├── .gitignore
├── function.png
├── assets
    ├── dynamic-challenge-modal.js
    ├── dynamic-challenge-create.js
    ├── dynamic-challenge-update.js
    ├── dynamic-challenge-create.njk
    ├── dynamic-challenge-modal.njk
    └── dynamic-challenge-update.njk
├── README.md
└── __init__.py


/.gitignore:
--------------------------------------------------------------------------------
1 | __pycache__/
2 | *.py[cod]
3 | 


--------------------------------------------------------------------------------
/function.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CTFd/DynamicValueChallenge/HEAD/function.png


--------------------------------------------------------------------------------
/assets/dynamic-challenge-modal.js:
--------------------------------------------------------------------------------
 1 | window.challenge.renderer = new markdownit({
 2 |     html: true,
 3 | });
 4 | 
 5 | window.challenge.preRender = function () {
 6 | 
 7 | };
 8 | 
 9 | window.challenge.render = function (markdown) {
10 |     return window.challenge.renderer.render(markdown);
11 | };
12 | 
13 | 
14 | window.challenge.postRender = function () {
15 | 
16 | };
17 | 
18 | window.challenge.submit = function (cb, preview) {
19 |     var chal_id = $('#chal-id').val();
20 |     var answer = $('#answer-input').val();
21 |     var nonce = $('#nonce').val();
22 | 
23 |     var url = "/chal/";
24 |     if (preview) {
25 |         url = "/admin/chal/";
26 |     }
27 | 
28 |     $.post(script_root + url + chal_id, {
29 |         key: answer,
30 |         nonce: nonce
31 |     }, function (data) {
32 |         cb(data);
33 |     });
34 | };


--------------------------------------------------------------------------------
/assets/dynamic-challenge-create.js:
--------------------------------------------------------------------------------
 1 | // Markdown Preview
 2 | $('#desc-edit').on('shown.bs.tab', function (event) {
 3 |     if (event.target.hash == '#desc-preview'){
 4 |         var editor_value = $('#desc-editor').val();
 5 |         $(event.target.hash).html(
 6 |             window.challenge.render(editor_value)
 7 |         );
 8 |     }
 9 | });
10 | $('#new-desc-edit').on('shown.bs.tab', function (event) {
11 |     if (event.target.hash == '#new-desc-preview'){
12 |         var editor_value = $('#new-desc-editor').val();
13 |         $(event.target.hash).html(
14 |             window.challenge.render(editor_value)
15 |         );
16 |     }
17 | });
18 | $("#solve-attempts-checkbox").change(function() {
19 |     if(this.checked) {
20 |         $('#solve-attempts-input').show();
21 |     } else {
22 |         $('#solve-attempts-input').hide();
23 |         $('#max_attempts').val('');
24 |     }
25 | });
26 | 
27 | $(document).ready(function(){
28 |     $('[data-toggle="tooltip"]').tooltip();
29 | });
30 | 


--------------------------------------------------------------------------------
/assets/dynamic-challenge-update.js:
--------------------------------------------------------------------------------
 1 | $('#submit-key').click(function (e) {
 2 |     submitkey($('#chalid').val(), $('#answer').val())
 3 | });
 4 | 
 5 | $('#submit-keys').click(function (e) {
 6 |     e.preventDefault();
 7 |     $('#update-keys').modal('hide');
 8 | });
 9 | 
10 | $('#limit_max_attempts').change(function() {
11 |     if(this.checked) {
12 |         $('#chal-attempts-group').show();
13 |     } else {
14 |         $('#chal-attempts-group').hide();
15 |         $('#chal-attempts-input').val('');
16 |     }
17 | });
18 | 
19 | // Markdown Preview
20 | $('#desc-edit').on('shown.bs.tab', function (event) {
21 |     if (event.target.hash == '#desc-preview') {
22 |         var editor_value = $('#desc-editor').val();
23 |         $(event.target.hash).html(
24 |             window.challenge.render(editor_value)
25 |         );
26 |     }
27 | });
28 | $('#new-desc-edit').on('shown.bs.tab', function (event) {
29 |     if (event.target.hash == '#new-desc-preview') {
30 |         var editor_value = $('#new-desc-editor').val();
31 |         $(event.target.hash).html(
32 |             window.challenge.render(editor_value)
33 |         );
34 |     }
35 | });
36 | 
37 | function loadchal(id, update) {
38 |     $.get(script_root + '/admin/chal/' + id, function(obj){
39 |         $('#desc-write-link').click(); // Switch to Write tab
40 |         if (typeof update === 'undefined')
41 |             $('#update-challenge').modal();
42 |     });
43 | }
44 | 
45 | function openchal(id){
46 |     loadchal(id);
47 | }
48 | 
49 | $(document).ready(function(){
50 |     $('[data-toggle="tooltip"]').tooltip();
51 | });
52 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Dynamic Value Challenges for CTFd
 2 | 
 3 | #### NOTE: This plugin has been integrated into CTFd as of 2.0.0. Please file any issues at the [main CTFd repo](https://github.com/CTFd/CTFd)
 4 | 
 5 | It's becoming commonplace in CTF to see challenges whose point values decrease
 6 | after each solve.
 7 | 
 8 | This CTFd plugin creates a dynamic challenge type which implements this
 9 | behavior. Each dynamic challenge starts with an initial point value and then
10 | each solve will decrease the value of the challenge until a minimum point value.
11 | 
12 | By reducing the value of the challenge on each solve, all users who have previously 
13 | solved the challenge will have lowered scores. Thus an easier and more solved 
14 | challenge will naturally have a lower point value than a harder and less solved 
15 | challenge. 
16 | 
17 | Within CTFd you are free to mix and match regular and dynamic challenges.
18 | 
19 | The current implementation requires the challenge to keep track of three values:
20 | 
21 |  * Initial - The original point valuation
22 |  * Decay - The amount of solves before the challenge will be at the minimum
23 |  * Minimum - The lowest possible point valuation
24 | 
25 | The value decay logic is implemented with the following math:
26 | 
27 | <!--
28 | $$a=\textrm{max points}$$
29 | $$b=\textrm{min points}$$
30 | $$s=\textrm{solve threshold}$$
31 | 
32 | $$f(x)=\frac{b-a}{s^{2}}x^{2}+a$$
33 | -->
34 | 
35 | ![](https://raw.githubusercontent.com/CTFd/DynamicValueChallenge/master/function.png)
36 | 
37 | or in pseudo code:
38 | 
39 | ```
40 | value = (((minimum - initial)/(decay**2)) * (solve_count**2)) + initial
41 | value = math.ceil(value)
42 | ```
43 | 
44 | If the number generated is lower than the minimum, the minimum is chosen
45 | instead.
46 | 
47 | A parabolic function is chosen instead of an exponential or logarithmic decay function
48 | so that higher valued challenges have a slower drop from their initial value. 
49 | 
50 | # Installation
51 | 
52 | **REQUIRES: CTFd >= v1.2.0**
53 | 
54 | 1. Clone this repository to `CTFd/plugins`. It is important that the folder is
55 | named `DynamicValueChallenge` so CTFd can serve the files in the `assets`
56 | directory.
57 | 


--------------------------------------------------------------------------------
/assets/dynamic-challenge-create.njk:
--------------------------------------------------------------------------------
  1 | <form method="POST" action="{{ script_root }}/admin/chal/new" enctype="multipart/form-data">
  2 | 	<div class="form-group">
  3 | 		Dynamic value challenges decrease in value as they receive solves. The more solves a dynamic challenge has, the lower its value is to everyone who has solved it.
  4 | 	</div>
  5 | 
  6 | 	<div class="form-group">
  7 | 		<label for="name">Name
  8 | 			<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="The name of your challenge"></i>
  9 | 		</label>
 10 | 		<input type="text" class="form-control" name="name" placeholder="Enter challenge name">
 11 | 	</div>
 12 | 	<div class="form-group">
 13 | 		<label for="category">Category
 14 | 			<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="The category of your challenge"></i>
 15 | 		</label>
 16 | 		<input type="text" class="form-control" name="category" placeholder="Enter challenge category">
 17 | 	</div>
 18 | 
 19 | 	<ul class="nav nav-tabs" role="tablist" id="new-desc-edit">
 20 | 		<li class="nav-item">
 21 | 			<a class="nav-link active" href="#new-desc-write" aria-controls="home" role="tab" data-toggle="tab">Write</a>
 22 | 		</li>
 23 | 		<li class="nav-item">
 24 | 			<a class="nav-link" href="#new-desc-preview" aria-controls="home" role="tab" data-toggle="tab">Preview</a>
 25 | 		</li>
 26 | 	</ul>
 27 | 
 28 | 	<div class="tab-content">
 29 | 		<div role="tabpanel" class="tab-pane active" id="new-desc-write">
 30 | 			<div class="form-group">
 31 | 				<label for="message-text" class="control-label">Message:
 32 | 					<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="Use this to give a brief introduction to your challenge. The description supports HTML and Markdown."></i>
 33 | 				</label>
 34 | 				<textarea id="new-desc-editor" class="form-control" name="description" rows="10"></textarea>
 35 | 			</div>
 36 | 		</div>
 37 | 		<div role="tabpanel" class="tab-pane content" id="new-desc-preview" style="height:234px; overflow-y: scroll;">
 38 | 		</div>
 39 | 	</div>
 40 | 
 41 | 	<div class="form-group">
 42 | 		<label for="value">Initial Value
 43 | 			<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="This is how many points the challenge is worth initially."></i>
 44 | 		</label>
 45 | 		<input type="number" class="form-control" name="value" placeholder="Enter value" required>
 46 | 	</div>
 47 | 
 48 | 	<div class="form-group">
 49 | 		<label for="value">Decay Limit
 50 | 			<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="The amount of solves before the challenge reaches its minimum value"></i>
 51 | 		</label>
 52 | 		<input type="number" class="form-control" name="decay" placeholder="Enter decay limit" required>
 53 | 	</div>
 54 | 
 55 | 	<div class="form-group">
 56 | 		<label for="value">Minimum Value
 57 | 			<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="This is the lowest that the challenge can be worth"></i>
 58 | 		</label>
 59 | 		<input type="number" class="form-control" name="minimum" placeholder="Enter minimum value" required>
 60 | 	</div>
 61 | 
 62 | 	<div class="form-group">
 63 | 		<label>Flag
 64 | 			<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="This is the flag or solution for your challenge. You can choose whether your flag is a static string or a regular expression."></i>
 65 | 		</label>
 66 | 		<input type="text" class="form-control" name="key" placeholder="Enter flag">
 67 | 	</div>
 68 | 
 69 | 	<div class="form-group">
 70 | 		<select class="custom-select" name="key_type[0]">
 71 | 			<option value="static">Static</option>
 72 | 			<option value="regex">Regex</option>
 73 | 		</select>
 74 | 	</div>
 75 | 
 76 | 	<div class="form-check">
 77 | 		<div class="checkbox">
 78 | 			<label class="form-check-label">
 79 | 				<input class="form-check-input" name="hidden" type="checkbox">
 80 | 				Hide challenge on creation
 81 | 			</label>
 82 | 		</div>
 83 | 	</div>
 84 | 
 85 | 	<div class="form-check">
 86 | 		<div class="checkbox">
 87 | 			<label class="form-check-label">
 88 | 				<input class="form-check-input" type="checkbox" id="solve-attempts-checkbox">
 89 | 				Limit amount of solve attempts
 90 | 			</label>
 91 | 		</div>
 92 | 	</div>
 93 | 
 94 | 	<div class="form-group">
 95 | 		<div id="solve-attempts-input" style="display: none;">
 96 | 			<label for="max_attempts">Maximum Attempts
 97 | 				<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="How many attempts should a user have for this challenge? For unlimited attempts, use the value 0"></i>
 98 | 			</label>
 99 | 			<input class="form-control" id='max_attempts' name='max_attempts' type='number' placeholder="0">
100 | 		</div>
101 | 	</div>
102 | 
103 | 	<div class="form-group">
104 | 		<label>Upload Challenge Files
105 | 			<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip" data-placement="right" title="Challenges files are provided to users for download alongside your challenge description"></i>
106 | 		</label>
107 | 		<input class="form-control-file" type="file" name="files[]" multiple="multiple">
108 | 		<sub class="help-block">Attach multiple files using Control+Click or Cmd+Click.</sub>
109 | 	</div>
110 | 
111 | 	<input type="hidden" value="{{ nonce }}" name="nonce" id="nonce">
112 | 	<input type="hidden" value="dynamic" name="chaltype" id="chaltype">
113 | 
114 | 	<div class="form-group">
115 | 		<button class="btn btn-primary float-right create-challenge-submit" type="submit">Create</button>
116 | 	</div>
117 | </form>


--------------------------------------------------------------------------------
/assets/dynamic-challenge-modal.njk:
--------------------------------------------------------------------------------
  1 | <div class="modal-dialog" role="document">
  2 |     <div class="modal-content">
  3 |         <div class="modal-body">
  4 |             <button type="button" class="close" data-dismiss="modal" aria-label="Close">
  5 |               <span aria-hidden="true">&times;</span>
  6 |             </button>
  7 |             <ul class="nav nav-tabs">
  8 |               <li class="nav-item">
  9 |                 <a class="nav-link active" href="#challenge">Challenge</a>
 10 |               </li>
 11 |               {% if solves == '-1 Solves' %}
 12 |               {% else %}
 13 |               <li class="nav-item">
 14 |                 <a class="nav-link chal-solves" href="#solves">{{solves}}</a>
 15 |               </li>
 16 |               {% endif %}
 17 |             </ul>
 18 |             <div role="tabpanel">
 19 |                 <div class="tab-content">
 20 |                     <div role="tabpanel" class="tab-pane fade show active" id="challenge">
 21 |                         <h2 class='chal-name text-center pt-3'>{{ name }}</h2>
 22 |                         <h3 class="chal-value text-center">{{ value }}</h3>
 23 |                         <div class="chal-tags text-center">
 24 |                         {% for tag in tags %}
 25 |                             <span class='badge badge-info chal-tag'>{{tag}}</span>
 26 |                         {% endfor %}
 27 |                         </div>
 28 |                         <span class="chal-desc">{{ description | safe }}</span>
 29 |                         <div class="chal-hints hint-row row">
 30 |                             {% for hint in hints %}
 31 |                             <div class='col-md-12 hint-button-wrapper text-center mb-3'>
 32 |                                 <a class="btn btn-info btn-hint btn-block" href="javascript:;" onclick="javascript:loadhint({{hint.id}})">
 33 |                                     {% if hint.hint %}
 34 |                                         <small>
 35 |                                         View Hint
 36 |                                         </small>
 37 |                                     {% else %}
 38 |                                         {% if hint.cost %}
 39 |                                             <small>
 40 |                                             Unlock Hint for {{hint.cost}} points
 41 |                                             </small>
 42 |                                         {% else %}
 43 |                                             <small>
 44 |                                             View Hint
 45 |                                             </small>
 46 |                                         {% endif %}
 47 |                                     {% endif %}
 48 |                                 </a>
 49 |                             </div>
 50 |                             {% endfor %}
 51 |                         </div>
 52 |                         <div class="row chal-files text-center pb-3">
 53 |                             {% for file in files %}
 54 |                             <div class='col-md-4 col-sm-4 col-xs-12 file-button-wrapper d-block'>
 55 |                                 <a class='btn btn-info btn-file mb-1 d-inline-block px-2 w-100 text-truncate' href='{{script_root}}/files/{{file}}'>
 56 |                                     <i class="fas fa-download"></i>
 57 |                                     <small>
 58 |                                     {{ file.split('/')[1] }}
 59 |                                     </small>
 60 |                                 </a>
 61 |                             </div>
 62 |                             {% endfor %}
 63 |                         </div>
 64 | 
 65 |                         <div class="row submit-row">
 66 |                             <div class="col-md-9 form-group">
 67 |                                 <input class="form-control" type="text" name="answer" id="answer-input" placeholder="Flag" />
 68 |                                 <input id="chal-id" type="hidden" value="{{id}}">
 69 |                             </div>
 70 |                             <div class="col-md-3 form-group key-submit">
 71 |                                 <button type="submit" id="submit-key" tabindex="5" class="btn btn-md btn-outline-secondary float-right">Submit</button>
 72 |                             </div>
 73 |                         </div>
 74 |                         <div class="row notification-row">
 75 |                             <div class="col-md-12">
 76 |                                 <div id="result-notification" class="alert alert-dismissable text-center w-100" role="alert" style="display: none;">
 77 |                                   <strong id="result-message"></strong>
 78 |                                 </div>
 79 |                             </div>
 80 |                         </div>
 81 |                     </div>
 82 |                     <div role="tabpanel" class="tab-pane fade" id="solves">
 83 |                         <div class="row">
 84 |                             <div class="col-md-12">
 85 |                                 <table class="table table-striped text-center">
 86 |                                     <thead>
 87 |                                         <tr>
 88 |                                             <td><b>Name</b>
 89 |                                             </td>
 90 |                                             <td><b>Date</b>
 91 |                                             </td>
 92 |                                         </tr>
 93 |                                     </thead>
 94 |                                     <tbody id="chal-solves-names">
 95 |                                     </tbody>
 96 |                                 </table>
 97 |                             </div>
 98 |                         </div>
 99 |                     </div>
100 |                 </div>
101 |             </div>
102 |         </div>
103 |     </div>
104 | </div>


--------------------------------------------------------------------------------
/assets/dynamic-challenge-update.njk:
--------------------------------------------------------------------------------
  1 | <div id="update-challenge" class="modal fade" tabindex="-1">
  2 | 	<div class="modal-dialog">
  3 | 		<div class="modal-content">
  4 | 			<div class="modal-header">
  5 | 				<div class="container">
  6 | 					<div class="row">
  7 | 						<div class="col-md-12">
  8 | 							<h3 class="chal-title text-center"></h3>
  9 | 						</div>
 10 | 					</div>
 11 | 				</div>
 12 | 				<button type="button" class="close" data-dismiss="modal" aria-label="Close">
 13 | 					<span aria-hidden="true">&times;</span>
 14 | 				</button>
 15 | 			</div>
 16 | 			<div class="modal-body">
 17 | 				<form method="POST" action="{{ request.script_root }}/admin/chal/update">
 18 | 					<input name='nonce' type='hidden' value="{{ nonce }}">
 19 | 
 20 | 					<div class="form-group">
 21 | 						<label for="name">Name
 22 | 							<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip"
 23 | 							   data-placement="right" title="The name of your challenge"></i>
 24 | 						</label>
 25 | 						<input type="text" class="form-control chal-name" name="name" placeholder="Enter challenge name"
 26 | 							   value="{{ name }}">
 27 | 					</div>
 28 | 					<div class="form-group">
 29 | 						<label for="category">Category
 30 | 							<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip"
 31 | 							   data-placement="right" title="The category of your challenge"></i>
 32 | 						</label>
 33 | 						<input type="text" class="form-control chal-category" name="category"
 34 | 							   placeholder="Enter challenge category" value="{{ category }}">
 35 | 					</div>
 36 | 
 37 | 					<ul class="nav nav-tabs" role="tablist" id="desc-edit">
 38 | 						<li class="nav-item">
 39 | 							<a class="nav-link active" href="#desc-write" id="desc-write-link" aria-controls="home"
 40 | 							   role="tab" data-toggle="tab">
 41 | 								Write
 42 | 							</a>
 43 | 						</li>
 44 | 						<li class="nav-item">
 45 | 							<a class="nav-link" href="#desc-preview" aria-controls="home" role="tab" data-toggle="tab">
 46 | 								Preview
 47 | 							</a>
 48 | 						</li>
 49 | 					</ul>
 50 | 					<div class="tab-content">
 51 | 						<div role="tabpanel" class="tab-pane active" id="desc-write">
 52 | 							<div class="form-group">
 53 | 								<label for="message-text" class="control-label">Message:
 54 | 									<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip"
 55 | 									   data-placement="right"
 56 | 									   title="Use this to give a brief introduction to your challenge. The description supports HTML and Markdown."></i>
 57 | 								</label>
 58 | 								<textarea id="desc-editor" class="form-control chal-desc-editor" name="description"
 59 | 										  rows="10">{{ description }}</textarea>
 60 | 							</div>
 61 | 						</div>
 62 | 						<div role="tabpanel" class="tab-pane content" id="desc-preview"
 63 | 							 style="height:214px; overflow-y: scroll;">
 64 | 						</div>
 65 | 					</div>
 66 | 
 67 | 					<div class="form-group">
 68 | 						<label for="value">Current Value
 69 | 							<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip"
 70 | 							   data-placement="right"
 71 | 							   title="This is how many points the challenge is worth right now."></i>
 72 | 						</label>
 73 | 						<input type="number" class="form-control chal-value" name="value" placeholder="Enter value"
 74 | 							   value="{{ value }}" required>
 75 | 					</div>
 76 | 
 77 | 					<div class="form-group">
 78 | 						<label for="value">Initial Value
 79 | 							<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip"
 80 | 							   data-placement="right"
 81 | 							   title="This is how many points the challenge was worth initially."></i>
 82 | 						</label>
 83 | 						<input type="number" class="form-control chal-initial" name="initial" placeholder="Enter value"
 84 | 							   value="{{ initial }}" required>
 85 | 					</div>
 86 | 
 87 | 					<div class="form-group">
 88 | 						<label for="value">Decay Limit
 89 | 							<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip"
 90 | 							   data-placement="right"
 91 | 							   title="The amount of solves before the challenge reaches its minimum value"></i>
 92 | 						</label>
 93 | 						<input type="number" class="form-control chal-decay" name="decay"
 94 | 							   placeholder="Enter decay limit" value="{{ decay }}" required>
 95 | 					</div>
 96 | 
 97 | 					<div class="form-group">
 98 | 						<label for="value">Minimum Value
 99 | 							<i class="far fa-question-circle text-muted cursor-help" data-toggle="tooltip"
100 | 							   data-placement="right" title="This is the lowest that the challenge can be worth"></i>
101 | 						</label>
102 | 						<input type="number" class="form-control chal-minimum" name="minimum"
103 | 							   placeholder="Enter minimum value" value="{{ minimum }}" required>
104 | 					</div>
105 | 
106 | 					<div class="checkbox">
107 | 						<label>
108 | 							<input class="chal-attempts-checkbox" id="limit_max_attempts" name="limit_max_attempts"
109 | 								   type="checkbox" {% if max_attempts %}checked{% endif %}>
110 | 							Limit challenge attempts
111 | 						</label>
112 | 					</div>
113 | 
114 | 					<div class="form-group" id="chal-attempts-group"
115 | 						 {% if not max_attempts %}style="display:none;"{% endif %}>
116 | 						<label for="value">Max Attempts</label>
117 | 						<input type="number" class="form-control chal-attempts" id="chal-attempts-input"
118 | 							   name="max_attempts" placeholder="Enter value" value="{{ max_attempts }}">
119 | 					</div>
120 | 					<input class="chal-id" type='hidden' name='id' placeholder='ID' value="{{ id }}">
121 | 
122 | 					<div class="checkbox">
123 | 						<label>
124 | 							<input class="chal-hidden" name="hidden" type="checkbox"
125 | 								   {% if hidden %}checked{% endif %}>
126 | 							Hidden
127 | 						</label>
128 | 					</div>
129 | 
130 | 					<input type="hidden" value="{{ nonce }}" name="nonce" id="nonce">
131 | 					<div style="text-align:center">
132 | 						<button class="btn btn-success btn-outlined update-challenge-submit" type="submit">Update
133 | 						</button>
134 | 					</div>
135 | 				</form>
136 | 			</div>
137 | 		</div>
138 | 	</div>
139 | </div>
140 | 


--------------------------------------------------------------------------------
/__init__.py:
--------------------------------------------------------------------------------
  1 | from __future__ import division # Use floating point for math calculations
  2 | from CTFd.plugins.challenges import BaseChallenge, CHALLENGE_CLASSES
  3 | from CTFd.plugins import register_plugin_assets_directory
  4 | from CTFd.plugins.keys import get_key_class
  5 | from CTFd.models import db, Solves, WrongKeys, Keys, Challenges, Files, Tags, Teams, Hints
  6 | from CTFd import utils
  7 | import math
  8 | 
  9 | 
 10 | class DynamicValueChallenge(BaseChallenge):
 11 |     id = "dynamic"  # Unique identifier used to register challenges
 12 |     name = "dynamic"  # Name of a challenge type
 13 |     templates = {  # Handlebars templates used for each aspect of challenge editing & viewing
 14 |         'create': '/plugins/DynamicValueChallenge/assets/dynamic-challenge-create.njk',
 15 |         'update': '/plugins/DynamicValueChallenge/assets/dynamic-challenge-update.njk',
 16 |         'modal': '/plugins/DynamicValueChallenge/assets/dynamic-challenge-modal.njk',
 17 |     }
 18 |     scripts = {  # Scripts that are loaded when a template is loaded
 19 |         'create': '/plugins/DynamicValueChallenge/assets/dynamic-challenge-create.js',
 20 |         'update': '/plugins/DynamicValueChallenge/assets/dynamic-challenge-update.js',
 21 |         'modal': '/plugins/DynamicValueChallenge/assets/dynamic-challenge-modal.js',
 22 |     }
 23 | 
 24 |     @staticmethod
 25 |     def create(request):
 26 |         """
 27 |         This method is used to process the challenge creation request.
 28 | 
 29 |         :param request:
 30 |         :return:
 31 |         """
 32 |         files = request.files.getlist('files[]')
 33 | 
 34 |         # Create challenge
 35 |         chal = DynamicChallenge(
 36 |             name=request.form['name'],
 37 |             description=request.form['description'],
 38 |             value=request.form['value'],
 39 |             category=request.form['category'],
 40 |             type=request.form['chaltype'],
 41 |             minimum=request.form['minimum'],
 42 |             decay=request.form['decay']
 43 |         )
 44 | 
 45 |         if 'hidden' in request.form:
 46 |             chal.hidden = True
 47 |         else:
 48 |             chal.hidden = False
 49 | 
 50 |         max_attempts = request.form.get('max_attempts')
 51 |         if max_attempts and max_attempts.isdigit():
 52 |             chal.max_attempts = int(max_attempts)
 53 | 
 54 |         db.session.add(chal)
 55 |         db.session.commit()
 56 | 
 57 |         flag = Keys(chal.id, request.form['key'], request.form['key_type[0]'])
 58 |         if request.form.get('keydata'):
 59 |             flag.data = request.form.get('keydata')
 60 |         db.session.add(flag)
 61 | 
 62 |         db.session.commit()
 63 | 
 64 |         for f in files:
 65 |             utils.upload_file(file=f, chalid=chal.id)
 66 | 
 67 |         db.session.commit()
 68 | 
 69 |     @staticmethod
 70 |     def read(challenge):
 71 |         """
 72 |         This method is in used to access the data of a challenge in a format processable by the front end.
 73 | 
 74 |         :param challenge:
 75 |         :return: Challenge object, data dictionary to be returned to the user
 76 |         """
 77 |         challenge = DynamicChallenge.query.filter_by(id=challenge.id).first()
 78 |         data = {
 79 |             'id': challenge.id,
 80 |             'name': challenge.name,
 81 |             'value': challenge.value,
 82 |             'initial': challenge.initial,
 83 |             'decay': challenge.decay,
 84 |             'minimum': challenge.minimum,
 85 |             'description': challenge.description,
 86 |             'category': challenge.category,
 87 |             'hidden': challenge.hidden,
 88 |             'max_attempts': challenge.max_attempts,
 89 |             'type': challenge.type,
 90 |             'type_data': {
 91 |                 'id': DynamicValueChallenge.id,
 92 |                 'name': DynamicValueChallenge.name,
 93 |                 'templates': DynamicValueChallenge.templates,
 94 |                 'scripts': DynamicValueChallenge.scripts,
 95 |             }
 96 |         }
 97 |         return challenge, data
 98 | 
 99 |     @staticmethod
100 |     def update(challenge, request):
101 |         """
102 |         This method is used to update the information associated with a challenge. This should be kept strictly to the
103 |         Challenges table and any child tables.
104 | 
105 |         :param challenge:
106 |         :param request:
107 |         :return:
108 |         """
109 |         challenge = DynamicChallenge.query.filter_by(id=challenge.id).first()
110 | 
111 |         challenge.name = request.form['name']
112 |         challenge.description = request.form['description']
113 |         challenge.value = int(request.form.get('value', 0)) if request.form.get('value', 0) else 0
114 |         challenge.max_attempts = int(request.form.get('max_attempts', 0)) if request.form.get('max_attempts', 0) else 0
115 |         challenge.category = request.form['category']
116 |         challenge.hidden = 'hidden' in request.form
117 | 
118 |         challenge.initial = request.form['initial']
119 |         challenge.minimum = request.form['minimum']
120 |         challenge.decay = request.form['decay']
121 | 
122 |         db.session.commit()
123 |         db.session.close()
124 | 
125 |     @staticmethod
126 |     def delete(challenge):
127 |         """
128 |         This method is used to delete the resources used by a challenge.
129 | 
130 |         :param challenge:
131 |         :return:
132 |         """
133 |         WrongKeys.query.filter_by(chalid=challenge.id).delete()
134 |         Solves.query.filter_by(chalid=challenge.id).delete()
135 |         Keys.query.filter_by(chal=challenge.id).delete()
136 |         files = Files.query.filter_by(chal=challenge.id).all()
137 |         for f in files:
138 |             utils.delete_file(f.id)
139 |         Files.query.filter_by(chal=challenge.id).delete()
140 |         Tags.query.filter_by(chal=challenge.id).delete()
141 |         Hints.query.filter_by(chal=challenge.id).delete()
142 |         DynamicChallenge.query.filter_by(id=challenge.id).delete()
143 |         Challenges.query.filter_by(id=challenge.id).delete()
144 |         db.session.commit()
145 | 
146 |     @staticmethod
147 |     def attempt(chal, request):
148 |         """
149 |         This method is used to check whether a given input is right or wrong. It does not make any changes and should
150 |         return a boolean for correctness and a string to be shown to the user. It is also in charge of parsing the
151 |         user's input from the request itself.
152 | 
153 |         :param chal: The Challenge object from the database
154 |         :param request: The request the user submitted
155 |         :return: (boolean, string)
156 |         """
157 |         provided_key = request.form['key'].strip()
158 |         chal_keys = Keys.query.filter_by(chal=chal.id).all()
159 |         for chal_key in chal_keys:
160 |             if get_key_class(chal_key.type).compare(chal_key, provided_key):
161 |                 return True, 'Correct'
162 |         return False, 'Incorrect'
163 | 
164 |     @staticmethod
165 |     def solve(team, chal, request):
166 |         """
167 |         This method is used to insert Solves into the database in order to mark a challenge as solved.
168 | 
169 |         :param team: The Team object from the database
170 |         :param chal: The Challenge object from the database
171 |         :param request: The request the user submitted
172 |         :return:
173 |         """
174 |         chal = DynamicChallenge.query.filter_by(id=chal.id).first()
175 | 
176 |         solve_count = Solves.query.join(Teams, Solves.teamid == Teams.id).filter(Solves.chalid==chal.id, Teams.banned==False).count()
177 | 
178 |         # It is important that this calculation takes into account floats.
179 |         # Hence this file uses from __future__ import division
180 |         value = (
181 |                     (
182 |                         (chal.minimum - chal.initial)/(chal.decay**2)
183 |                     ) * (solve_count**2)
184 |                 ) + chal.initial
185 | 
186 |         value = math.ceil(value)
187 | 
188 |         if value < chal.minimum:
189 |             value = chal.minimum
190 | 
191 |         chal.value = value
192 | 
193 |         provided_key = request.form['key'].strip()
194 |         solve = Solves(teamid=team.id, chalid=chal.id, ip=utils.get_ip(req=request), flag=provided_key)
195 |         db.session.add(solve)
196 | 
197 |         db.session.commit()
198 |         db.session.close()
199 | 
200 |     @staticmethod
201 |     def fail(team, chal, request):
202 |         """
203 |         This method is used to insert WrongKeys into the database in order to mark an answer incorrect.
204 | 
205 |         :param team: The Team object from the database
206 |         :param chal: The Challenge object from the database
207 |         :param request: The request the user submitted
208 |         :return:
209 |         """
210 |         provided_key = request.form['key'].strip()
211 |         wrong = WrongKeys(teamid=team.id, chalid=chal.id, ip=utils.get_ip(request), flag=provided_key)
212 |         db.session.add(wrong)
213 |         db.session.commit()
214 |         db.session.close()
215 | 
216 | 
217 | class DynamicChallenge(Challenges):
218 |     __mapper_args__ = {'polymorphic_identity': 'dynamic'}
219 |     id = db.Column(None, db.ForeignKey('challenges.id'), primary_key=True)
220 |     initial = db.Column(db.Integer)
221 |     minimum = db.Column(db.Integer)
222 |     decay = db.Column(db.Integer)
223 | 
224 |     def __init__(self, name, description, value, category, type='dynamic', minimum=1, decay=50):
225 |         self.name = name
226 |         self.description = description
227 |         self.value = value
228 |         self.initial = value
229 |         self.category = category
230 |         self.type = type
231 |         self.minimum = minimum
232 |         self.decay = decay
233 | 
234 | 
235 | def load(app):
236 |     app.db.create_all()
237 |     CHALLENGE_CLASSES['dynamic'] = DynamicValueChallenge
238 |     register_plugin_assets_directory(app, base_path='/plugins/DynamicValueChallenge/assets/')


--------------------------------------------------------------------------------