diff --git a/attackers/threads_attacker.py b/attackers/threads_attacker.py index 80666da..c28394f 100644 --- a/attackers/threads_attacker.py +++ b/attackers/threads_attacker.py @@ -5,12 +5,13 @@ """ import threading -import Queue +import queue from ictf import iCTF import requests from string import ascii_uppercase, digits import random from time import sleep +from time import time as get_sec _service = "service_name" _author = "ocean" @@ -18,8 +19,10 @@ _flg_re = r"FLG\w{13}" +# This is needed for the alternative tick method +# _tick_duration = 15*60 -q = Queue.Queue() +q = queue.Queue() ic = iCTF() @@ -75,6 +78,11 @@ def submit_flags(self, flags, target): def attack(self): while(1): + # if ictf is not supported you can use this method + # get the current time before and after the attack, compute the + # time before the next tick and then sleep + # init_time = int(get_sec()) + threads = [] team = ic.login("***EMAIL***", "***TOKEN***") targets = team.get_targets(_service) @@ -99,6 +107,11 @@ def attack(self): while(team.get_tick_info()['tick_id'] <= t_info['tick_id']): sleep(1) + # Use this for the alternative tick method + # after_time = int(get_sec()) + # sleep_time = TICK_DURATION - (after_time - init_time) + # print("Waiting for the next tick (%d seconds)" % sleep_time) + # sleep(sleep_time) if __name__ == "__main__": a = Attacker() diff --git a/backend/mongodb.py b/backend/mongodb.py index aaf40c0..790f018 100644 --- a/backend/mongodb.py +++ b/backend/mongodb.py @@ -1,11 +1,11 @@ from pymongo import ( MongoClient, errors, IndexModel, ASCENDING) from bson import ObjectId -from base import BaseBackend +from backend.base import BaseBackend from config import config, STATUS, rSTATUS from datetime import datetime from time import mktime -from itertools import izip_longest +from itertools import zip_longest from collections import Counter @@ -104,7 +104,7 @@ def update_flags(self, submission, status): raise ValueError("Something strange happened! Empty flag set!") stats = {} - for k, v in Counter(status).iteritems(): + for k, v in Counter(status).items(): stats[rSTATUS[k]] = v self.stats.update_one( @@ -113,7 +113,7 @@ def update_flags(self, submission, status): upsert=True) unsubmitted_flags = [ - f[0] for f in izip_longest( + f[0] for f in zip_longest( submission['flags'], status, fillvalue=STATUS["unsubmitted"]) if f[1] == STATUS["unsubmitted"]] diff --git a/requirements.txt b/requirements.txt index 4c18f0b..b0c662e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,5 @@ bottle ipaddress pymongo>=3.0 +ictf +git+https://github.com/arthaud/python3-pwntools.git diff --git a/submitter.py b/submitter.py index 564a90f..d98f090 100644 --- a/submitter.py +++ b/submitter.py @@ -4,7 +4,7 @@ from logger import log from config import STATUS from time import sleep - +import requests class SubmitterBase(object): @@ -27,7 +27,7 @@ def submit(self, flags): ff = [] for flag in flags: status.append(STATUS["accepted"]) - ff.append(flag['flag']) + ff.append(flag) print("FLAAAAAAAGS %s" % ff) return status @@ -116,5 +116,44 @@ def submit(self, flags): return status +class CYGAMESubmitter(SubmitterBase): + + def __init__(self): + super(Submitter, self).__init__() + + def submit(self, flags): + """ this function will submit the flags to the scoreboard""" + status = [] + + try: + for flag in flags: + params = { + 'csrfmiddlewaretoken': '', + 'flag_input': flag + } + cookies = { + 'sessionid': '', + 'csrftoken': '' + } + r = requests.post("http://10.100.50.10/competition/submit/", + data=params, cookies=cookies) + + output = r.content.decode('utf-8') + + if "Thank you" in output: + s = STATUS["accepted"] + elif "once" in output: + s = STATUS["old"] + else: + s = STATUS["rejected"] + + status.append(s) + + except Exception as e: + log.exception(e) + + return status + + # choose the submit function here :) -Submitter = ruCTFeSubmitter +Submitter = CYGAMESubmitter diff --git a/webservice.py b/webservice.py index 5e9f28e..e062f4a 100644 --- a/webservice.py +++ b/webservice.py @@ -36,7 +36,7 @@ def submit_flag(): team = request.forms.get('team') service = request.forms.get('service') flags = request.forms.getall('flags') - ip = request.environ.get('REMOTE_ADDR').decode('utf-8') + ip = request.environ.get('REMOTE_ADDR') ip = int(ip_address(ip)) if not flags or not team or not service or not name: diff --git a/worker.py b/worker.py index cb06864..c5ca091 100644 --- a/worker.py +++ b/worker.py @@ -33,7 +33,7 @@ def __init__(self, backend=None): # the pool will contain our consumer threads self.pool = [] - for i in xrange(0, config.get("workers", 4)): + for i in range(0, config.get("workers", 4)): # create a number of worker threads that will # "consume" the flags, submitting them t = Worker(