def admin_create_chal():
files = request.files.getlist('files[]')
# TODO: Expand to support multiple flags
flags = [{
'flag': request.form['key'],
'type': int(request.form['key_type[0]'])
}]
# Create challenge
chal = Challenges(request.form['name'], request.form['desc'],
request.form['value'], request.form['category'], flags)
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
db.session.add(chal)
db.session.commit()
for f in files:
upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin.admin_chals'))
def admin_files(chalid):
if request.method == 'GET':
files = Files.query.filter_by(chal=chalid).all()
json_data = {'files': []}
for x in files:
json_data['files'].append({'id': x.id, 'file': x.location})
return jsonify(json_data)
if request.method == 'POST':
if request.form['method'] == "delete":
f = Files.query.filter_by(id=request.form['file']).first_or_404()
upload_folder = os.path.join(app.root_path,
app.config['UPLOAD_FOLDER'])
if os.path.exists(
os.path.join(upload_folder, f.location)
): # Some kind of os.path.isfile issue on Windows...
os.unlink(os.path.join(upload_folder, f.location))
db.session.delete(f)
db.session.commit()
db.session.close()
return '1'
elif request.form['method'] == "upload":
files = request.files.getlist('files[]')
for f in files:
upload_file(file=f, chalid=chalid)
db.session.commit()
db.session.close()
return '1'
def create(request):
"""
This method is used to process the challege creation request.
:param request:
:return:
"""
chal = SmartCityChallenge(
name= request.form['name'],
description = request.form['description'],
value = request.form['value'],
buildingId = request.form['buildingId'],
type=request.form['type']
)
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
logger.debug("Genereted buildingId " + chal.buildingId + " for challenge " + chal.name)
db.session.add(chal)
db.session.commit()
def admin_files(chalid):
if request.method == 'GET':
files = Files.query.filter_by(chal=chalid).all()
json_data = {'files': [], 'file_generators': []}
for x in files:
if x.dynamic:
json_data['file_generators'].append({
'id': x.id,
'file': x.location
})
else:
json_data['files'].append({'id': x.id, 'file': x.location})
return jsonify(json_data)
if request.method == 'POST':
if request.form['method'] == "delete":
utils.delete_file(request.form['file'])
db.session.commit()
db.session.close()
return '1'
elif request.form['method'] == "upload":
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chalid)
file_generators = request.files.getlist('file_generators[]')
for g in file_generators:
utils.upload_file(file=g, chalid=chalid, isgenerator=True)
db.session.commit()
db.session.close()
return '1'
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
files = request.files.getlist('files[]')
# Create challenge
chal = Challenges(name=request.form['name'],
description=request.form['desc'],
value=request.form['value'],
category='Bonus Flags',
type=request.form['chaltype'])
chal.hidden = True
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
def admin_create_chal():
if request.method == 'POST':
files = request.files.getlist('files[]')
# Create challenge
chal = Challenges(request.form['name'], request.form['desc'],
request.form['value'], request.form['category'],
int(request.form['chaltype']))
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
db.session.add(chal)
db.session.flush()
flag = Keys(chal.id, request.form['key'],
int(request.form['key_type[0]']))
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin_challenges.admin_chals'))
else:
return render_template('admin/chals/create.html')
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
regex = simplify(request.form['regex'])
# Create challenge
chal = HashCrackKingChallenge(name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
hold=request.form['hold'],
regex=simplify(regex),
cycles=request.form['cycles'],
current_hash=None)
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
key = generate_key(regex, chal_id=chal.id)
chal.current_hash = get_hash(key)
logger.debug("Generated key '{}' for challenge '{}'".format(
key, chal.name))
db.session.add(chal)
db.session.commit()
def admin_create_chal():
files = request.files.getlist('files[]')
# TODO: Expand to support multiple flags
flags = [{
'flag': request.form['key'],
'type': int(request.form['key_type[0]'])
}]
if (request.form['prereq'] != ""):
prereq = Challenges.query.filter(
Challenges.name == request.form['prereq']).first()
prereq = prereq.id
else:
prereq = None
# Create challenge
chal = Challenges(request.form['name'], request.form['desc'],
request.form['value'], request.form['category'], flags,
request.form['level'], prereq)
'''if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False'''
db.session.add(chal)
db.session.commit()
for f in files:
upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin.admin_chals'))
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
# Create challenge
chal = AnonymousChallenge(
name=request.form['name'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
)
chal.hidden = True # The challenge should always be hidden
chal.max_attempts = 0 # Unlimited attempts for this type of challenge
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'],
'static') # request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
def admin_create_chal():
if request.method == 'POST':
files = request.files.getlist('files[]')
# Create challenge
chal = Challenges(request.form['name'], request.form['desc'], request.form['value'], request.form['category'], int(request.form['chaltype']))
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.flush()
flag = Keys(chal.id, request.form['key'], int(request.form['key_type[0]']))
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin_challenges.admin_chals'))
else:
return render_template('admin/chals/create.html')
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
files = request.files.getlist('files[]')
keys = {}
for i in range(len(request.form)):
key_name = 'key_name[{}]'.format(i)
key_sol = 'key_solution[{}]'.format(i)
key_type = 'key_type[{}]'.format(i)
if key_name in request.form:
keys[request.form[key_name]] = {
'key': request.form[key_sol],
'type': request.form[key_type]
}
else:
break
# Create challenge
chal = MultiQuestionChallengeModel(
name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'])
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
for key, value in keys.iteritems():
flag = Keys(chal.id, value['key'], value['type'])
flag.data = json.dumps({key: False})
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
def create(request):
"""
This method is used to process the challege creation request.
:param request:
:return:
"""
buildingList = []
for item in request.form:
if "buildingId" in item:
buildingList.append(request.form[item])
buildingListString = [str(x) for x in buildingList]
print(buildingListString)
files = request.files.getlist('files[]')
chal = SmartCityChallenge(name=request.form['name'],
category=request.form['category'],
description=request.form['description'],
value=request.form['value'],
buildingId=str(buildingListString),
soundId=request.form['soundId'],
type=request.form['chaltype'])
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
#logger.debug("Genereted buildingId " + chal.buildingId + " for challenge " + chal.name)
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
# Create challenge
chal = Challenges(
name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
penalty = request.form['penalty']
)
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
file_generators = request.files.getlist('file_generators[]')
for g in file_generators:
utils.upload_file(file=g, chalid=chal.id, isgenerator=True)
db.session.commit()
def admin_files(chalid):
if request.method == 'GET':
files = Files.query.filter_by(chal=chalid).all()
json_data = {'files': []}
for x in files:
json_data['files'].append({'id': x.id, 'file': x.location})
return jsonify(json_data)
if request.method == 'POST':
if request.form['method'] == "delete":
utils.delete_file(request.form['file'])
db.session.commit()
db.session.close()
return '1'
elif request.form['method'] == "upload":
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chalid)
db.session.commit()
db.session.close()
return '1'
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
# Create challenge
chal = CommunityChallengeModel(name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
owner=session['id'])
# Never hide Community challenges
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
files = request.files.getlist('files[]')
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
def admin_pages_media():
if request.method == 'POST':
files = request.files.getlist('files[]')
uploaded = []
for f in files:
data = utils.upload_file(file=f, chalid=None)
if data:
uploaded.append({'id': data[0], 'location': data[1]})
return jsonify({'results': uploaded})
elif request.method == 'DELETE':
file_ids = request.form.getlist('file_ids[]')
for file_id in file_ids:
utils.delete_file(file_id)
return True
else:
files = [{'id': f.id, 'location': f.location} for f in Files.query.filter_by(chal=None).all()]
return jsonify({'results': files})
def admin_pages_media():
if request.method == 'POST':
files = request.files.getlist('files[]')
uploaded = []
for f in files:
data = utils.upload_file(file=f, chalid=None)
if data:
uploaded.append({'id': data[0], 'location': data[1]})
return jsonify({'results': uploaded})
elif request.method == 'DELETE':
file_ids = request.form.getlist('file_ids[]')
for file_id in file_ids:
utils.delete_file(file_id)
return True
else:
files = [{'id': f.id, 'location': f.location} for f in Files.query.filter_by(chal=None).all()]
return jsonify({'results': files})
def admin_config():
if request.method == "POST":
start = None
end = None
freeze = None
if request.form.get('start'):
start = int(request.form['start'])
if request.form.get('end'):
end = int(request.form['end'])
if request.form.get('freeze'):
freeze = int(request.form['freeze'])
try:
# Set checkbox config values
view_challenges_unregistered = 'view_challenges_unregistered' in request.form
view_scoreboard_if_authed = 'view_scoreboard_if_authed' in request.form
hide_scores = 'hide_scores' in request.form
prevent_registration = 'prevent_registration' in request.form
prevent_name_change = 'prevent_name_change' in request.form
view_after_ctf = 'view_after_ctf' in request.form
verify_emails = 'verify_emails' in request.form
mail_tls = 'mail_tls' in request.form
mail_ssl = 'mail_ssl' in request.form
mail_useauth = 'mail_useauth' in request.form
workshop_mode = 'workshop_mode' in request.form
paused = 'paused' in request.form
finally:
utils.set_config('view_challenges_unregistered',
view_challenges_unregistered)
utils.set_config('view_scoreboard_if_authed',
view_scoreboard_if_authed)
utils.set_config('hide_scores', hide_scores)
utils.set_config('prevent_registration', prevent_registration)
utils.set_config('prevent_name_change', prevent_name_change)
utils.set_config('view_after_ctf', view_after_ctf)
utils.set_config('verify_emails', verify_emails)
utils.set_config('mail_tls', mail_tls)
utils.set_config('mail_ssl', mail_ssl)
utils.set_config('mail_useauth', mail_useauth)
utils.set_config('workshop_mode', workshop_mode)
utils.set_config('paused', paused)
utils.set_config("mail_server", request.form.get('mail_server', None))
utils.set_config("mail_port", request.form.get('mail_port', None))
if request.form.get('mail_useauth', None) and (request.form.get(
'mail_u', None) or request.form.get('mail_p', None)):
if len(request.form.get('mail_u')) > 0:
utils.set_config("mail_username",
request.form.get('mail_u', None))
if len(request.form.get('mail_p')) > 0:
utils.set_config("mail_password",
request.form.get('mail_p', None))
elif request.form.get('mail_useauth', None) is None:
utils.set_config("mail_username", None)
utils.set_config("mail_password", None)
if request.files.get('ctf_logo_file', None):
ctf_logo = request.files['ctf_logo_file']
file_id, file_loc = utils.upload_file(ctf_logo, None)
utils.set_config("ctf_logo", file_loc)
elif request.form.get('ctf_logo') == '':
utils.set_config("ctf_logo", None)
utils.set_config("ctf_name", request.form.get('ctf_name', None))
utils.set_config("ctf_theme", request.form.get('ctf_theme', None))
utils.set_config('css', request.form.get('css', None))
utils.set_config("mailfrom_addr",
request.form.get('mailfrom_addr', None))
utils.set_config("mg_base_url", request.form.get('mg_base_url', None))
utils.set_config("mg_api_key", request.form.get('mg_api_key', None))
utils.set_config("freeze", freeze)
db_start = Config.query.filter_by(key='start').first()
db_start.value = start
db_end = Config.query.filter_by(key='end').first()
db_end.value = end
db.session.add(db_start)
db.session.add(db_end)
db.session.commit()
db.session.close()
with app.app_context():
cache.clear()
return redirect(url_for('admin.admin_config'))
# Clear the cache so that we don't get stale values
cache.clear()
ctf_name = utils.get_config('ctf_name')
ctf_logo = utils.get_config('ctf_logo')
ctf_theme = utils.get_config('ctf_theme')
hide_scores = utils.get_config('hide_scores')
css = utils.get_config('css')
mail_server = utils.get_config('mail_server')
mail_port = utils.get_config('mail_port')
mail_username = utils.get_config('mail_username')
mail_password = utils.get_config('mail_password')
mailfrom_addr = utils.get_config('mailfrom_addr')
mg_api_key = utils.get_config('mg_api_key')
mg_base_url = utils.get_config('mg_base_url')
view_after_ctf = utils.get_config('view_after_ctf')
start = utils.get_config('start')
end = utils.get_config('end')
freeze = utils.get_config('freeze')
mail_tls = utils.get_config('mail_tls')
mail_ssl = utils.get_config('mail_ssl')
mail_useauth = utils.get_config('mail_useauth')
view_challenges_unregistered = utils.get_config(
'view_challenges_unregistered')
view_scoreboard_if_authed = utils.get_config('view_scoreboard_if_authed')
prevent_registration = utils.get_config('prevent_registration')
prevent_name_change = utils.get_config('prevent_name_change')
verify_emails = utils.get_config('verify_emails')
workshop_mode = utils.get_config('workshop_mode')
paused = utils.get_config('paused')
db.session.commit()
db.session.close()
themes = utils.get_themes()
themes.remove(ctf_theme)
return render_template(
'admin/config.html',
ctf_name=ctf_name,
ctf_logo=ctf_logo,
ctf_theme_config=ctf_theme,
css=css,
start=start,
end=end,
freeze=freeze,
hide_scores=hide_scores,
mail_server=mail_server,
mail_port=mail_port,
mail_useauth=mail_useauth,
mail_username=mail_username,
mail_password=mail_password,
mail_tls=mail_tls,
mail_ssl=mail_ssl,
view_challenges_unregistered=view_challenges_unregistered,
view_scoreboard_if_authed=view_scoreboard_if_authed,
prevent_registration=prevent_registration,
mailfrom_addr=mailfrom_addr,
mg_base_url=mg_base_url,
mg_api_key=mg_api_key,
prevent_name_change=prevent_name_change,
verify_emails=verify_emails,
view_after_ctf=view_after_ctf,
themes=themes,
workshop_mode=workshop_mode,
paused=paused)
def create(request):
"""
This method is used to process the challenge creation request.
:param request:
:return:
"""
files = request.files.getlist('files[]')
# Liste de tuples de 3 éléments :
# - solution (le flag à trouver)
# - type ("static" ou "regex")
# - data (JSON string)
keys = []
index_key = 0
while ('key_solution[%s]' % index_key) in request.form:
key_solution = request.form['key_solution[%s]' % index_key]
if key_solution:
key_type = request.form.get('key_type[%s]' % index_key, '')
if key_type not in ('static', 'regex'):
key_type = 'static'
award = request.form.get('award_interm[%s]' % index_key, 0)
try:
award = int(award)
except ValueError:
award = 0
congrat_msg = request.form.get('congrat_msg[%s]' % index_key,
'')
congrat_img_url = request.form.get(
'congrat_img_url[%s]' % index_key, '')
doc_filename = request.form.get('doc_filename[%s]' % index_key,
'')
is_public = request.form.get('public[%s]' % index_key,
'') == 'yes'
cancel_score = request.form.get('cancel_score[%s]' % index_key,
'') == 'yes'
key_data = {
'congrat_msg': congrat_msg,
'congrat_img_url': congrat_img_url,
'doc_filename': doc_filename,
'award': award,
'public': is_public,
'cancel_score': cancel_score,
}
key_data = json.dumps(key_data)
key_infos = (key_solution, key_type, key_data)
keys.append(key_infos)
index_key += 1
# Create challenge
chal = IntermediateFlagChallengeModel(
name=request.form['name'],
description=request.form['description'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'])
chal.hidden = 'hidden' in request.form
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.commit()
for key_solution, key_type, key_data in keys:
record_key = Keys(chal.id, key_solution, key_type)
record_key.data = key_data
db.session.add(record_key)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
def import_challenges(in_file, dst_attachments, exit_on_error=True, move=False):
from CTFd.models import db, Challenges, Keys, Tags, Files, Hints, Unlocks
with open(in_file, 'r') as in_stream:
chals = yaml.safe_load_all(in_stream)
for chal in chals:
# ensure all required fields are present before adding or updating a challenge
try:
validate_yaml(chal)
except MissingFieldError as err:
if exit_on_error:
raise
else:
print "Skipping challenge: " + str(err)
continue
# if the challenge already exists, update it
chal_db = Challenges.query.filter_by(name=chal['name']).first()
if chal_db is not None:
print "Updating {}".format(chal['name'].encode('utf8'))
chal_db.description = chal['description']
chal_db.value = chal['value']
chal_db.category = chal['category']
else:
print "Adding {}".format(chal['name'].encode('utf8'))
chal_db = Challenges(
chal['name'],
chal['description'],
chal['value'],
chal['category'])
chal_db.type = chal['type']
chal_db.hidden = chal['hidden']
db.session.add(chal_db)
db.session.commit()
# delete all tags and re-add them
Tags.query.filter_by(chal=chal_db.id).delete()
for tag in chal['tags']:
tag_dbobj = Tags(chal_db.id, tag)
db.session.add(tag_dbobj)
# delete all flags and re-add them
Keys.query.filter_by(chal=chal_db.id).delete()
for flag in chal['flags']:
flag_db = Keys(chal_db.id, flag['flag'], flag['type'])
db.session.add(flag_db)
# delete or update existing hints
hints = {h['id']: h for h in chal['hints']}
hints_db = Hints.query.filter_by(chal=chal_db.id).all()
for hint_db in hints_db:
if hint_db.type in hints:
# the hint is being updated
hint_db.hint = hints[hint_db.type]['hint']
hint_db.cost = hints[hint_db.type]['cost']
del hints[hint_db.type]
else:
# the hint is being deleted - delete the hint and any related unlocks
print " Removing hint {:d}".format(hint_db.type)
Unlocks.query.filter_by(model='hints', itemid=hint_db.id).delete()
Hints.query.filter_by(id=hint_db.id).delete()
# add new hints
for hint in hints.values():
print " Adding hint {:d}".format(hint['id'])
hint_db = Hints(chal_db.id, hint['hint'], cost=hint['cost'], type=hint['id'])
db.session.add(hint_db)
# hash and compare existing files with the new uploaded files
hashes_db = {}
files_db = Files.query.filter_by(chal=chal_db.id).all()
for file_db in files_db:
with open(os.path.join(dst_attachments, file_db.location), 'rb') as f:
h = hashlib.md5(f.read()).digest()
hashes_db[h] = file_db
to_upload = []
for file in chal['files']:
path = os.path.join(os.path.dirname(in_file), file)
with open(path, "rb") as f:
h = hashlib.md5(f.read()).digest()
if h in hashes_db and os.path.basename(file) == os.path.basename(hashes_db[h].location):
# the file is up to date
del hashes_db[h]
else:
# the file has changed name or content
to_upload.append(path)
# remove out of date files and add new uploads
for file_db in hashes_db.values():
print " Removing file {}".format(file_db.location)
utils.delete_file(file_db.id)
for path in to_upload:
basename = os.path.basename(path)
print " Adding file {}".format(basename)
with open(path, "rb") as f:
f = FileStorage(stream=f, filename=basename)
utils.upload_file(file=f, chalid=chal_db.id)
if move:
os.unlink(path)
db.session.commit()
db.session.commit()
db.session.close()
def admin_create_chal():
if request.method == 'POST':
print("[DEBUG] Post request sent to my modified admin_create_chal")
files = request.files.getlist('files[]')
# Create challenge
chal = Challenges(
name=request.form['name'],
description=request.form['desc'],
value=request.form['value'],
category=request.form['category'],
type=request.form['chaltype'],
)
if 'hidden' in request.form:
chal.hidden = True
else:
chal.hidden = False
max_attempts = request.form.get('max_attempts')
if max_attempts and max_attempts.isdigit():
chal.max_attempts = int(max_attempts)
db.session.add(chal)
db.session.flush()
# This if added by me
print("[DEBUG] chal.id: " + str(chal.id))
if chal.type == 'ethereum':
solidity = request.form['solidity']
test_func = request.form['test_func']
args = request.form['args']
starting_ether = request.form['starting-ether']
flag = request.form['key']
print("[DEBUG] Type is ethereum!")
if ethereumctf.compile_contract(str(chal.id), solidity,
test_func,
ast.literal_eval(args),
starting_ether, flag):
print("[DEBUG] successful compile!")
else:
db.session.rollback()
print("[DEBUG] failed compile")
return redirect(
url_for('admin_challenges.admin_create_chal')
) # TODO: Fail better
db.session.commit()
flag = Keys(chal.id, request.form['key'],
int(request.form['key_type[0]']))
if request.form.get('keydata'):
flag.data = request.form.get('keydata')
db.session.add(flag)
db.session.commit()
for f in files:
utils.upload_file(file=f, chalid=chal.id)
db.session.commit()
db.session.close()
return redirect(url_for('admin_challenges.admin_chals'))
else:
return render_template('admin/chals/create.html')
