def handleBotMessage(self, msg, dispatcher):
if (msg.type == "CLIENT_HELLO"):
self.__handleNewClient(msg.data, dispatcher)
if (self.__checkStart()):
self.logger.info("Game Started")
self.servicebot_dispatcher.sendMsg(
BotMessage("EXECUTE_ROUND", self.current_round))
elif (msg.type == "SERVICE_RESULTS"):
self.scoring.updateServiceResults(msg.data)
if (self.__endOfGame() == False):
self.current_round += 1
self.shelf["ROUND"] = self.current_round
self.shelf["SLA"] = self.scoring.getSla()
self.shelf.sync()
self.servicebot_dispatcher.sendMsg(
BotMessage("EXECUTE_ROUND", self.current_round))
elif (msg.type == "REQUEST_SLA"):
sla_msg = self.__getCurrentSLA()
self.reportbot_dispatcher.sendMsg(
BotMessage("REQUEST_SLA_RESULT", sla_msg))
else:
self.logger.error("Unknown Message! Going to stop game! %s %s" %
(msg.type, str(msg.data)))
self.__stopGame()
def handleBotMessage(self, msg, dispatcher):
if (msg.type == "norm"):
dispatcher.sendMsg(msg)
elif (msg.type == "rev"):
msg.data.reverse()
dispatcher.sendMsg(msg)
elif (msg.type == "foo"):
if (self.stored == 2):
self.dispatchers["BAR"].sendMsg(BotMessage("BAR", "Got Foo?"))
else:
self.stored += 1
elif (msg.type == "req1"):
dispatcher.sendMsg(BotMessage("req_result1", msg.data))
elif (msg.type == "req2"):
self.req2_count += 1
dispatcher.sendMsg(BotMessage("norm", self.req2_count))
dispatcher.sendMsg(BotMessage("req_result2", msg.data))
elif (msg.type == "CLIENT_HELLO"):
self.dispatchers[msg.data] = dispatcher
else:
print "WHAT DO I DO WITH THIS MSG???", msg.type, msg.data
def __stopGame(self):
if (self.servicebot_dispatcher != None):
self.servicebot_dispatcher.sendMsg(BotMessage("TERMINATE", None))
if (self.reportbot_dispatcher != None):
self.reportbot_dispatcher.sendMsg(BotMessage("TERMINATE", None))
self.bot_server.close()
def __endRound(self):
self.logger.debug("Ending round %d" % self.round)
team_off_scores, team_def_scores = self.scoring.updateRoundScores(
self.round)
self.scoreboardbot_dispatcher.sendMsg(
BotMessage(
"UPDATE_SCORES",
(team_off_scores, team_def_scores, self.service_status)))
self.round += 1
execute_msg = BotMessage("EXECUTE_ROUND", self.round)
self.servicebot_dispatcher.sendMsg(execute_msg)
def testMultiMessage(self):
m1 = BotMessage("norm", ["Foo", "Bar"])
m2 = BotMessage("rev", ["Foo", "Foo"])
comm = BotCommClient("", 424242, self.key, self.iv, "ECHO")
comm.start()
comm.send(m1)
comm.send(m2)
r1 = comm.receive(True, 1)
r2 = comm.receive(True, 1)
comm.kill()
self.assert_(r1.data == ["Foo", "Bar"])
self.assert_(r2.data == ["Foo", "Foo"])
def __stopGame(self):
if(self.exploitbot_dispatcher != None):
self.exploitbot_dispatcher.sendMsg(BotMessage("TERMINATE",None))
if(self.servicebot_dispatcher != None):
self.servicebot_dispatcher.sendMsg(BotMessage("TERMINATE",None))
if(self.usenix_scoreboard_dispatcher != None):
self.usenix_scoreboard_dispatcher.sendMsg(BotMessage("TERMINATE",None))
if(self.usenix_resetbot_dispatcher != None):
self.usenix_resetbot_dispatcher.sendMsg(BotMessage("TERMINATE",None))
self.bot_server.close()
def testMultipleClients(self):
echo = BotCommClient("", 424242, self.key, self.iv, "ECHO")
foo = BotCommClient("", 424242, self.key, self.iv, "FOO")
echo.start()
foo.start()
m1 = BotMessage("norm", ["Foo", "Bar"])
m2 = BotMessage("foo", "A foo")
echo.send(m1)
foo.send(m2)
r1 = echo.receive(True, 1)
foo.kill()
echo.kill()
def run(self):
self.logger.debug("Starting SubmitBot webserver thread")
self.webserver.start()
server_info = self.conf.getGameStateServerInfo()
self.comm = BotCommClient(
server_info.host,
server_info.port,
server_info.key,
server_info.iv,
"SUBMIT_BOT")
self.running = True
collector = getSharedCollector()
try:
self.comm.start()
while(self.running):
msg = self.comm.receive()
assert(msg.type == "COLLECT_FLAGS")
flags = collector.collect()
self.comm.send(BotMessage("COLLECT_FLAGS_RESULT",flags))
self.comm.kill()
except Exception as e:
self.logger.error("Exception %s" % e)
def run(self):
self.__processConfig()
server_info = self.conf.getGameStateServerInfo()
self.comm = BotCommClient(server_info.host, server_info.port,
server_info.key, server_info.iv,
"USENIX_EXPLOIT_BOT")
self.comm.start()
while (True):
msg = self.comm.receive()
self.logger.debug("recvd msg: %s (%r)" % (msg.type, str(msg.data)))
if (msg.type == "TERMINATE"):
self.logger.info("Received TERM message from gameserver")
break
elif (msg.type == "EXECUTE_ROUND"):
results = self.__executeExploits(msg.data)
self.comm.send(BotMessage("USENIX_EXPLOIT_RESULTS", results))
else:
assert (False), "Invalid msg type received"
self.comm.kill()
def run(self):
self.cmd_q = Queue.Queue()
server_info = self.conf.getGameStateServerInfo()
self.comm = BotCommClient(server_info.host, server_info.port,
server_info.key, server_info.iv,
"USENIX_REPORT_BOT")
self.comm.start()
report_thread = UsenixReportServerThread(self, self.port)
report_thread.setDaemon(True)
report_thread.start()
while (True):
msg = self.comm.receive(False)
if (msg != None):
if (msg.type == "TERMINATE"):
break
try:
cmd, q = self.cmd_q.get(True, 1)
except Queue.Empty:
continue
if (cmd == "SLA_REQ"):
self.comm.send(BotMessage("REQUEST_SLA", None))
msg = self.comm.receive()
if (msg.type == "TERMINATE"):
break
elif (msg.type == "REQUEST_SLA_RESULT"):
q.put(msg.data)
elif (cmd == "SRV_REQ"):
self.comm.send(BotMessage("REQUEST_REPORT", None))
msg = self.comm.receive()
if (msg.type == "TERMINATE"):
break
elif (msg.type == "REQUEST_REPORT_RESULT"):
q.put(msg.data)
self.comm.kill()
def __startGame(self):
init_game = True
if (init_game):
self.round = 1
execute_msg = BotMessage("EXECUTE_ROUND", self.round)
self.servicebot_dispatcher.sendMsg(execute_msg)
def run(self):
server_info = self.conf.getGameStateServerInfo()
self.comm = BotCommClient(server_info.host, server_info.port,
server_info.key, server_info.iv,
"ATTACK_WEB_BOT")
self.comm.start()
self.webserver = WebserverThread(self)
self.webserver.start()
while (True):
cmd, thread_q = self.cmd_q.get()
if (cmd == "LIST_EXPLOITS"):
msg = self.comm.request(BotMessage("LIST_EXPLOITS", None), 5)
assert (msg.type == "LIST_EXPLOITS_RESULT")
thread_q.put(msg.data)
elif (cmd == "GET_FLAG_STATS"):
msg = self.comm.request(BotMessage("GET_FLAG_STATS", None), 5)
if (msg != None):
assert (msg.type == "GET_FLAG_STATS_RESULT")
thread_q.put(msg.data)
thread_q.put(None)
elif (cmd.startswith("GET_LOG:")):
(exploit, lines) = cmd[8:].split("|")
msg = self.comm.request(BotMessage(cmd, (exploit, lines)), 5)
thread_q.put(msg.data)
elif (cmd.startswith("GET_EXPLOIT:")):
exploit = cmd[12:]
msg = self.comm.request(BotMessage(cmd, (exploit, )), 5)
thread_q.put(msg.data)
elif (cmd.startswith("TOGGLE_EXPLOIT:")):
self.comm.send(BotMessage(cmd, None))
msg = self.comm.getPendingMessages()
if (msg != None):
self.logger.error("Unexpected message: %r %r" %
(msg.type, msg.data))
self.webserver.join()
def testBasicCommRequest(self):
req = BotMessage("req1", ["Foo", "Bar"], True)
comm = BotCommClient("", 424242, self.key, self.iv, "ECHO")
comm.start()
rcv = comm.request(req, "req_result1", 1.0)
comm.kill()
self.assert_(rcv.type == "req_result1")
self.assert_(rcv.data == ["Foo", "Bar"])
def testTypes(self):
msg = BotMessage("rev", ["Foo", "Bar"])
comm = BotCommClient("", 424242, self.key, self.iv, "ECHO")
comm.start()
comm.send(msg)
rcv = comm.receive(True, 5)
comm.kill()
self.assert_(rcv.type == "rev")
self.assert_(rcv.data == ["Bar", "Foo"])
def testManyMessage(self):
comm = BotCommClient("", 424242, self.key, self.iv, "ECHO")
comm.start()
for i in range(0, 100):
msg = BotMessage("norm", ["Test_%d" % i])
comm.send(msg)
for i in range(0, 100):
rcv = comm.receive(True, 1)
self.assert_(rcv.data == ["Test_%d" % i])
comm.kill()
def do_upload(self, fs):
if len(fs['exploit'].value) > 0:
filename = fs['exploit'].filename
exploit = fs['exploit'].value
exploit_msg = BotMessage("NEW_EXPLOIT", (filename, exploit))
COMM.send(exploit_msg)
LOG.info("New exploit: %s" % filename)
self.send_response(302)
self.send_header("Location", "/index")
self.end_headers()
def __mainLoopAuto(self):
while (True):
msg = self.comm.receive(True, 1)
if (msg != None):
if (msg.type == "TERMINATE"):
self.comm.kill()
break
elif (msg.type == "NEW_EXPLOIT"):
self.__newExploit(msg.data[0], msg.data[1])
elif (msg.type == "LIST_EXPLOITS"):
exploits = self.__listExploits()
self.comm.sendResponse(
msg, BotMessage("LIST_EXPLOITS_RESULT", exploits))
elif (msg.type.startswith("GET_LOG:")):
payload = msg.type[8:]
(exploit, lines) = payload.split("|")
lines = int(lines)
log_data = self.__getLog(exploit, lines)
self.comm.sendResponse(
msg, BotMessage("GET_LOG_RESULT:%s" % exploit,
log_data))
elif (msg.type.startswith("GET_EXPLOIT:")):
exploit = msg.type[12:]
data = self.__getExploit(exploit)
self.comm.sendResponse(
msg, BotMessage("GET_EXPLOIT_RESULT:%s" % exploit,
data))
elif (msg.type.startswith("TOGGLE_EXPLOIT:")):
exploit = msg.type[15:]
self.__toggleExploit(exploit)
else:
flags = self.attack_manager.getFlags()
if (len(flags) != 0):
self.comm.send(BotMessage("COLLECTED_FLAGS", flags))
def do_manual_submit(self, qs):
"""
Manual submission is a feature that was requested at defcon 2009.
In adding this feature, im testing out a new method in the comm class
that should replace the whole WEB_BOT.cmd infrastructure.
"""
flag = qs['flag']
results = COMM.request(BotMessage("MANUAL_FLAG", flag), 10.0)
if (results == None):
self.wfile.write("Flag submission appears to be down...")
else:
self.wfile.write("Submitted flag %s, response was: %r" %
((flag, results.data)))
def testServerStatePassing(self):
foo = BotCommClient("", 424242, self.key, self.iv, "FOO")
bar = BotCommClient("", 424242, self.key, self.iv, "BAR")
echo = BotCommClient("", 424242, self.key, self.iv, "ECHO")
foo.start()
bar.start()
echo.start()
m1 = BotMessage("foo", "A foo message")
m2 = BotMessage("norm", ["Foo", "Bar"])
for i in range(3):
foo.send(m1)
echo.send(m2)
r1 = echo.receive(True, 1)
r2 = bar.receive(True, 1)
self.assert_(r1.data == ["Foo", "Bar"])
self.assert_(r2.data == "Got Foo?")
foo.kill()
bar.kill()
echo.kill()
def testCommRequestExtraMessage(self):
req = BotMessage("req2", ["Foo", "Bar"], True)
comm = BotCommClient("", 424242, self.key, self.iv, "ECHO")
comm.start()
for i in range(0, 50):
msg = BotMessage("norm", ["Test_%d" % i])
comm.send(msg)
for i in xrange(5):
rcv = comm.request(req, "req_result2", 1.0)
self.assertEquals(rcv.type, "req_result2")
self.assertEquals(rcv.data, ["Foo", "Bar"])
for i in range(0, 50):
rcv = comm.receive(True, 1)
self.assert_(rcv.data == ["Test_%d" % i])
for i in xrange(5):
xtra = comm.receive(True, 1)
self.assert_(xtra != None)
self.assertEquals(xtra.data, i + 1)
comm.kill()
def __parseResults(self, round, task_results):
results = []
for teamId in xrange(self.conf.numTeams()):
results.append([])
for serviceId in xrange(self.servicebot_conf.numServices()):
task = task_results[teamId][serviceId]
if (task.status() == ServiceTask.OK):
results[teamId].append('g')
elif (task.status() == ServiceTask.INVALID_FLAG):
results[teamId].append('b')
else:
results[teamId].append('e')
return BotMessage("SERVICE_RESULTS", (round, results))
def run(self):
reboot_tasks = []
for team in self.usenix_logic.conf.teams:
reboot_tasks.append(subprocess.Popen([
'/usr/bin/ssh',
'-i/home/scorebot/.ssh/id_rsa',
'root@'+team.host,
'reboot'],close_fds=True))
self.usenix_logic.logger.warn("(THREAD HACK!)Wating for team systems to restart..")
time.sleep(self.usenix_logic.usenix_conf.rebootTime())
for task in reboot_tasks:
task.kill()
self.usenix_logic.servicebot_dispatcher.sendMsg(BotMessage("EXECUTE_ROUND",self.usenix_logic.service_round))
self.usenix_logic.service_round += 1
self.usenix_logic.partial_round += 1
def __mainLoopWait(self):
while (True):
msg = self.comm.receive()
self.logger.debug("Wait logic processing msg: %s (%s)" %
(msg.type, str(msg.data)))
if (msg.type == "EXECUTE_EXPLOITS"):
exploits = msg.data
for exploit in exploits:
self.attack_manager.cmd(AttackManager.LAUNCH_EXPLOIT,
exploit)
elif (msg.type == "UPDATE_EXPLOITS"):
self.attack_manager.cmd(AttackManager.UPDATE_EXPLOITS)
elif (msg.type == "PROCESS_OUTPUT"):
self.attack_manager.cmd(AttackManager.PROCESS_OUTPUT)
elif (msg.type == "GATHER_FLAGS"):
self.attack_manager.cmd(AttackManager.GATHER_FLAGS)
collected = []
while (True):
try:
collected.append(
self.attack_manager.collected_flags.get(True, 1))
except Queue.Empty:
break
self.comm.send(BotMessage("COLLECTED_FLAGS", collected))
elif (msg.type == "STOP_EXPLOITS"):
self.attack_manager.cmd(AttackManager.STOP_ALL)
elif (msg.type == "TERMINATE"):
self.comm.kill()
break
else:
assert (False), "Invalid msg type received"
def __parseResults(self, round, task_results):
results = []
for teamId in xrange(self.conf.numTeams()):
results.append([])
for serviceId in xrange(self.servicebot_conf.numServices()):
results[teamId].append(None)
for team, service, task in task_results:
if (task.gotExpectedFlag()):
results[team.id][service.id] = 'g'
elif (task.error() == None and task.retcode() == 0):
results[team.id][service.id] = 'b'
else:
results[team.id][service.id] = 'e'
for teamId in xrange(self.conf.numTeams()):
for serviceId in xrange(self.servicebot_conf.numServices()):
assert (results[teamId][serviceId] != None)
return BotMessage("SERVICE_RESULTS", (round, results))
def handleBotMessage(self,msg,dispatcher):
if(msg.type == "CLIENT_HELLO"):
self.__handleNewClient(msg.data,dispatcher)
if(self.__checkStart()):
self.logger.info("Game Started")
self.servicebot_dispatcher.sendMsg(BotMessage("EXECUTE_ROUND",self.partial_round))
self.service_round += 1
self.partial_round += 1
elif(msg.type == "SERVICE_RESULTS"):
partial_count = self.usenix_conf.getServiceRoundCount()
self.recent_service_results = msg.data
self.scoring.updateRoundResults(msg.data)
if(self.partial_round % (partial_count+1) != partial_count):
self.servicebot_dispatcher.sendMsg(BotMessage("EXECUTE_ROUND",self.service_round))
self.service_round += 1
else:
self.exploitbot_dispatcher.sendMsg(BotMessage("EXECUTE_ROUND",self.exploit_round))
self.exploit_round += 1
self.partial_round += 1
elif(msg.type == "USENIX_EXPLOIT_RESULTS"):
self.logger.debug("Received exploit results!")
sla_scores = self.scoring.getServiceSLA(self.usenix_conf.getServiceRoundCount())
self.__updateTeamScores(msg.data,sla_scores)
self.logger.info("=== End of Round %d ===" % self.current_round)
for team in self.conf.teams:
self.logger.info("Team %s: %f" % (team.name,self.team_scores[team.id]))
if(self.__endOfGame() == False):
self.current_round += 1
#Store round data..
self.shelf["PARTIAL"] = self.partial_round
self.shelf["ROUND"] = self.current_round
self.shelf["SCORES"] = self.team_scores
self.shelf.sync()
self.logger.info("=== Reset Team Systems ===")
reboot_thread = RebootThread(self)
reboot_thread.daemon = True
reboot_thread.start()
"""
for team in self.conf.teams:
subprocess.call([
'/usr/bin/ssh',
'-i/home/scorebot/.ssh/id_rsa',
'root@'+team.host,
'reboot'
'&'],close_fds=True, shell=True)
self.logger.debug("Wating for team systems to restart..")
time.sleep(self.usenix_conf.rebootTime())
self.servicebot_dispatcher.sendMsg(BotMessage("EXECUTE_ROUND",self.service_round))
self.service_round += 1
self.partial_round += 1
"""
elif(msg.type == "REQUEST_REPORT"):
results = self.__buildReportResult()
self.usenix_reportbot_dispatcher.sendMsg(BotMessage("REQUEST_REPORT_RESULT",results))
else:
self.logger.error("Unknown Message! Going to stop game! %s %s" % (msg.type,str(msg.data)))
self.__stopGame()
def __handleServiceResults(self, service_results):
round, data = service_results
assert (self.round == round)
self.service_status = data
self.scoring.updateDefensiveInfo(data)
self.submitbot_dispatcher.sendMsg(BotMessage("COLLECT_FLAGS", None))
