def post(self, *args, **kwargs):
if options.team_sharing:
""" Creates a new text share """
name = self.get_argument("name", "")
content = self.get_argument("content", "")
user = self.get_current_user()
if 0 < len(name) and 0 < len(content):
teams = []
if user.is_admin():
teamval = self.get_argument("team_uuid", "")
if teamval == "all":
teams = Team.all()
elif teamval != "":
teams = [Team.by_uuid(teamval)]
else:
teams = [user.team]
for team in teams:
paste = PasteBin(team_id=team.id)
paste.name = name
paste.contents = content
self.dbsession.add(paste)
self.event_manager.team_paste_shared(user, team, paste)
self.dbsession.commit()
if user.is_admin():
self.redirect("/admin/view/pastebin")
else:
self.redirect("/user/share/pastebin")
else:
self.render(
"pastebin/create.html",
errors=["Missing name or content"],
user=user,
)
else:
self.redirect("/404")
def now(self, app):
''' Returns the current game state '''
game_state = {}
for team in Team.all():
if len(team.members) > 0:
millis = int(round(time.time() * 1000))
game_state[team.name] = {
'uuid': team.uuid,
'flags': [str(flag) for flag in team.flags],
'game_levels': [str(lvl) for lvl in team.game_levels],
}
highlights = {'money': 0, 'flag': 0, 'bot': 0, 'hint': 0}
for item in highlights:
value = team.get_score(item)
game_state[team.name][item] = value
game_history = app.settings['scoreboard_history']
if team.name in game_history:
prev = game_history[team.name][item]
if prev < value:
highlights[item] = millis
else:
highlights[item] = game_history[team.name]['highlights'][item]
highlights['now'] = millis
game_state[team.name]['highlights'] = highlights
app.settings['scoreboard_history'][team.name] = game_state.get(team.name)
return json.dumps(game_state)
def get_new_avatar(dir, forceteam=False):
avatar = default_avatar(dir)
avatars = filter_avatars(dir)
if len(avatars) == 0:
return avatar
if dir == "team" or forceteam:
from models.Team import Team
cmplist = Team.all()
elif dir == "user":
from models.User import User
cmplist = User.all()
else:
from models.Box import Box
cmplist = Box.all()
dblist = []
for item in cmplist:
if item._avatar:
dblist.append(item._avatar)
for image in avatars:
if not image in dblist:
return image
return avatars[randint(0, len(avatars) - 1)]
def score_bots():
''' Award money for botnets '''
logging.info("Scoring botnets, please wait ...")
bot_manager = BotManager.instance()
for team in Team.all():
bots = bot_manager.by_team(team.name)
reward = 0
for bot in bots:
try:
reward += options.bot_reward
bot.write_message({
'opcode': 'status',
'message': 'Collected $%d reward' % options.bot_reward
})
except:
logging.info(
"Bot at %s failed to respond to score ping" % bot.remote_ip
)
if 0 < len(bots):
logging.info("%s was awarded $%d for controlling %s bot(s)" % (
team.name, reward, len(bots),
))
bot_manager.add_rewards(team.name, options.bot_reward)
bot_manager.notify_monitors(team.name)
team.money += reward
dbsession.add(team)
dbsession.flush()
dbsession.commit()
def ls(self):
current_user = self.get_current_user()
if self.get_argument('data').lower() == 'accounts':
data = {}
for team in Team.all():
if team == current_user.team:
continue
else:
data[team.name] = {
'money': team.money,
'flags': len(team.flags),
'bots': team.bot_count,
}
self.write({'accounts': data})
elif self.get_argument('data').lower() == 'users':
data = {}
target_users = User.not_team(current_user.team.id)
for user in target_users:
data[user.handle] = {
'account': user.team.name,
'algorithm': user.algorithm,
'password': user.bank_password,
}
self.write({'users': data})
else:
self.write({'Error': 'Invalid data type'})
self.finish()
def ls(self):
current_user = self.get_current_user()
if self.get_argument("data", "").lower() == "accounts":
data = {}
for team in Team.all():
if team == current_user.team:
continue
else:
data[team.name] = {
"money": team.money,
"flags": len(team.flags),
"bots": team.bot_count,
}
self.write({"accounts": data})
elif self.get_argument("data", "").lower() == "users":
data = {}
target_users = User.not_team(current_user.team.id)
for user in target_users:
data[user.handle] = {
"account": user.team.name,
"algorithm": user.algorithm,
"password": user.bank_password,
}
self.write({"users": data})
else:
self.write({"Error": "Invalid data type"})
self.finish()
def now(self, app):
""" Returns the current game state """
game_state = {}
for team in Team.all():
if len(team.members) > 0:
millis = int(round(time.time() * 1000))
game_state[team.name] = {
"uuid": team.uuid,
"flags": [str(flag) for flag in team.flags],
"game_levels": [str(lvl) for lvl in team.game_levels],
}
highlights = {"money": 0, "flag": 0, "bot": 0, "hint": 0}
for item in highlights:
value = team.get_score(item)
game_state[team.name][item] = value
game_history = app.settings["scoreboard_history"]
if team.name in game_history:
prev = game_history[team.name][item]
if prev < value:
highlights[item] = millis
else:
highlights[item] = game_history[
team.name]["highlights"][item]
highlights["now"] = millis
game_state[team.name]["highlights"] = highlights
app.settings["scoreboard_history"][team.name] = game_state.get(
team.name)
return json.dumps(game_state)
def post(self, *args, **kwargs):
'''
Reset the Game
'''
errors = []
success = None
try:
users = User.all()
for user in users:
user.money = 0
teams = Team.all()
for team in teams:
if options.banking:
team.money = options.starting_team_money
else:
team.money = 0
team.flags = []
team.hints = []
team.boxes = []
team.items = []
team.purchased_source_code = []
level_0 = GameLevel.by_number(0)
if not level_0:
level_0 = GameLevel.all()[0]
team.game_levels = [level_0]
self.dbsession.add(team)
self.dbsession.commit()
self.dbsession.flush()
for team in teams:
for paste in team.pastes:
self.dbsession.delete(paste)
for shared_file in team.files:
shared_file.delete_data()
self.dbsession.delete(shared_file)
self.dbsession.commit()
self.dbsession.flush()
Penalty.clear()
Notification.clear()
snapshot = Snapshot.all()
for snap in snapshot:
self.dbsession.delete(snap)
self.dbsession.commit()
snapshot_team = SnapshotTeam.all()
for snap in snapshot_team:
self.dbsession.delete(snap)
self.dbsession.commit()
game_history = GameHistory.instance()
game_history.take_snapshot() # Take starting snapshot
flags = Flag.all()
for flag in flags:
flag.value = flag._original_value if flag._original_value else flag.value
self.dbsession.add(flag)
self.dbsession.commit()
self.dbsession.flush()
success = "Successfully Reset Game"
self.render('admin/reset.html', success=success, errors=errors)
except BaseException as e:
errors.append("Failed to Reset Game")
logging.error(str(e))
self.render('admin/reset.html', success=None, errors=errors)
def score_bots():
''' Award money for botnets '''
logging.info("Scoring botnets, please wait ...")
bot_manager = BotManager.instance()
for team in Team.all():
if len(team.members) > 0:
bots = bot_manager.by_team(team.name)
reward = 0
for bot in bots:
try:
reward += options.bot_reward
bot.write_message({
'opcode':
'status',
'message':
'Collected $%d reward' % options.bot_reward
})
except:
logging.info("Bot at %s failed to respond to score ping" %
bot.remote_ip)
if 0 < len(bots):
logging.info("%s was awarded $%d for controlling %s bot(s)" % (
team.name,
reward,
len(bots),
))
bot_manager.add_rewards(team.name, options.bot_reward)
bot_manager.notify_monitors(team.name)
team.money += reward
dbsession.add(team)
dbsession.flush()
dbsession.commit()
def ls(self):
current_user = self.get_current_user()
if self.get_argument('data').lower() == 'accounts':
data = {}
for team in Team.all():
if team == current_user.team:
continue
else:
data[team.name] = {
'money': team.money,
'flags': len(team.flags),
'bots': team.bot_count,
}
self.write({'accounts': data})
elif self.get_argument('data').lower() == 'users':
data = {}
target_users = User.not_team(current_user.team.id)
for user in target_users:
data[user.handle] = {
'account': user.team.name,
'algorithm': user.algorithm,
'password': user.bank_password,
}
self.write({'users': data})
else:
self.write({'Error': 'Invalid data type'})
self.finish()
def now(self):
''' Returns the current game state '''
game_state = {}
for team in Team.all():
game_state[team.name] = {
'money': team.money,
'flags': [str(flag) for flag in team.flags],
'game_levels': [str(lvl) for lvl in team.game_levels],
}
return json.dumps(game_state)
def now(self):
''' Returns the current game state '''
game_state = {}
for team in Team.all():
game_state[team.name] = {
'money': team.money,
'flags': [str(flag) for flag in team.flags],
'game_levels': [str(lvl) for lvl in team.game_levels],
}
return json.dumps(game_state)
def now(self):
""" Returns the current game state """
game_state = {}
for team in Team.all():
game_state[team.name] = {
"money": team.money,
"flags": [str(flag) for flag in team.flags],
"game_levels": [str(lvl) for lvl in team.game_levels],
}
return json.dumps(game_state)
def existing_avatars(dir):
avatars = []
if dir == "team":
from models.Team import Team
teams = Team.all()
for team in teams:
if team.avatar is not None and len(team.members) > 0:
avatars.append(team.avatar)
else:
from models.User import User
users = User.all()
for user in users:
if user.avatar is not None:
avatars.append(user.avatar)
return avatars
def existing_avatars(dir):
avatars = []
if dir == "team":
from models.Team import Team
teams = Team.all()
for team in teams:
if team.avatar is not None and len(team.members) > 0:
avatars.append(team.avatar)
else:
from models.User import User
users = User.all()
for user in users:
if user.avatar is not None:
avatars.append(user.avatar)
return avatars
def __now__(self):
''' Returns snapshot object it as a dict '''
snapshot = Snapshot()
bot_manager = BotManager.instance()
#self.dbsession = DBSession()
for team in Team.all():
snapshot_team = SnapshotTeam(team_id=team.id,
money=team.money,
bots=bot_manager.count_by_team(team))
snapshot_team.game_levels = team.game_levels
snapshot_team.flags = team.flags
self.dbsession.add(snapshot_team)
self.dbsession.flush()
snapshot.teams.append(snapshot_team)
self.dbsession.add(snapshot)
self.dbsession.commit()
return snapshot
def post(self, *args, **kwargs):
if options.team_sharing:
""" Shit form validation """
user = self.get_current_user()
self.errors = []
shares = []
if user.team:
shares = user.team.files
if hasattr(self.request, "files"):
teams = []
if user.is_admin():
teamval = self.get_argument("team_uuid", "")
if teamval == "all":
teams = Team.all()
elif teamval != "":
teams = [Team.by_uuid(teamval)]
shares = Team.by_uuid(teamval).files
else:
teams = [user.team]
for team in teams:
for shared_file in self.request.files[
"files"][:MAX_UPLOADS]:
file_upload = self.create_file(team, shared_file)
if file_upload is not None:
self.event_manager.team_file_shared(
user, team, file_upload)
if not len(self.errors):
if user.is_admin():
self.redirect("/admin/view/fileshare")
else:
self.redirect("/user/share/files")
else:
self.render(
"file_upload/shared_files.html",
errors=self.errors,
shares=shares,
)
else:
self.render(
"file_upload/shared_files.html",
errors=["No files in request"],
shares=shares,
)
else:
self.redirect("/404")
def post(self, *args, **kwargs):
try:
group = self.get_argument('team_uuid', 'all')
if group == 'all':
teams = Team.all()
for team in teams:
team.money += int(self.get_argument('money', 0))
self.dbsession.add(team)
else:
team = Team.by_uuid(group)
team.money += int(self.get_argument('money', 0))
self.dbsession.add(team)
self.dbsession.commit()
self.redirect('/admin/users')
except ValidationError as error:
self.render('admin/view/users.html', errors=[
str(error),
])
def post(self, *args, **kwargs):
try:
group = self.get_argument("team_uuid", "all")
message = self.get_argument("message", "")
value = int(self.get_argument("money", 0))
if group == "all":
teams = Team.all()
for team in teams:
team.money += value
self.dbsession.add(team)
else:
team = Team.by_uuid(group)
team.money += value
self.dbsession.add(team)
self.dbsession.commit()
self.event_manager.admin_score_update(team, message, value)
self.redirect("/admin/users")
except ValidationError as error:
self.render("admin/view/users.html", errors=[str(error)])
def __now__(self):
''' Returns snapshot object it as a dict '''
snapshot = Snapshot()
bot_manager = BotManager.instance()
#self.dbsession = DBSession()
for team in Team.all():
snapshot_team = SnapshotTeam(
team_id=team.id,
money=team.money,
bots=bot_manager.count_by_team(team)
)
snapshot_team.game_levels = team.game_levels
snapshot_team.flags = team.flags
self.dbsession.add(snapshot_team)
self.dbsession.flush()
snapshot.teams.append(snapshot_team)
self.dbsession.add(snapshot)
self.dbsession.commit()
return snapshot
def post(self, *args, **kwargs):
try:
group = self.get_argument('team_uuid', 'all')
message = self.get_argument('message', '')
value = int(self.get_argument('money', 0))
if group == 'all':
teams = Team.all()
for team in teams:
team.money += value
self.dbsession.add(team)
self.event_manager.admin_score_update(team, message, value)
else:
team = Team.by_uuid(group)
team.money += value
self.dbsession.add(team)
self.event_manager.admin_score_update(team, message, value)
self.dbsession.commit()
self.redirect('/admin/users')
except ValidationError as error:
self.render('admin/view/users.html', errors=[
str(error),
])
def post(self, *args, **kwargs):
try:
group = self.get_argument('team_uuid', 'all')
message = self.get_argument('message', '')
value = int(self.get_argument('money', 0))
if group == 'all':
teams = Team.all()
for team in teams:
team.money += value
self.dbsession.add(team)
self.event_manager.admin_score_update(team, message, value)
else:
team = Team.by_uuid(group)
team.money += value
self.dbsession.add(team)
self.event_manager.admin_score_update(team, message, value)
self.dbsession.commit()
self.redirect('/admin/users')
except ValidationError as error:
self.render('admin/view/users.html',
errors=[str(error), ]
)
def get_new_avatar(dir, forceteam=False):
avatar = default_avatar(dir)
avatars = filter_avatars(dir)
if len(avatars) == 0:
return avatar
if dir == 'team' or forceteam:
from models.Team import Team
cmplist = Team.all()
elif dir == 'user':
from models.User import User
cmplist = User.all()
else:
from models.Box import Box
cmplist = Box.all()
dblist = []
for item in cmplist:
if item._avatar:
dblist.append(item._avatar)
for image in avatars:
if not image in dblist:
return image
return avatars[randint(0, len(avatars)-1)]
def score_bots():
""" Award money for botnets """
logging.info("Scoring botnets, please wait ...")
bot_manager = BotManager.instance()
config = ConfigManager.instance()
for team in Team.all():
bots = bot_manager.by_team(team.name)
reward = 0
for bot in bots:
try:
reward += config.bot_reward
bot.write_message({"opcode": "status", "message": "Collected $%d reward" % config.bot_reward})
except:
logging.info("Bot at %s failed to respond to score ping" % bot.remote_ip)
if 0 < len(bots):
logging.info("%s was awarded $%d for controlling %s bot(s)" % (team.name, reward, len(bots)))
bot_manager.add_rewards(team.name, config.bot_reward)
bot_manager.notify_monitors(team.name)
team.money += reward
dbsession.add(team)
dbsession.flush()
dbsession.commit()
def score_bots():
""" Award money for botnets """
logging.info("Scoring botnets, please wait ...")
bot_manager = BotManager.instance()
event_manager = EventManager.instance()
for team in Team.all():
if len(team.members) > 0:
bots = bot_manager.by_team(team.name)
if 0 < len(bots):
reward = 0
for bot in bots:
try:
reward += options.bot_reward
bot.write_message({
"opcode":
"status",
"message":
"Collected $%d reward" % options.bot_reward,
})
except:
logging.info(
"Bot at %s failed to respond to score ping" %
bot.remote_ip)
message = "%s was awarded $%d for controlling %s bot(s)" % (
team.name,
reward,
len(bots),
)
bot_manager.add_rewards(team.name, options.bot_reward)
bot_manager.notify_monitors(team.name)
team.money += reward
dbsession.add(team)
dbsession.flush()
event_manager.bot_scored(team, message)
dbsession.commit()
def post(self, *args, **kwargs):
"""
Reset the Game
"""
errors = []
success = None
try:
users = User.all()
for user in users:
user.money = 0
teams = Team.all()
for team in teams:
if options.banking:
team.money = options.starting_team_money
else:
team.money = 0
team.flags = []
team.hints = []
team.boxes = []
team.items = []
team.purchased_source_code = []
level_0 = GameLevel.by_number(0)
if not level_0:
level_0 = GameLevel.all()[0]
team.game_levels = [level_0]
self.dbsession.add(team)
self.dbsession.commit()
self.dbsession.flush()
for team in teams:
for paste in team.pastes:
self.dbsession.delete(paste)
for shared_file in team.files:
shared_file.delete_data()
self.dbsession.delete(shared_file)
self.dbsession.commit()
self.dbsession.flush()
Penalty.clear()
Notification.clear()
snapshot = Snapshot.all()
for snap in snapshot:
self.dbsession.delete(snap)
self.dbsession.commit()
snapshot_team = SnapshotTeam.all()
for snap in snapshot_team:
self.dbsession.delete(snap)
self.dbsession.commit()
game_history = GameHistory.instance()
game_history.take_snapshot() # Take starting snapshot
flags = Flag.all()
for flag in flags:
# flag.value = flag.value allows a fallback to when original_value was used
# Allows for the flag value to be reset if dynamic scoring was used
# Can be removed after depreciation timeframe
flag.value = flag.value
self.dbsession.add(flag)
self.dbsession.commit()
self.dbsession.flush()
self.event_manager.push_score_update()
self.flush_memcached()
success = "Successfully Reset Game"
self.render("admin/reset.html", success=success, errors=errors)
except BaseException as e:
errors.append("Failed to Reset Game")
logging.error(str(e))
self.render("admin/reset.html", success=None, errors=errors)
def post(self, *args, **kwargs):
game_objects = {
"game_level": GameLevel,
"corporation": Corporation,
"flag": Flag,
"box": Box,
"hint": Hint,
}
obj_name = self.get_argument("obj", "")
uuid = self.get_argument("uuid", "")
if obj_name in game_objects.keys():
obj = game_objects[obj_name].by_uuid(uuid)
if obj is not None:
self.write(obj.to_dict())
else:
self.write({"Error": "Invalid uuid."})
elif obj_name == "stats":
flag = Flag.by_uuid(uuid)
if flag is not None:
if options.banking:
price = "$" + str(flag.value)
else:
price = str(flag.value) + " points"
flaginfo = [
{
"name": flag.name,
"description": flag.description,
"token": flag.token,
"price": price,
}
]
captures = []
for item in Flag.captures(flag.id):
team = Team.by_id(item[0])
if team:
captures.append({"name": team.name})
attempts = self.attempts(flag)
hints = []
for item in Hint.taken_by_flag(flag.id):
team = Team.by_id(item.team_id)
hint = Hint.by_id(item.hint_id)
if team:
if options.banking:
price = "$" + str(hint.price)
else:
price = str(hint.price) + " points"
hints.append({"name": team.name, "price": price})
obj = {
"flag": flaginfo,
"captures": captures,
"attempts": attempts,
"hints": hints,
}
self.write(obj)
else:
self.write({"Error": "Invalid uuid."})
elif obj_name == "access":
obj = game_objects["game_level"].by_uuid(uuid)
if obj is not None:
all_teams = Team.all()
access = []
available = []
for team in obj.teams:
all_teams.remove(team)
access.append(team.to_dict())
for team in all_teams:
available.append(team.to_dict())
self.write({"available": available, "access": access})
else:
self.write({"Error": "Invalid uuid."})
else:
self.write({"Error": "Invalid object type."})
self.finish()
def export_users(self, root):
teams_elem = ET.SubElement(root, "teams")
teams_elem.set("count", str(Team.count()))
for team in Team.all():
team.to_xml(teams_elem)
