forked from andyjsmith/CTFd-Docker-Plugin
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathhelpers.py
354 lines (285 loc) · 12.4 KB
/
helpers.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
import os
import json
import time
from flask import jsonify, request
from CTFd.utils import get_config
from .models import ContainerChallengeModel, ContainerInfoModel, ContainerSettingsModel, ContainerFlagModel, ContainerCheatLog
from .container_manager import ContainerManager, ContainerException
from CTFd.models import db, Teams, Users, Solves
from CTFd.utils.user import get_current_user
def get_settings_path():
"""Retrieve the path to settings.json"""
# Thanks https://github.com/TheFlash2k
return os.path.join(os.path.dirname(os.path.abspath(__file__)), "settings.json")
settings = json.load(open(get_settings_path()))
USERS_MODE = settings["modes"]["USERS_MODE"]
TEAMS_MODE = settings["modes"]["TEAMS_MODE"]
def settings_to_dict(settings):
"""Convert settings table records into a dictionary"""
return {setting.key: setting.value for setting in settings}
def is_team_mode():
"""Determine if CTF is running in team mode"""
mode = get_config("user_mode")
return mode == TEAMS_MODE
def kill_container(container_manager, container_id):
"""Kill and remove a running container"""
container = ContainerInfoModel.query.filter_by(container_id=container_id).first()
if not container:
return jsonify({"error": "Container not found"}), 400
try:
container_manager.kill_container(container_id)
except ContainerException:
return jsonify(
{"error": "Docker is not initialized. Please check your settings."}
)
db.session.delete(container)
db.session.commit()
return jsonify({"success": "Container killed"})
def renew_container(container_manager, chal_id, xid, is_team):
"""Extend the expiration time of an active container"""
challenge = ContainerChallengeModel.query.filter_by(id=chal_id).first()
if challenge is None:
return jsonify({"error": "Challenge not found"}), 400
running_container = ContainerInfoModel.query.filter_by(
challenge_id=challenge.id,
team_id=xid if is_team else None,
user_id=None if is_team else xid,
).first()
if running_container is None:
return jsonify({"error": "Container not found, try resetting the container."})
try:
running_container.expires = int(
time.time() + container_manager.expiration_seconds
)
db.session.commit()
except ContainerException:
return jsonify({"error": "Database error occurred, please try again."})
return jsonify(
{
"success": "Container renewed",
"expires": running_container.expires,
"hostname": container_manager.settings.get("docker_hostname", ""),
"port": running_container.port,
"connect": challenge.connection_type,
}
)
def create_container(container_manager, chal_id, xid, is_team):
"""Create a new challenge container"""
challenge = ContainerChallengeModel.query.filter_by(id=chal_id).first()
if challenge is None:
return jsonify({"error": "Challenge not found"}), 400
if Solves.query.filter_by(challenge_id=chal_id, account_id=xid).first():
return jsonify({"error": "Challenge already solved"}), 400
max_containers = int(container_manager.settings.get("max_containers", 3))
# Check if user/team has reached the max container limit
running_container = ContainerInfoModel.query.filter_by(
challenge_id=challenge.id,
team_id=xid if is_team else None,
user_id=None if is_team else xid,
).first()
container_count = ContainerInfoModel.query.filter_by(
team_id=xid if is_team else None,
user_id=None if is_team else xid,
).count()
if container_count >= max_containers:
return (
jsonify(
{
"error": f"Max containers ({max_containers}) reached. Please stop a running container before starting a new one."
}
),
400,
)
if running_container:
# Check if the container is still running
try:
if container_manager.is_container_running(running_container.container_id):
return jsonify(
{
"status": "already_running",
"hostname": container_manager.settings.get(
"docker_hostname", ""
),
"port": running_container.port,
"connect": challenge.connection_type,
"expires": running_container.expires,
}
)
else:
db.session.delete(running_container)
db.session.commit()
except ContainerException as err:
return jsonify({"error": str(err)}), 500
# Start a new Docker container
try:
created_container = container_manager.create_container(challenge, xid, is_team)
except ContainerException as err:
return jsonify({"error": str(err)})
return jsonify(
{
"status": "created",
"hostname": container_manager.settings.get("docker_hostname", ""),
"port": created_container["port"],
"connect": challenge.connection_type,
"expires": created_container["expires"],
}
)
def view_container_info(container_manager, chal_id, xid, is_team):
"""Retrieve information about a running container"""
challenge = ContainerChallengeModel.query.filter_by(id=chal_id).first()
if challenge is None:
return jsonify({"error": "Challenge not found"}), 400
running_container = ContainerInfoModel.query.filter_by(
challenge_id=challenge.id,
team_id=xid if is_team else None,
user_id=None if is_team else xid,
).first()
if running_container:
try:
if container_manager.is_container_running(running_container.container_id):
return jsonify(
{
"status": "already_running",
"hostname": container_manager.settings.get(
"docker_hostname", ""
),
"port": running_container.port,
"connect": challenge.connection_type,
"expires": running_container.expires,
}
)
else:
db.session.delete(running_container)
db.session.commit()
except ContainerException as err:
return jsonify({"error": str(err)}), 500
else:
return jsonify({"status": "Challenge not started"})
def connect_type(chal_id):
"""Get the connection type for a challenge"""
challenge = ContainerChallengeModel.query.filter_by(id=chal_id).first()
if challenge is None:
return jsonify({"error": "Challenge not found"}), 400
return jsonify({"status": "Ok", "connect": challenge.connection_type})
def get_xid_and_flag():
"""
1) Returns (x_id, submitted_flag) from the current request
2) Raises ValueError with an error message if something is missing
"""
user = get_current_user()
if not user:
raise ValueError("You must be logged in to attempt this challenge.")
if is_team_mode():
if not user.team_id:
raise ValueError("You must belong to a team to solve this challenge.")
x_id = user.team_id
else:
x_id = user.id
# Parse flag from JSON or form
data = request.get_json() or request.form
submitted_flag = data.get("submission", "").strip()
if not submitted_flag:
raise ValueError("No flag provided.")
return user, x_id, submitted_flag
def get_active_container(challenge_id, x_id):
"""
Returns the ContainerInfoModel if found and running, else raises ValueError with a message.
"""
container_info = ContainerInfoModel.query.filter_by(
challenge_id=challenge_id,
team_id=x_id if is_team_mode() else None,
user_id=None if is_team_mode() else x_id,
).first()
if not container_info:
raise ValueError("No container is currently active for this challenge.")
return container_info
def get_container_flag(submitted_flag, user, container_manager, container_info, challenge):
"""
Fetches the ContainerFlagModel for the given submitted_flag.
Ensures the flag belongs to the user or team (in team mode).
If the flag was already used by another user/team, trigger a ban.
"""
if is_team_mode():
# In team mode, check if the flag belongs to the user's team
container_flag = ContainerFlagModel.query.filter_by(flag=submitted_flag).first()
if challenge.flag_mode == "random" and container_flag and container_flag.team_id != user.team_id:
# Flag belongs to another team and is reused → cheating detected
ban_team_and_original_owner(container_flag, user, container_manager, container_info)
else:
# In individual mode, check if the flag belongs to the user
container_flag = ContainerFlagModel.query.filter_by(flag=submitted_flag).first()
if challenge.flag_mode == "random" and container_flag and container_flag.user_id != user.id:
# Flag belongs to another user and is reused → cheating detected
ban_team_and_original_owner(container_flag, user, container_manager, container_info)
# If no flag is found, return incorrect flag error
if not container_flag:
raise ValueError("Incorrect")
return container_flag
def ban_team_and_original_owner(container_flag, user, container_manager, container_info):
"""
If flag swapping or cheating is detected, ban both the original owner and the submitter.
Deletes the container record and kills the container.
"""
if not container_flag:
raise ValueError("Cannot ban without a valid container flag.")
cheat_log = ContainerCheatLog(
reused_flag=container_flag.flag,
challenge_id=container_flag.challenge_id,
original_team_id=container_flag.team_id,
original_user_id=container_flag.user_id,
second_team_id=user.team_id if is_team_mode() else None,
second_user_id=user.id if not is_team_mode() else None,
timestamp=int(time.time())
)
db.session.add(cheat_log)
db.session.commit()
# Ban logic
if is_team_mode():
original_team = Teams.query.filter_by(id=container_flag.team_id).first()
submit_team = Teams.query.filter_by(id=user.team_id).first()
if original_team:
original_team.banned = True
for member in original_team.members:
member.banned = True
if submit_team:
submit_team.banned = True
for member in submit_team.members:
member.banned = True
else:
if container_flag.user_id:
original_user = Users.query.filter_by(id=container_flag.user_id).first()
if original_user:
original_user.banned = True
user.banned = True
db.session.commit()
# **If static mode, delete both flag and container info**
if container_flag.challenge.flag_mode == "static":
db.session.delete(container_flag)
db.session.commit()
# **If random mode, only delete container info but keep the flag**
elif container_flag.challenge.flag_mode == "random":
db.session.query(ContainerFlagModel).filter_by(container_id=container_info.container_id).update({"container_id": None})
db.session.commit()
# Remove container info record
container = ContainerInfoModel.query.filter_by(container_id=container_info.container_id).first()
if container:
db.session.delete(container)
db.session.commit()
# Kill the container
container_manager.kill_container(container_info.container_id)
# Kill the container
container_manager.kill_container(container_info.container_id)
raise ValueError("Cheating detected!")
def get_current_user_or_team():
user = get_current_user()
if user is None:
raise ValueError("User not found")
if user.team is None and is_team_mode():
raise ValueError("User not a member of a team")
return user.team.id if is_team_mode() else user.id
def validate_request(json_data, required_fields):
if json_data is None:
raise ValueError("Invalid request")
for field in required_fields:
if json_data.get(field) is None:
raise ValueError(f"No {field} specified")