ctf, themes=themes)
def admin_pages_view(): page_id = request.args.get('id') page_op = request.args.get('operation') if request.method == 'GET' and page_op == 'preview': page = Pages.query.filter_by(id=page_id).first_or_404() return render_template('page.html', content=markdown(page.html)) if request.method == 'GET' and page_op == 'create': return render_template('admin/editor.html') if page_id and request.method == 'GET': page = Pages.query.filter_by(id=page_id).first() return render_template('admin/editor.html', page=page) if request.method == 'POST': page_form_id = request.form.get('id') title = request.form['title'] html = request.form['html'] route = request.form['route'].lstrip('/') auth_required = 'auth_required' in request.form if page_op == 'preview': page = Pages(title, route, html, draft=False) return render_template('page.html', content=markdown(page.html)) page = Pages.query.filter_by(id=page_form_id).first() errors = [] if not route: errors.append('Missing URL route') if errors: page = Pages(title, html, route) return render_template('/admin/editor.html', page=page) if page: page.title = title page.route = route page.html = html page.auth_required = auth_required if page_op == 'publish': page.draft = False db.session.commit() db.session.close() cache.clear() return jsonify({ 'result': 'success', 'operation': page_op }) if page_op == 'publish': page = Pages(title, route, html, draft=False, auth_required=auth_required) elif page_op == 'save': page = Pages(title, route, html, auth_required=auth_required) db.session.add(page) db.session.commit() db.session.close() cache.clear() return jsonify({ 'result': 'success', 'operation': page_op }) pages = Pages.query.all() return render_template('admin/pages.html', pages=pages)
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not utils.is_setup(): if not session.get('nonce'): session['nonce'] = utils.sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = utils.set_config('ctf_name', ctf_name) # CSS css = utils.set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True # Index page index = """<div class="row"> <div class="col-md-12"> <img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.png" /> <br> <h3 class="text-center"> <div style='font-size:0;'> <div style='width:100%; margin:0 auto 0 auto; text-align:center; display:inline-block;'> <a href='https://interferencias.tech/'><img src='themes/core/static/img/interferencias.png' height="200px" alt='Logo Interferencias'></a> <a href='http://www.hackingdesdecero.org/'><img src='themes/core/static/img/hdc.png' height="190px" alt='Logo HDC'></a> </div> </div> </h3> </div> </div>""".format(request.script_root) page = Pages(title=None, route='index', html=index, draft=False) # max attempts per challenge max_tries = utils.set_config('max_tries', 0) # Start time start = utils.set_config('start', None) end = utils.set_config('end', None) freeze = utils.set_config('freeze', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = utils.set_config( 'view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = utils.set_config('prevent_registration', None) # Verify emails verify_emails = utils.set_config('verify_emails', None) mail_server = utils.set_config('mail_server', None) mail_port = utils.set_config('mail_port', None) mail_tls = utils.set_config('mail_tls', None) mail_ssl = utils.set_config('mail_ssl', None) mail_username = utils.set_config('mail_username', None) mail_password = utils.set_config('mail_password', None) mail_useauth = utils.set_config('mail_useauth', None) setup = utils.set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() session['username'] = admin.name session['id'] = admin.id session['admin'] = admin.admin session['nonce'] = utils.sha512(os.urandom(10)) db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not utils.is_setup(): if not session.get('nonce'): session['nonce'] = utils.sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = utils.set_config('ctf_name', ctf_name) # CSS css = utils.set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password, '', '') admin.admin = True admin.banned = True # Index page index = """<div class="row"> <div class="col-md-6 offset-md-3"> <img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.jpg" /> <h3 class="text-center"> 一个正经的CTF平台 </h3> <br> </div> </div>""".format(request.script_root) page = Pages(title=None, route='index', html=index, draft=False) # max attempts per challenge max_tries = utils.set_config('max_tries', 0) # Start time start = utils.set_config('start', None) end = utils.set_config('end', None) freeze = utils.set_config('freeze', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = utils.set_config( 'view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = utils.set_config('prevent_registration', None) # Verify emails verify_emails = utils.set_config('verify_emails', None) mail_server = utils.set_config('mail_server', None) mail_port = utils.set_config('mail_port', None) mail_tls = utils.set_config('mail_tls', None) mail_ssl = utils.set_config('mail_ssl', None) mail_username = utils.set_config('mail_username', None) mail_password = utils.set_config('mail_password', None) mail_useauth = utils.set_config('mail_useauth', None) setup = utils.set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() session['username'] = admin.name session['id'] = admin.id session['admin'] = admin.admin session['nonce'] = utils.sha512(os.urandom(10)) db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not is_setup(): if not session.get('nonce'): session['nonce'] = sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = set_config('ctf_name', ctf_name) ## CSS css = set_config('start', '') ## Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True ## Index page page = Pages( 'index', """<div class="container main-container"> <img class="logo" src="{0}/static/original/img/logo.png" /> <h3 class="text-center"> Welcome to a cool CTF framework written by <a href="https://github.com/ColdHeat">Kevin Chung</a> of <a href="https://github.com/isislab">@isislab</a> </h3> <h4 class="text-center"> <a href="{0}/admin">Click here</a> to login and setup your CTF </h4> </div>""".format(request.script_root)) #max attempts per challenge max_tries = set_config("max_tries", 0) ## Start time start = set_config('start', None) end = set_config('end', None) ## Challenges cannot be viewed by unregistered users view_challenges_unregistered = set_config( 'view_challenges_unregistered', None) ## Allow/Disallow registration prevent_registration = set_config('prevent_registration', None) ## Verify emails verify_emails = set_config('verify_emails', None) mail_server = set_config('mail_server', None) mail_port = set_config('mail_port', None) mail_tls = set_config('mail_tls', None) mail_ssl = set_config('mail_ssl', None) mail_username = set_config('mail_username', None) mail_password = set_config('mail_password', None) setup = set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not is_setup(): if not session.get('nonce'): session['nonce'] = sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = set_config('ctf_name', ctf_name) # CSS css = set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] section = Sections(0, 123) db.session.add(section) db.session.commit() team = Teams("admin", section.sectionNumber) db.session.add(team) db.session.commit() admin = Students(name, email, password, team.id, section.sectionNumber) admin.admin = True admin.banned = True # Index page page = Pages('index', """<div class="container main-container"> <img class="logo" src="{0}/static/original/img/logo.png" /> <h3 class="text-center"> Welcome to a cool CTF framework written by <a href="https://github.com/ColdHeat">Kevin Chung</a> of <a href="https://github.com/isislab">@isislab</a> <br> Modified for educational use by <a href="https://github.com/camgeehr">Cameron Geehr</a>, <a href="https://github.com/jaboyles">Jacob Boyles</a>, and <a href="https://github.com/bgoulds">Brian Gouldsberry</a> </h3> </div>""".format(request.script_root)) # max attempts per challenge max_tries = set_config("max_tries", 0) # Start time start = set_config('start', None) end = set_config('end', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = set_config('view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = set_config('prevent_registration', None) # Verify emails verify_emails = set_config('verify_emails', None) mail_server = set_config('mail_server', None) mail_port = set_config('mail_port', None) mail_tls = set_config('mail_tls', None) mail_ssl = set_config('mail_ssl', None) mail_username = set_config('mail_username', None) mail_password = set_config('mail_password', None) setup = set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce'), setup=True) return redirect(url_for('views.static_html'))
def admin_config(): if request.method == "POST": start = None end = None freeze = None if request.form.get('start'): start = int(request.form['start']) if request.form.get('end'): end = int(request.form['end']) if request.form.get('freeze'): freeze = int(request.form['freeze']) try: view_challenges_unregistered = bool(request.form.get('view_challenges_unregistered', None)) view_scoreboard_if_authed = bool(request.form.get('view_scoreboard_if_authed', None)) hide_scores = bool(request.form.get('hide_scores', None)) prevent_registration = bool(request.form.get('prevent_registration', None)) prevent_name_change = bool(request.form.get('prevent_name_change', None)) view_after_ctf = bool(request.form.get('view_after_ctf', None)) verify_emails = bool(request.form.get('verify_emails', None)) mail_tls = bool(request.form.get('mail_tls', None)) mail_ssl = bool(request.form.get('mail_ssl', None)) mail_useauth = bool(request.form.get('mail_useauth', None)) workshop_mode = bool(request.form.get('workshop_mode', None)) except (ValueError, TypeError): view_challenges_unregistered = None view_scoreboard_if_authed = None hide_scores = None prevent_registration = None prevent_name_change = None view_after_ctf = None verify_emails = None mail_tls = None mail_ssl = None mail_useauth = None workshop_mode = None finally: view_challenges_unregistered = utils.set_config('view_challenges_unregistered', view_challenges_unregistered) view_scoreboard_if_authed = utils.set_config('view_scoreboard_if_authed', view_scoreboard_if_authed) hide_scores = utils.set_config('hide_scores', hide_scores) prevent_registration = utils.set_config('prevent_registration', prevent_registration) prevent_name_change = utils.set_config('prevent_name_change', prevent_name_change) view_after_ctf = utils.set_config('view_after_ctf', view_after_ctf) verify_emails = utils.set_config('verify_emails', verify_emails) mail_tls = utils.set_config('mail_tls', mail_tls) mail_ssl = utils.set_config('mail_ssl', mail_ssl) mail_useauth = utils.set_config('mail_useauth', mail_useauth) workshop_mode = utils.set_config('workshop_mode', workshop_mode) mail_server = utils.set_config("mail_server", request.form.get('mail_server', None)) mail_port = utils.set_config("mail_port", request.form.get('mail_port', None)) if request.form.get('mail_useauth', None) and (request.form.get('mail_u', None) or request.form.get('mail_p', None)): if len(request.form.get('mail_u')) > 0: mail_username = utils.set_config("mail_username", request.form.get('mail_u', None)) if len(request.form.get('mail_p')) > 0: mail_password = utils.set_config("mail_password", request.form.get('mail_p', None)) elif request.form.get('mail_useauth', None) is None: utils.set_config("mail_username", None) utils.set_config("mail_password", None) ctf_name = utils.set_config("ctf_name", request.form.get('ctf_name', None)) ctf_theme = utils.set_config("ctf_theme", request.form.get('ctf_theme', None)) mailfrom_addr = utils.set_config("mailfrom_addr", request.form.get('mailfrom_addr', None)) mg_base_url = utils.set_config("mg_base_url", request.form.get('mg_base_url', None)) mg_api_key = utils.set_config("mg_api_key", request.form.get('mg_api_key', None)) db_freeze = utils.set_config("freeze", freeze) db_start = Config.query.filter_by(key='start').first() db_start.value = start db_end = Config.query.filter_by(key='end').first() db_end.value = end db.session.add(db_start) db.session.add(db_end) db.session.commit() db.session.close() with app.app_context(): cache.clear() return redirect(url_for('admin.admin_config')) with app.app_context(): cache.clear() ctf_name = utils.get_config('ctf_name') ctf_theme = utils.get_config('ctf_theme') hide_scores = utils.get_config('hide_scores') mail_server = utils.get_config('mail_server') mail_port = utils.get_config('mail_port') mail_username = utils.get_config('mail_username') mail_password = utils.get_config('mail_password') mailfrom_addr = utils.get_config('mailfrom_addr') mg_api_key = utils.get_config('mg_api_key') mg_base_url = utils.get_config('mg_base_url') view_after_ctf = utils.get_config('view_after_ctf') start = utils.get_config('start') end = utils.get_config('end') freeze = utils.get_config('freeze') mail_tls = utils.get_config('mail_tls') mail_ssl = utils.get_config('mail_ssl') mail_useauth = utils.get_config('mail_useauth') view_challenges_unregistered = utils.get_config('view_challenges_unregistered') view_scoreboard_if_authed = utils.get_config('view_scoreboard_if_authed') prevent_registration = utils.get_config('prevent_registration') prevent_name_change = utils.get_config('prevent_name_change') verify_emails = utils.get_config('verify_emails') workshop_mode = utils.get_config('workshop_mode') db.session.commit() db.session.close() themes = utils.get_themes() themes.remove(ctf_theme) return render_template('admin/config.html', ctf_name=ctf_name, ctf_theme_config=ctf_theme, start=start, end=end, freeze=freeze, hide_scores=hide_scores, mail_server=mail_server, mail_port=mail_port, mail_useauth=mail_useauth, mail_username=mail_username, mail_password=mail_password, mail_tls=mail_tls, mail_ssl=mail_ssl, view_challenges_unregistered=view_challenges_unregistered, view_scoreboard_if_authed=view_scoreboard_if_authed, prevent_registration=prevent_registration, mailfrom_addr=mailfrom_addr, mg_base_url=mg_base_url, mg_api_key=mg_api_key, prevent_name_change=prevent_name_change, verify_emails=verify_emails, view_after_ctf=view_after_ctf, themes=themes, workshop_mode=workshop_mode)
def admin_config(): if request.method == "POST": start = None end = None if request.form.get('start'): start = int(request.form['start']) if request.form.get('end'): end = int(request.form['end']) if end < unix_time(datetime.datetime.now()): end = None try: view_challenges_unregistered = bool( request.form.get('view_challenges_unregistered', None)) view_scoreboard_if_authed = bool( request.form.get('view_scoreboard_if_authed', None)) prevent_registration = bool( request.form.get('prevent_registration', None)) prevent_name_change = bool( request.form.get('prevent_name_change', None)) view_after_ctf = bool(request.form.get('view_after_ctf', None)) verify_emails = bool(request.form.get('verify_emails', None)) mail_tls = bool(request.form.get('mail_tls', None)) mail_ssl = bool(request.form.get('mail_ssl', None)) except (ValueError, TypeError): view_challenges_unregistered = None view_scoreboard_if_authed = None prevent_registration = None prevent_name_change = None view_after_ctf = None verify_emails = None mail_tls = None mail_ssl = None finally: view_challenges_unregistered = set_config( 'view_challenges_unregistered', view_challenges_unregistered) view_scoreboard_if_authed = set_config('view_scoreboard_if_authed', view_scoreboard_if_authed) prevent_registration = set_config('prevent_registration', prevent_registration) prevent_name_change = set_config('prevent_name_change', prevent_name_change) view_after_ctf = set_config('view_after_ctf', view_after_ctf) verify_emails = set_config('verify_emails', verify_emails) mail_tls = set_config('mail_tls', mail_tls) mail_ssl = set_config('mail_ssl', mail_ssl) mail_server = set_config("mail_server", request.form.get('mail_server', None)) mail_port = set_config("mail_port", request.form.get('mail_port', None)) mail_username = set_config("mail_username", request.form.get('mail_username', None)) mail_password = set_config("mail_password", request.form.get('mail_password', None)) ctf_name = set_config("ctf_name", request.form.get('ctf_name', None)) ctf_theme = set_config("ctf_theme", request.form.get('ctf_theme', None)) mailfrom_addr = set_config("mailfrom_addr", request.form.get('mailfrom_addr', None)) mg_base_url = set_config("mg_base_url", request.form.get('mg_base_url', None)) mg_api_key = set_config("mg_api_key", request.form.get('mg_api_key', None)) max_tries = set_config("max_tries", request.form.get('max_tries', None)) db_start = Config.query.filter_by(key='start').first() db_start.value = start db_end = Config.query.filter_by(key='end').first() db_end.value = end db.session.add(db_start) db.session.add(db_end) db.session.commit() db.session.close() with app.app_context(): cache.clear() return redirect(url_for('admin.admin_config')) with app.app_context(): cache.clear() ctf_name = get_config('ctf_name') ctf_theme = get_config('ctf_theme') max_tries = get_config('max_tries') mail_server = get_config('mail_server') mail_port = get_config('mail_port') mail_username = get_config('mail_username') mail_password = get_config('mail_password') mailfrom_addr = get_config('mailfrom_addr') mg_api_key = get_config('mg_api_key') mg_base_url = get_config('mg_base_url') if not max_tries: set_config('max_tries', 0) max_tries = 0 view_after_ctf = get_config('view_after_ctf') start = get_config('start') end = get_config('end') mail_tls = get_config('mail_tls') mail_ssl = get_config('mail_ssl') view_challenges_unregistered = get_config('view_challenges_unregistered') view_scoreboard_if_authed = get_config('view_scoreboard_if_authed') prevent_registration = get_config('prevent_registration') prevent_name_change = get_config('prevent_name_change') verify_emails = get_config('verify_emails') db.session.commit() db.session.close() months = [ 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December' ] curr_year = datetime.date.today().year start_days = 0 end_days = 0 if start: start = datetime.datetime.fromtimestamp(float(start)) start_days = calendar.monthrange(start.year, start.month)[1] if end: end = datetime.datetime.fromtimestamp(float(end)) end_days = calendar.monthrange(end.year, end.month)[1] themes = get_themes() themes.remove(ctf_theme) return render_template( 'admin/config.html', ctf_name=ctf_name, ctf_theme_config=ctf_theme, start=start, end=end, max_tries=max_tries, mail_server=mail_server, mail_port=mail_port, mail_username=mail_username, mail_password=mail_password, mail_tls=mail_tls, mail_ssl=mail_ssl, view_challenges_unregistered=view_challenges_unregistered, view_scoreboard_if_authed=view_scoreboard_if_authed, prevent_registration=prevent_registration, mailfrom_addr=mailfrom_addr, mg_base_url=mg_base_url, mg_api_key=mg_api_key, prevent_name_change=prevent_name_change, verify_emails=verify_emails, view_after_ctf=view_after_ctf, months=months, curr_year=curr_year, start_days=start_days, end_days=end_days, themes=themes)
def setup(): # with app.app_context(): # admin = Teams.query.filter_by(admin=True).first() if not utils.is_setup(): if not session.get('nonce'): session['nonce'] = utils.sha512(os.urandom(10)) if request.method == 'POST': ctf_name = request.form['ctf_name'] ctf_name = utils.set_config('ctf_name', ctf_name) # CSS css = utils.set_config('start', '') # Admin user name = request.form['name'] email = request.form['email'] password = request.form['password'] admin = Teams(name, email, password) admin.admin = True admin.banned = True # Index page page = Pages('index', """<div class="container main-container"> <img class="logo" src="themes/original/static/img/logo.png" /> <h3 class="text-center"> <p>A cool CTF platform from <a href="https://ctfd.io">ctfd.io</a></p> <p>Follow us on social media:</p> <a href="https://twitter.com/ctfdio"><i class="fa fa-twitter fa-2x" aria-hidden="true"></i></a> <a href="https://facebook.com/ctfdio"><i class="fa fa-facebook-official fa-2x" aria-hidden="true"></i></a> <a href="https://github.com/ctfd"><i class="fa fa-github fa-2x" aria-hidden="true"></i></a> </h3> <br> <h4 class="text-center"> <a href="admin">Click here</a> to login and setup your CTF </h4> </div>""".format(request.script_root)) # max attempts per challenge max_tries = utils.set_config('max_tries', 0) # Start time start = utils.set_config('start', None) end = utils.set_config('end', None) freeze = utils.set_config('freeze', None) # Challenges cannot be viewed by unregistered users view_challenges_unregistered = utils.set_config('view_challenges_unregistered', None) # Allow/Disallow registration prevent_registration = utils.set_config('prevent_registration', None) # Verify emails verify_emails = utils.set_config('verify_emails', None) mail_server = utils.set_config('mail_server', None) mail_port = utils.set_config('mail_port', None) mail_tls = utils.set_config('mail_tls', None) mail_ssl = utils.set_config('mail_ssl', None) mail_username = utils.set_config('mail_username', None) mail_password = utils.set_config('mail_password', None) setup = utils.set_config('setup', True) db.session.add(page) db.session.add(admin) db.session.commit() session['username'] = admin.name session['id'] = admin.id session['admin'] = admin.admin session['nonce'] = utils.sha512(os.urandom(10)) db.session.close() app.setup = False with app.app_context(): cache.clear() return redirect(url_for('views.static_html')) return render_template('setup.html', nonce=session.get('nonce')) return redirect(url_for('views.static_html'))