def __init__(self):
     runtimeconfig_client = runtimeconfig.Client()
     myconfig = runtimeconfig_client.config('cybergym')
     mysql_password = myconfig.get_variable('sql_password').value.decode(
         "utf-8")
     mysql_ip = myconfig.get_variable('sql_ip').value.decode("utf-8")
     self.dbcon = pymysql.connect(host=mysql_ip,
                                  user="******",
                                  password=mysql_password,
                                  db='cybergym',
                                  charset='utf8mb4')
def get_project_attributes() -> Dict[str, str]:
    """Gets the directory of custom metadata values for this project
    from the Runtime Configuration API.
    """
    result = {}
    config_client = runtimeconfig.Client()
    config: Config = config_client.config('app-production')
    list_variables = config.list_variables()
    for variable in list_variables:
        variable.reload()
        result[variable.name] = variable.value.decode('utf-8')
    return result
示例#3
0
文件: main.py 项目: pdhuff/cpsc4387
def cloud_fn_stop_all_servers(event, context):
    """
    Simply stops all servers in the project. This is meant to run periodically to prevent servers from running
    constantly
    :param event: No data is passed to this function
    :param context: No data is passed to this function
    :return:
    """
    runtimeconfig_client = runtimeconfig.Client()
    myconfig = runtimeconfig_client.config('cybergym')
    project = myconfig.get_variable('project').value.decode("utf-8")
    region = myconfig.get_variable('region').value.decode("utf-8")
    zone = myconfig.get_variable('zone').value.decode("utf-8")

    compute = googleapiclient.discovery.build('compute', 'v1')
    result = compute.instances().list(project=project, zone=zone).execute()
    if 'items' in result:
        for vm_instance in result['items']:
            compute.instances().stop(project=project,
                                     zone=zone,
                                     instance=vm_instance["name"]).execute()
示例#4
0
import base64 as b64
import random
import requests

from caesarcipher import CaesarCipher
from google.cloud import datastore, runtimeconfig
from hashlib import md5

# Project Globals
ds_client = datastore.Client()
runtimeconfig_client = runtimeconfig.Client()
myconfig = runtimeconfig_client.config('cybergym')
project = myconfig.get_variable('project').value.decode("utf-8")
dns_suffix = myconfig.get_variable('dns_suffix').value.decode("utf-8")


def publish_status(workout_id, workout_key):
    URL = f'https://buildthewarrior{dns_suffix}/complete'

    status = {
        "workout_id": workout_id,
        "token": workout_key,
    }

    publish = requests.post(URL, json=status)
    print('[*] POSTING to {} ...'.format(URL))
    print(publish)


'''
    ########### Johnny Hash: MD5 CTF ############## 
示例#5
0
def _get_runtime_config() -> Config:
    runtime_config_client = runtimeconfig.Client()
    return runtime_config_client.config(environ.get("RUNTIME_CONFIG_NAME"))
示例#6
0
def nvd_update():
    """
    Instantiated by cloud function to keep the CVEs current in the cloud SQL database
    """
    g_logger = log_client.logger("nvd_update")
    runtimeconfig_client = runtimeconfig.Client()
    myconfig = runtimeconfig_client.config('cybergym')
    mysql_password = myconfig.get_variable('sql_password').value.decode(
        "utf-8")
    mysql_ip = myconfig.get_variable('sql_ip').value.decode("utf-8")

    dbcon = pymysql.connect(host=mysql_ip,
                            user="******",
                            password=mysql_password,
                            db='cybergym',
                            charset='utf8mb4')
    dbcur = dbcon.cursor()

    setup_required = test_and_create_nvd_table(dbcon)

    sql_insert_vuln = """
                    INSERT IGNORE INTO nvd_data (cve_id, vendor, product, attack_vector, complexity, 
                    priv, ui, confidentiality, integrity, availability, description)
                    VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)
                    """

    if setup_required:
        g_logger.log_text(
            f"Initializing NVD data with current year of vulnerabilities")
        today = datetime.today()
        url = f"https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-{today.year}.json.gz"
    else:
        g_logger.log_text(f"Adding new recent vulnerabilities")
        url = "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-recent.json.gz"
    ssl._create_default_https_context = ssl._create_unverified_context
    local_filename = urllib.request.urlretrieve(url)
    json_feed = json.loads(gzip.open(local_filename[0]).read())
    print("Processing ", local_filename)
    for cve in json_feed["CVE_Items"]:
        try:
            if len(cve['configurations']['nodes']) > 0:
                if len(cve['configurations']['nodes'][0]['cpe_match']) > 0:
                    cpe = cve['configurations']['nodes'][0]['cpe_match'][0]
                    cpe_parts = cpe['cpe23Uri'].split(':')
                    cpe_vendor = cpe_parts[3]
                    cpe_product = cpe_parts[4]
                    cve_id = cve["cve"]["CVE_data_meta"]["ID"]
                    cwe = cve['cve']['problemtype']['problemtype_data'][0][
                        'description'][0]['value']
                    cvss = cve["impact"]["baseMetricV3"]["cvssV3"]
                    attack_vector = cvss["attackVector"]
                    complexity = cvss["attackComplexity"]
                    priv = cvss["privilegesRequired"]
                    ui = cvss["userInteraction"]
                    confidentiality = cvss["confidentialityImpact"]
                    integrity = cvss["integrityImpact"]
                    availability = cvss["availabilityImpact"]
                    vuln_description = dbcon.escape(
                        cve["cve"]["description"]["description_data"][0]
                        ["value"])

                    vuln_args = (cve_id, cpe_vendor, cpe_product,
                                 attack_vector, complexity, priv, ui,
                                 confidentiality, integrity, availability,
                                 vuln_description)
                    dbcur.execute(sql_insert_vuln, vuln_args)
        except KeyError:
            pass
    dbcon.commit()