ColdCore/ctftool

208 lines
8.2 KiB
Plaintext
Raw Normal View History

2015-12-06 02:43:04 +00:00
#!/usr/bin/env python3
2015-11-08 06:10:26 +00:00
from database import *
2015-11-08 19:04:02 +00:00
from datetime import datetime, timedelta
2015-11-29 17:10:38 +00:00
import config
import getpass
2015-11-29 17:10:38 +00:00
import hashlib
import os
import os.path
2015-11-29 17:10:38 +00:00
import shutil
2015-11-08 06:10:26 +00:00
import sys
2015-12-03 23:18:00 +00:00
import redis
2015-11-08 06:10:26 +00:00
import random
import utils
import utils.admin
2015-12-03 23:18:00 +00:00
import yaml
2016-07-09 20:33:02 +00:00
import argparse
import logging
2015-11-08 06:10:26 +00:00
tables = [Team, TeamAccess, Challenge, ChallengeSolve, ChallengeFailure, NewsItem, TroubleTicket, TicketComment, Notification, ScoreAdjustment, AdminUser]
2016-07-09 20:33:02 +00:00
def create_tables(args):
[i.create_table() for i in tables]
2015-11-08 06:10:26 +00:00
print("Tables created")
2016-07-09 20:33:02 +00:00
def drop_tables(args):
2015-11-08 06:10:26 +00:00
if input("Are you sure? Type yes to continue: ") == "yes":
[i.drop_table() for i in tables]
2015-11-08 06:10:26 +00:00
print("Done")
else:
print("Okay, nothing happened.")
2016-07-09 20:33:02 +00:00
def gen_team(args):
n = args.team_count
2015-11-08 19:04:02 +00:00
chals = list(Challenge.select())
ctz = datetime.now()
diff = timedelta(minutes=5)
for i in range(n):
name = "Team {}".format(i + 1)
2015-11-09 02:44:04 +00:00
t = Team.create(name=name, email="none@none.com", affiliation="Autogenerated", eligible=True, key="", email_confirmation_key="autogen", email_confirmed=True)
2015-11-08 19:04:02 +00:00
t.key = "autogen{}".format(t.id)
t.save()
print("Team added with id {}".format(t.id))
2015-11-12 20:47:30 +00:00
2016-07-09 20:33:02 +00:00
def add_admin(args):
username = input("Username: ")
password = getpass.getpass().encode()
pwhash = utils.admin.create_password(password)
r = random.SystemRandom()
secret = "".join([r.choice("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567") for i in range(16)])
2016-05-05 01:30:29 +00:00
AdminUser.create(username=username, password=pwhash, secret=secret)
2016-05-11 18:16:33 +00:00
print("AdminUser created; Enter the following key into your favorite TOTP application (Google Authenticator Recommended): {}".format(secret))
2016-07-09 20:33:02 +00:00
def scan_challenges(args):
path = args.path
dirs = [j for j in [os.path.join(path, i) for i in os.listdir(path)] if os.path.isdir(j)]
print(dirs)
n = 0
2015-11-29 17:10:38 +00:00
for d in dirs:
2015-11-29 17:10:38 +00:00
staticpaths = {}
if os.path.exists(os.path.join(d, "static.yml")):
with open(os.path.join(d, "static.yml")) as f:
statics = yaml.load(f)
for static in statics:
h = hashlib.sha256()
with open(os.path.join(d, static), "rb") as staticfile:
while True:
buf = staticfile.read(4096)
h.update(buf)
if not buf:
break
if "." in static:
name, ext = static.split(".", maxsplit=1)
fn = "{}_{}.{}".format(name, h.hexdigest(), ext)
else:
fn = "{}_{}".format(static, h.hexdigest())
staticpaths[static] = fn
shutil.copy(os.path.join(d, static), os.path.join(config.static_dir, fn))
print(fn)
if os.path.exists(os.path.join(d, "problem.yml")):
with open(os.path.join(d, "problem.yml")) as f:
n += 1
2015-11-29 17:10:38 +00:00
data = yaml.load(f)
for i in staticpaths:
print("looking for |{}|".format(i))
data["description"] = data["description"].replace("|{}|".format(i), "{}{}".format(config.static_prefix, staticpaths[i]))
query = Challenge.select().where(Challenge.name == data["name"])
if query.exists():
print("Updating " + str(data["name"]) + "...")
q = Challenge.update(**data).where(Challenge.name == data["name"])
q.execute()
else:
Challenge.create(**data)
2015-11-29 17:10:38 +00:00
print(n, "challenges loaded")
2016-07-09 20:33:02 +00:00
def add_challenge(args):
challengefile = args.file
with open(challengefile) as f:
chal = Challenge.create(**yaml.load(f))
print("Challenge added with id {}".format(chal.id))
def gen_challenges(args):
n = args.challenge_count
for i in range(n):
name = str(random.randint(0, 999999999))
chal = Challenge.create(name="Challenge {}".format(name), category="Generated", description="Lorem ipsum, dolor sit amet. The flag is {}".format(name), points=random.randint(50, 400), flag=name, author="autogen")
print("Challenge added with id {}".format(chal.id))
2015-12-03 23:18:00 +00:00
2016-07-09 20:33:02 +00:00
def list_challenges(args):
2016-05-16 01:09:04 +00:00
for chal in Challenge.select():
print("{} {}".format(str(chal.id).rjust(3), chal.name))
2016-07-09 20:33:02 +00:00
def del_challenge(args):
id = args.id
2016-05-16 01:09:04 +00:00
c = Challenge.get(id=id)
ChallengeFailure.delete().where(ChallengeFailure.challenge == c).execute()
ChallengeSolve.delete().where(ChallengeSolve.challenge == c).execute()
c.delete_instance()
2016-07-09 20:33:02 +00:00
def recache_solves(args):
r = redis.StrictRedis()
for chal in Challenge.select():
r.hset("solves", chal.id, chal.solves.count())
print(r.hvals("solves"))
def main():
parser = argparse.ArgumentParser(description="{} problem manager".format(config.ctf_name))
debug_level = parser.add_mutually_exclusive_group()
debug_level.add_argument('-v', '--verbose', help="Print intermediate results", action="store_true")
debug_level.add_argument('-s', '--silent', help="Print out very little", action="store_true")
subparser = parser.add_subparsers(help='Select one of the following actions')
# Problems
parser_problems = subparser.add_parser('challenges', help='Deal with challenges')
subparser_problems = parser_problems.add_subparsers(help='Select one of the following actions')
parser_problems_scan = subparser_problems.add_parser('scan', help='Scan a path for problems')
parser_problems_scan.add_argument("path", nargs=1, help="Directory for the path")
parser_problems_scan.set_defaults(func=scan_challenges)
parser_problems_generate = subparser_problems.add_parser('generate', help='Generate some dummy problems')
parser_problems_generate.add_argument("challenge_count", nargs=1, type=int, help="number of problems to generate")
parser_problems_generate.set_defaults(func=gen_challenges)
parser_problems_add = subparser_problems.add_parser('add', help='add a problem')
parser_problems_add.add_argument("file", nargs=1, help="file to use")
parser_problems_add.set_defaults(func=add_challenge)
parser_problems_list = subparser_problems.add_parser('list', help='List problems in the database')
parser_problems_list.set_defaults(func=list_challenges)
parser_problems_del = subparser_problems.add_parser('del', help='Delete a problem')
parser_problems_del.add_argument('id', help="ID of problem to remove")
parser_problems_del.set_defaults(func=del_challenge)
# Database
parser_database = subparser.add_parser("database", help="Deal with database")
subparser_database = parser_database.add_subparsers(help="Select one of the following actions")
parser_database_drop = subparser_database.add_parser("create-tables", help="create tables")
parser_database_drop.set_defaults(func=create_tables)
parser_database_clear = subparser_database.add_parser("drop-tables", help="drop tables")
parser_database_clear.set_defaults(func=drop_tables)
parser_database_recache_solves = subparser_database.add_parser("recache-solves", help="recache solves")
parser_database_recache_solves.set_defaults(func=recache_solves)
# Users
parser_user = subparser.add_parser("users", help="Deal with users")
subparser_users = parser_user.add_subparsers(help="Select one of the following actions")
parser_users_generate = subparser_users.add_parser('generate', help='Generate some dummy teams')
parser_users_generate.add_argument("team_count", nargs=1, type=int, help="number of teams to generate")
parser_users_generate.set_defaults(func=gen_team)
parser_users_admin = subparser_users.add_parser('add-admin', help='Create a new administrator')
parser_users_admin.set_defaults(func=add_admin)
args = parser.parse_args()
if args.silent:
logging.basicConfig(level=logging.CRITICAL, stream=sys.stdout)
elif args.verbose:
logging.basicConfig(level=logging.DEBUG, stream=sys.stdout)
else:
logging.basicConfig(level=logging.WARNING, stream=sys.stdout)
if 'func' in args:
args.func(args)
else:
parser.print_help()
main()
2015-11-08 06:10:26 +00:00
# vim: syntax=python:ft=python