blob: dc165cea18f08a9d6ad696223c6278d662b0946f (
plain) (
tree)
|
|
# Common config for exploit.sh and submission.py.
# It is to be sourced. It only sets environment variables.
# ==========================
# ========= COMMON =========
export SUBMISSION_PORT=21502
# ==========================
# ======= EXPLOIT.SH =======
# This regex is used to grep -Eo flags from stdout of exploits before submitting them
export FLAG_REGEX_SEARCH="[A-Za-z0-9]{31}="
# Where can exploit.sh find submission.py. Port is a common setting.
export SUBMISSION_HOST=localhost
### export SUBMISSION_HOST=k.4a.si
# Must be precise, not less than round duration. Used to calculate round id.
export ROUND_DURATION=120
# When does the game start (in UTC). Used to calculate current round id.
export GAME_START=2024-09-01T07:00:00
# Team numbers to attack
export GAME_TEAMS="2 69"
###export GAME_TEAMS={0..10}
# Flag IDs URL
game_flag_ids_url()
{
echo http://splet.4a.si/dir/flagids.txt
### echo "http://10.10.0.1:8081/flagIds?service=$1&team=$2&round=$3"
}
export -f game_flag_ids_url
# Target IP from ID
game_target_ip()
{
echo 10.69.69.$1
### echo 10.60.$1.1
}
export -f game_target_ip
# NOP TEAM ID
export GAME_NOP_TEAM=0
# For how many non-current rounds are flags valid at a time?
# It doesn't make sense for this to be less than 0.
# Setting to 0 means only the current round is valid.
export GAME_VALID_ROUNDS=5
# Function exploit.sh should call on errors.
# Args: service team pwd usr@pc message
# 1 2 3 4 5
exploit_error_handler()
{
notify-send --version > /dev/null && notify-send "exploit.sh ERROR" "$5" --urgency critical
}
export -f exploit_error_handler
# Max exploit execution time
export EXPLOIT_TIMEOUT=5
# ==========================
# ====== SUBMISSION.PY =====
# This regex is used to verify flags before storing them
# It can be .*, no problem, just make sure you're then not sending invalid flags
# to submission TCP -- you shouldn't anyways, as submission expects flags neatly
# line by line, it will not clean up random bullshit.
# Don't just send exploit stdout to submission, use exploit.sh!
export FLAG_REGEX_MATCH="^[A-Z0-9]{31}=$"
# Where to store flags -- sqlite3 db
export SUBMISSION_DB=flags.db
# How much flags to send in one request.
# With 2560, if it takes 37 bytes per flag, 2560*37=94720
# Ostane nam torej še dobrih 5280 za headerje,
# če je request limited na 100 kB
export SUBMISSION_MAX_FLAGS=2560
# PUT request, ECSC 2024 AD style
export SUBMISSION_URL=http://z.4a.si/dir/submit.php
### export SUBMISSION_URL=http://10.10.0.1:8080/flags
# How many seconds to delay after a successful submission.
# With 15, we send at most 4 requests per minute out of 15 allowed.
export SUBMISSION_DELAY=15
# This is sent in X-Team-Token in requests to SUBMISSION_URL
export SUBMISSION_TEAM_TOKEN=e5152d70a4d18093cae8844f4e959cf1
# Where to bind to. Use SUBMISSION_PORT in common settings for port.
export SUBMISSION_BIND=::
|