path: root/iv
diff options
Diffstat (limited to '')
17 files changed, 1120 insertions, 0 deletions
diff --git a/iv/orodja/ldmitm/.gitignore b/iv/orodja/ldmitm/.gitignore
new file mode 100644
index 0000000..3ce51cd
--- /dev/null
+++ b/iv/orodja/ldmitm/.gitignore
@@ -0,0 +1 @@
diff --git a/iv/orodja/ldmitm/Makefile b/iv/orodja/ldmitm/Makefile
new file mode 100644
index 0000000..1ef8a92
--- /dev/null
+++ b/iv/orodja/ldmitm/Makefile
@@ -0,0 +1,20 @@
+obj-m += tcp_times.o
+all: allmods tcp_times_example
+ %.c
+ cc -shared -fPIC -ldl $< -o $@
+%: %.c
+ cc -g -Wall -Wextra -pedantic -Wformat -Wformat-security -o$@ $<
+ make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
+ make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean
+ rm tcp_times_example
+ apt install libsqlite3-dev linux-headers-generic
+.PHONY: allmods clean prepare
diff --git a/iv/orodja/ldmitm/ldmitm.c b/iv/orodja/ldmitm/ldmitm.c
new file mode 100644
index 0000000..2b8b815
--- /dev/null
+++ b/iv/orodja/ldmitm/ldmitm.c
@@ -0,0 +1,262 @@
+Bolje bi bilo uporabiti frida gadget:
+Kako deluje:
+Prevedi z: gcc -shared -fPIC -ldl ldmitm.c -o
+Poženi z: LD_PRELOAD=$PWD/ php -S 0:1234
+A je treba beležit execve in fopen? Po mojem ne. Odtekanje flagov itak vidimo v TCP sessionu.
+TODO: add mutex locks, openssl bio mitm, read, write, rtt, timestamps (if possible), namesto trenutnega mtu rajši dobi advertised mss iz tcp_info, dobi last ack timestamp option value: <= tu notri je mogoče z BPF???
+#include <stdio.h>
+#include <dlfcn.h>
+#include <sys/socket.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <sqlite3.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <string.h>
+#include <sys/param.h>
+#include <netinet/ip.h>
+#error "we require sqlite newer than 3037000, yours is " #SQLITE_VERSION_NUMBER " --- because of STRICT!"
+#define LOG(x, ...) if (getenv("LDMITM_LOG")) printf("[ldmitm %s] " x "\n", __func__ __VA_OPT__(,) __VA_ARGS__)
+struct stream {
+ bool active; // only stream connections are true, listening sockets and inactive fds are false
+ bool silenced; // only makes sense for stream connections, true to silence traffic
+ int id; // id in sqlite3 database -- only makes sense for stream connections
+ int bound; // for listening sockets: port, for stream sockets: fd of listening socket
+typedef int (*accept_t)(int socket, struct sockaddr *restrict address, socklen_t *restrict address_len);
+typedef int (*close_t)(int fd);
+typedef int (*bind_t)(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
+static accept_t real_accept = NULL;
+static close_t real_close = NULL;
+static bind_t real_bind = NULL;
+static sqlite3 * db = NULL;
+struct stream * streams = NULL;
+int streams_sizeof = 0;
+static void setup_db () { // should be able to ignore being called in case db is already set up on this thread
+ if (db)
+ return;
+ if (ret != SQLITE_OK) {
+ LOG("failed to open db: %s", sqlite3_errstr(ret));
+ goto fail;
+ }
+ sqlite3_stmt * stmt = NULL;
+ ret = sqlite3_prepare_v3(db, "PRAGMA foreign_keys = ON;", -1, 0, &stmt, NULL);
+ if (ret != SQLITE_OK) {
+ LOG("failed to prepare pragma foreign_keys: %s", sqlite3_errstr(ret));
+ if (stmt)
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ goto fail;
+ }
+ ret = sqlite3_step(stmt);
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ if (ret != SQLITE_DONE) {
+ LOG("failed to step pragma foreign_keys: %s", sqlite3_errstr(ret));
+ goto fail;
+ }
+#define CREATE_TABLE(name, columns) \
+ ret = sqlite3_prepare_v3(db, "create table if not exists " name " (" columns ") STRICT;", -1, 0, &stmt, NULL); \
+ if (ret != SQLITE_OK) { \
+ LOG("failed to prepare create " name ": %s, statement: %s", sqlite3_errstr(ret), "create table if not exists " name " (" columns ") STRICT;"); \
+ if (stmt) \
+ sqlite3_finalize(stmt); \
+ stmt = NULL; \
+ goto fail; \
+ } \
+ ret = sqlite3_step(stmt); \
+ sqlite3_finalize(stmt); \
+ stmt = NULL; \
+ if (ret != SQLITE_DONE) { \
+ LOG("failed to step create " name ": %s", sqlite3_errstr(ret)); \
+ goto fail; \
+ }
+ CREATE_TABLE("connections", "id INTEGER PRIMARY KEY, bound INTEGER NOT NULL, peer TEXT NOT NULL, accepted TEXT DEFAULT (strftime('%FT%R:%f', 'now')) NOT NULL, closed TEXT, silenced TEXT, mtu INTEGER NOT NULL"); // accepted, closed and silenced are iso datestrings, bound is listening port
+ CREATE_TABLE("messages", "connection INTEGER NOT NULL, direction INTEGER NOT NULL CHECK (direction IN (0, 1)), time TEXT DEFAULT (strftime('%FT%R:%f', 'now')) NOT NULL, rtt INTEGER NOT NULL, FOREIGN KEY(connection) REFERENCES connections(id)");
+ return;
+ if (db)
+ sqlite3_close_v2(db);
+ db = NULL;
+ return;
+static void end_stream (int fd) { // cleanup function, should be able to handle being called on already ended stream
+ if (fd >= streams_sizeof || !streams[fd].active)
+ return;
+ setup_db();
+ if (db) {
+ sqlite3_stmt * stmt = NULL;
+ int ret = sqlite3_prepare_v3(db, "update connections set closed=strftime('%FT%R:%f', 'now') WHERE id=:i;", -1, 0, &stmt, NULL);
+ if (ret != SQLITE_OK) {
+ LOG("failed to prepare update connections set closed: %s", sqlite3_errstr(ret));
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ goto fail;
+ }
+ ret = sqlite3_bind_int64(stmt, sqlite3_bind_parameter_index(stmt, ":i"), streams[fd].id);
+ if (ret != SQLITE_OK) {
+ LOG("failed to bind update connections set closed: %s", sqlite3_errstr(ret));
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ goto fail;
+ }
+ ret = sqlite3_step(stmt);
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ if (ret != SQLITE_DONE) {
+ LOG("failed to step update connections set closed: %s", sqlite3_errstr(ret));
+ goto fail;
+ }
+ }
+ memset(&(streams[fd]), 0, sizeof streams[fd]);
+static bool more_fds (int largest_fd) {
+ if (largest_fd >= streams_sizeof) {
+ int streams_sizeof_new;
+ if (streams_sizeof == 0)
+ streams_sizeof_new = 128;
+ else
+ streams_sizeof_new = streams_sizeof * 2;
+ struct stream * streams_new = realloc(streams, streams_sizeof_new*sizeof *streams);
+ if (!streams_new) {
+ LOG("ENOMEM realloc streams!");
+ return false;
+ }
+ memset(streams_new+streams_sizeof, 0, (streams_sizeof_new-streams_sizeof)*sizeof *streams);
+ streams = streams_new;
+ streams_sizeof = streams_sizeof_new;
+ }
+ if (largest_fd < streams_sizeof)
+ return true;
+ return more_fds(largest_fd);
+static int port_from_sa (const struct sockaddr * sa) { // gets port from sockaddr
+ switch (sa->sa_family) {
+ case AF_INET:
+ return ntohs(((struct sockaddr_in *) sa)->sin_port);
+ case AF_INET6:
+ return ntohs(((struct sockaddr_in6 *) sa)->sin6_port);
+ default:
+ return -1;
+ }
+static void str_from_sa (char * peeraddress, const struct sockaddr * address) {
+ switch (address->sa_family) {
+ case AF_INET:
+ if (!inet_ntop(AF_INET, &(((struct sockaddr_in *) address)->sin_addr), peeraddress, *address_len)) {
+ int myerrno = errno;
+ strcpy(peeraddress, "!");
+ strcat(peeraddress, strerror(myerrno));
+ }
+ sprintf(peeraddress+strlen(peeraddress), "/%d", ntohs(((struct sockaddr_in *) address)->sin_port));
+ break;
+ case AF_INET6:
+ if (!inet_ntop(AF_INET6, &(((struct sockaddr_in6 *) address)->sin6_addr), peeraddress, *address_len)) {
+ int myerrno = errno;
+ strcpy(peeraddress, "!");
+ strcat(peeraddress, strerror(myerrno));
+ }
+ sprintf(peeraddress+strlen(peeraddress), "/%d", ntohs(((struct sockaddr_in6 *) address)->sin6_port));
+ break;
+ default:
+ strcpy(peeraddress, "unknown family");
+ break;
+ }
+int bind (int sockfd, const struct sockaddr * addr, socklen_t addrlen) {
+ if (!real_bind)
+ real_bind = dlsym(RTLD_NEXT, "bind");
+ LOG("called bind()");
+ int ret = real_bind(sockfd, addr, addrlen);
+ int old_errno = errno;
+ if (ret == -1)
+ goto fail;
+ if (!more_fds(sockfd))
+ goto fail; // enomem
+ streams[sockfd].bound = port_from_sa(addr);
+ errno = old_errno;
+ return ret;
+int close (int fd) {
+ if (!real_close)
+ real_close = dlsym(RTLD_NEXT, "close");
+ LOG("called close()");
+ int ret = real_close(fd);
+ int old_errno = errno;
+ end_stream(fd);
+ errno = old_errno;
+ return ret;
+int accept (int socket, struct sockaddr *restrict address, socklen_t *restrict address_len) {
+ if (!real_accept)
+ real_accept = dlsym(RTLD_NEXT, "accept");
+ LOG("called accept()");
+ int ret = real_accept(socket, address, address_len);
+ int saved_errno = errno;
+ if (ret == -1)
+ goto fail;
+ if (!more_fds(MAX(ret, socket))
+ goto fail; // enomem
+ end_stream(ret);
+ streams[ret].active = true;
+ streams[ret].bound = socket;
+ setup_db();
+ if (db) {
+ sqlite3_stmt * stmt = NULL;
+ int sqlret = sqlite3_prepare_v3(db, "insert into connections (peer, bound, mtu) values (:p, :b, :m);", -1, 0, &stmt, NULL);
+ if (sqlret != SQLITE_OK) {
+ LOG("failed to prepare insert connections: %s", sqlite3_errstr(sqlret));
+ goto sqlfail;
+ }
+ char peeraddress[INET_ADDRSTRLEN+128];
+ str_from_sa(peeraddress, address);
+ sqlret = sqlite3_bind_text(stmt, sqlite3_bind_parameter_index(stmt, ":p"), peeraddress, -1, SQLITE_STATIC);
+ if (sqlret != SQLITE_OK) {
+ LOG("failed to bind insert connection text: %s", sqlite3_errstr(sqlret));
+ goto sqlfail;
+ }
+ sqlret = sqlite3_bind_int64(stmt, sqlite3_bind_parameter_index(stmt, ":b"), streams[streams[ret].bound].bound);
+ if (sqlret != SQLITE_OK) {
+ LOG("failed to bind insert connection bound: %s", sqlite3_errstr(sqlret));
+ goto sqlfail;
+ }
+ int mtu;
+ int mtusize = sizeof mtu;
+ if (getsockopt(socket, IPPROTO_IP, IP_MTU, &mtu, &mtusize) == -1) {
+ mtu = -errno;
+ LOG("failed to get MTU: %s", -mtu);
+ }
+ sqlret = sqlite3_bind_int64(stmt, sqlite3_bind_parameter_index(stmt, ":m"), mtu);
+ if (sqlret != SQLITE_OK) {
+ LOG("failed to bind insert connection mtu: %s", sqlite3_errstr(sqlret));
+ goto sqlfail;
+ }
+ sqlret = sqlite3_step(stmt);
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ if (sqlret != SQLITE_DONE) {
+ LOG("failed to step insert connection: %s", sqlite3_errstr(ret));
+ goto sqlfail;
+ }
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ goto fail;
+ }
+ errno = saved_errno;
+ return ret;
+__attribute__((constructor)) static void setup (void) {
+ LOG("called setup()");
diff --git a/iv/orodja/ldmitm/tcp_times.c b/iv/orodja/ldmitm/tcp_times.c
new file mode 100644
index 0000000..02a067a
--- /dev/null
+++ b/iv/orodja/ldmitm/tcp_times.c
@@ -0,0 +1,114 @@
+Prevajanje: make
+Namestitev v jedro: insmod tcp_times.ko
+Uporaba v C:
+#include <stdint.h>
+#include "tcp_times.h"
+int tcp_times = open("/proc/tcp_times", O_RDWR);
+if (tcp_times == -1) {
+ perror("open tcp_times");
+ break;
+int tcpsock = accept(boundsocket, &address, &addrlen);
+struct tcp_times tt = {
+ .fd = tcpsock
+if (ioctl(tcp_times, 0, &tt) == -1) {
+ perror("ioctl tcp_times");
+ break;
+// sedaj so polja v tt populirana
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/uaccess.h>
+#include <linux/fs.h>
+#include <linux/proc_fs.h>
+#include <linux/net.h>
+#include <linux/tcp.h>
+#include <linux/version.h>
+#include "tcp_times.h"
+MODULE_AUTHOR("Anton Luka Šijanec <>");
+MODULE_DESCRIPTION("tcp last received tsval, rtt procfs ioctl driver");
+static struct proc_dir_entry * ent;
+static long myioctl (struct file * filep, unsigned int cmd, unsigned long arg) {
+ switch(cmd) {
+ case 0:
+ struct tcp_times tt;
+ if (copy_from_user(&tt, (void *) arg, sizeof tt))
+ return -EFAULT;
+ struct fd f = fdget(tt.fd);
+ if (!f.file)
+ return -EBADF;
+ struct socket * sock = sock_from_file(f.file);
+ if (!sock) {
+ fdput(f);
+ return -ENOTSOCK;
+ }
+ if (!(sock->type & SOCK_STREAM)) {
+ fdput(f);
+ return -ENOSTR;
+ }
+ if (!sock->sk) {
+ fdput(f);
+ return -EBADFD;
+ }
+ if (sock->sk->sk_protocol != IPPROTO_TCP) {
+ fdput(f);
+ }
+ struct tcp_sock * tp = tcp_sk(sock->sk);
+ tt.ts_recent_stamp = tp->rx_opt.ts_recent_stamp;
+ tt.ts_recent = tp->rx_opt.ts_recent;
+ tt.rcv_tsval = tp->rx_opt.rcv_tsval;
+ tt.rcv_tsecr = tp->rx_opt.rcv_tsecr;
+ tt.saw_tstamp = tp->rx_opt.saw_tstamp;
+ tt.tstamp_ok = tp->rx_opt.tstamp_ok;
+ tt.dsack = tp->rx_opt.dsack;
+ tt.wscale_ok = tp->rx_opt.wscale_ok;
+ tt.sack_ok = tp->rx_opt.sack_ok;
+ tt.smc_ok = tp->rx_opt.smc_ok;
+ tt.snd_wscale = tp->rx_opt.snd_wscale;
+ tt.rcv_wscale = tp->rx_opt.rcv_wscale;
+ tt.advmss = tp->advmss;
+ tt.rttvar_us = tp->rttvar_us;
+ tt.srtt_us = tp->srtt_us;
+ tt.rcv_rtt_est.rtt_us = tp->rcv_rtt_est.rtt_us;
+ tt.rcv_rtt_est.seq = tp->rcv_rtt_est.seq;
+ tt.rcv_rtt_est.time = tp->rcv_rtt_est.time;
+ tt.rtt_us = tp->rack.rtt_us;
+ tt.mdev_max_us = tp->mdev_max_us;
+ fdput(f);
+ if (copy_to_user((void *) arg, &tt, sizeof tt))
+ return -EFAULT;
+ return 0;
+ default:
+ return -EINVAL;
+ }
+static const struct file_operations ops = {
+ .owner = THIS_MODULE,
+ .unlocked_ioctl = myioctl,
+static const struct proc_ops ops = {
+ .proc_ioctl = myioctl,
+static int __init custom_init (void) {
+ ent = proc_create("tcp_times", 0666, NULL, &ops);
+ if (!ent) {
+ printk(KERN_INFO "tcp_times failed to create procfs entry.");
+ return -EINVAL;
+ }
+ printk(KERN_INFO "tcp_times kernel module loaded.");
+ return 0;
+static void __exit custom_exit (void) {
+ proc_remove(ent);
+ printk(KERN_INFO "tcp_times kernel module exiting ...");
diff --git a/iv/orodja/ldmitm/tcp_times.h b/iv/orodja/ldmitm/tcp_times.h
new file mode 100644
index 0000000..3368c7b
--- /dev/null
+++ b/iv/orodja/ldmitm/tcp_times.h
@@ -0,0 +1,27 @@
+#define TCP_TIMES_PRINTF_FORMAT "fd: %d, ts_recent_stamp: %d, ts_recent: %u, rcv_tsval: %u, rcv_tsecr: %u, saw_tstamp: %u, tstamp_ok: %u, dsack: %u, wscale_ok: %u, sack_ok: %u, snd_wscale: %u, rcv_wscale: %u, advmss: %u, rttvar_us: %u, srtt_us: %u, rcv_rtt_est.rtt_us: %u, rcv_rtt_est.seq: %u, rcv_rtt_est.time: %lu, rtt_us: %u, mdev_max_us: %u"
+#define TCP_TIMES_PRINTF_VARIABLES(tt) tt fd, tt ts_recent_stamp, tt ts_recent, tt rcv_tsval, tt rcv_tsecr, tt saw_tstamp, tt tstamp_ok, tt dsack, tt wscale_ok, tt sack_ok, tt snd_wscale, tt rcv_wscale, tt advmss, tt rttvar_us, tt srtt_us, tt rcv_rtt_est.rtt_us, tt rcv_rtt_est.seq, tt rcv_rtt_est.time, tt rtt_us, tt mdev_max_us
+struct tcp_times { // Polja so pobrana iz jedra. Glej
+ int fd;
+ int ts_recent_stamp;/* Time we stored ts_recent (for aging) */
+ uint32_t ts_recent; /* Time stamp to echo next */
+ uint32_t rcv_tsval; /* Time stamp value */
+ uint32_t rcv_tsecr; /* Time stamp echo reply */
+ uint16_t saw_tstamp : 1, /* Saw TIMESTAMP on last packet */
+ tstamp_ok : 1, /* TIMESTAMP seen on SYN packet */
+ dsack : 1, /* D-SACK is scheduled */
+ wscale_ok : 1, /* Wscale seen on SYN packet */
+ sack_ok : 3, /* SACK seen on SYN packet */
+ smc_ok : 1, /* SMC seen on SYN packet */
+ snd_wscale : 4, /* Window scaling received from sender */
+ rcv_wscale : 4; /* Window scaling to send to receiver */
+ uint16_t advmss; /* Advertised MSS */
+ uint32_t rttvar_us; /* smoothed mdev_max */
+ uint32_t srtt_us; /* smoothed round trip time << 3 in usecs */
+ struct {
+ uint32_t rtt_us;
+ uint32_t seq;
+ uint64_t time;
+ } rcv_rtt_est;
+ uint32_t rtt_us; /* Associated RTT */
+ uint32_t mdev_max_us; /* maximal mdev for the last rtt period */
+}; // Ne vem, kaj veliko polj tu pomeni, vendar jih dodajam. Mogoče bodo uporabna.
diff --git a/iv/orodja/ldmitm/tcp_times_example.c b/iv/orodja/ldmitm/tcp_times_example.c
new file mode 100644
index 0000000..707bfce
--- /dev/null
+++ b/iv/orodja/ldmitm/tcp_times_example.c
@@ -0,0 +1,80 @@
+Posluša na TCP vratih 6969, prejme eno povezavo, vsako sekundo nanjo izpiše LF in piše statistiko, dobljeno iz jedrnega modula tcp_times.
+#include <stdint.h>
+#include "tcp_times.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <unistd.h>
+#include <stdbool.h>
+#include <sys/ioctl.h>
+#include <fcntl.h>
+#include <signal.h>
+int samomor = 0;
+void handler (int sig __attribute__((unused))) {
+ samomor = 1;
+int main (void) {
+ if (signal(SIGINT, handler) == SIG_ERR) {
+ perror("signal");
+ return 1;
+ }
+ if (signal(SIGHUP, handler) == SIG_ERR) {
+ perror("signal");
+ return 1;
+ }
+ if (signal(SIGTERM, handler) == SIG_ERR) {
+ perror("signal");
+ return 1;
+ }
+ int tcp_socket = socket(AF_INET6, SOCK_STREAM, 0);
+ if (tcp_socket == -1) {
+ perror("socket");
+ return 1;
+ }
+ struct sockaddr_in6 sa6 = {
+ .sin6_family = AF_INET6,
+ .sin6_port = htons(6969),
+ .sin6_addr = IN6ADDR_ANY_INIT,
+ };
+ if (bind(tcp_socket, (struct sockaddr *) &sa6, sizeof sa6) == -1) {
+ perror("bind");
+ return 1;
+ }
+ if (listen(tcp_socket, 1 /* only one client is handled*/) == -1) {
+ perror("listen");
+ goto die;
+ }
+ int flow = accept(tcp_socket, NULL, NULL);
+ if (flow == -1) {
+ perror("accept");
+ goto die;
+ }
+ int tcp_times = open("/proc/tcp_times", O_RDWR);
+ struct tcp_times tt = {
+ .fd = flow,
+ };
+ char buf = '\n';
+ while (true) {
+ if (ioctl(tcp_times, 0, &tt) == -1) {
+ perror("ioctl");
+ break;
+ }
+ if (send(flow, &buf, 1, MSG_NOSIGNAL) == -1) {
+ perror("write");
+ break;
+ }
+ if (samomor)
+ break;
+ sleep(1);
+ }
+ close(tcp_times);
+ close(flow);
+ close(tcp_socket);
+ return 1;
diff --git a/iv/orodja/napad/.gitignore b/iv/orodja/napad/.gitignore
new file mode 100644
index 0000000..c1148b6
--- /dev/null
+++ b/iv/orodja/napad/.gitignore
@@ -0,0 +1,2 @@
diff --git a/iv/orodja/napad/ b/iv/orodja/napad/
new file mode 100644
index 0000000..01fb06e
--- /dev/null
+++ b/iv/orodja/napad/
@@ -0,0 +1,63 @@
+Preprosto rezervno orodje za napadanje na A/D tekmovanjih. To so navodila za uporabo.
+Sistem exploitov ne poganja na centralni lokaciji. Ločen je torej na dva dela, del na strežniku za oddajo zastavic ( in preprost webui monitoring (, in del, ki poganja exploit skript in oddaja strežniškemu delu zastavice in z njimi dodatne metapodatke (
+Za administratorja ekipne infrastrukture
+Na strežniku tečeta dva programa, in
+### Konfiguracija
+Konfiguracijsko datoteko generiramo s skriptom, njen stdout pošljemo v datoteko config. Celotna konfiguracija je v okolju procesa (environment), bodisi bodisi S sourcanjem datoteke v lupini (source config) namestimo konfiguracijo.
+Generirano konfiguracijsko datoteko se nekam shrani in v .bashrc doda vrstico "source pot/do/config". Pošlje se jo tudi tekmovalcem. Ista je za strežniški in napadalni del.
+Poženemo ./ Posluša na TCP vratih, kot je določeno v konfiguraciji. Če zanemarimo DoS vstavljanje flagov (kar je zoprno), je mišljeno, da preko tega TCP ne moremo krasti zastavic iz baze ali jih brisati.
+Skript za zaganjanje exploitov bo na ta TCP vrata pošiljal ukradene zastavice.
+Vse dobljene zastavice in metapodatke hrani v sqlite3 podatkovno zbirko.
+Preprost spletni vmesnik. Omogoča prenos HTML datoteke (GET /) in izvajanje poljubnih SQL ukazov na zbriko (POST /sql). Kdor ima dostop do spletnega vmesnika, lahko briše zastavice in jih krade iz zbirke.
+Na vmesniku je dostopna neka read-only statistika, ki se sproti osvežuje (hiter pregled) in polje za izvajanje SQL ukazov.
+Za ostale tekmovalce v ekipi
+### Namestitev
+Prenesite si konfiguracijsko datoteko config, ki vam jo generira administrator ter poskrbite, da se v vaši lupini samodejno "sourca", s čimer se nastavijo konfiguracijske spremenljivke v okolje.
+`wget -O ~/.config/napad.config`
+`echo source ~/.config/napad.conf >> ~/.bashrc`
+Nato prenesemo na neko mesto, ki je v PATHu.
+`wget -O ~/.local/bin/`
+`chmod +x ~/.local/bin/`
+Namestiti je treba še program `curl`, saj se uporablja za vleko flagidjev.
+### Pisanje exploitov
+Exploiti delujejo enako kot pri ataki, le brez docker containerjev. Primer exploita je v Exploit dobi target IP v okoljski spremenljivki `TARGET_IP` in flag ids v `TARGET_EXTRA` kot json objekt. Exploit naj flage zapiše v stdout, lahko pa seveda poleg flagov piše še kaj drugega, flagi pa bodo izluščeni iz njegovega izhoda.
+Dodatne opcije in seznam servicov dobimo z ukazom `` (brez argumentov).
+Exploit testiramo na eni ekipi na trenutni rundi z ukazom ` once servicename ./naš 24`, kjer je 24 opcijski argument --- številka ekipe, ki jo želimo napasti, privzeto je to ekipa NOP.
+Ko smo zadovoljni z exploitom, ga poženemo v "loop" načinu, torej poganjamo ga v zanki do konca igre, enkrat na vsako rundo z ukazom ` loop servicename ./naš`. Če se kaj zalomi (neuspela povezava na submission, exploit je crknil z neničelno kodo), dobimo sporočilo na terminal in **desktop obvestilo**.
+Če je le možno, inštalirajte program `parallel` (GNU parallel). Brez njega se bodo exploiti izvajali zaporedno, z njim pa sočasno! Poleg tega bo parallel še rdeče obarval izhod na terminal, ko se zgodi napaka.
+Za vsako rundo in za vsako ekipo program na terminal izpiše, koliko zastavic je pobral.
diff --git a/iv/orodja/napad/ b/iv/orodja/napad/
new file mode 100755
index 0000000..9e2cafb
--- /dev/null
+++ b/iv/orodja/napad/
@@ -0,0 +1,151 @@
+if [ x$1 = x ]
+cat >&2 <<EOF
+No command. Usage: $0 <subcommand> [args ...] Subcommands:
+ once <service> <exploit> [team=$GAME_NOP_TEAM] # runs exploit once
+ loop <service> <exploit> # once per team per round, waits for next round
+<exploit> is an executable file. Flags, grepped from stdout, are submitted.
+It is called for every target with the following environment variables:
+ TARGET_IP: target IP address (uses game_target_ip from config)
+ TARGET_EXTRA: Flag IDs JSON object (uses game_flag_ids_url in config)
+ FLAG_ID_<key>: Every JSON value from flag IDs individually
+Example environment is therefore:
+ TARGET_IP= TARGET_EXTRA='{"a": "1", "b": "2"}' FLAG_ID_a=1 FLAG_ID_b=2
+In loop mode, exploit is first exec'd rapidly for still valid old rounds.
+Max execution time is $EXPLOIT_TIMEOUT seconds (EXPLOIT_TIMEOUT in config)
+Exploits are not run in parallel.
+Make sure that your system time is set CORRECTLY TO THE SECOND, it's used
+ to get the current round id. Check this on
+Configuration values are also available in environment of exploits.
+<service> is the name of the service (used for getting flag IDs)
+Set the following environment variables to alter behaviour:
+ EXPLOIT_STDOUT=1: stdout of exploit will be printed to stderr/terminal
+ EXPLOIT_LOOP_ONCE=1: exit after executing for all valid rounds instead of
+ waiting for the next round. Only valid for loop subcommand.
+ EXPLOIT_VERBOSE=1: print _every_ line executed by $0 (set -x)
+ EXPLOIT_NOTPARALLEL=1: disable parallel even if parallel is available
+ exit 1
+[ ${EXPLOIT_VERBOSE:-false} = false ] || set -x
+set -euo pipefail
+ startunix=`date +%s --utc --date $GAME_START`
+ current=`date +%s --utc`
+ echo $((($current-$startunix)/$ROUND_DURATION))
+if [ ${ROUND_ID:-x} = x ]
+ export ROUND_ID=`current_round_id`
+# tees stdout, collects flags, puts stdout to stderr, prints counts
+# args: team
+ stdoutwhere=/dev/null
+ [ ! ${EXPLOIT_STDOUT:-false} = false ] && stdoutwhere=/dev/stderr
+ tee $stdoutwhere | { grep -Eo "$FLAG_REGEX_SEARCH" || :; } | while read -r line
+ do
+ echo $line $1 $ROUND_ID $service $exploit `whoami`@`hostname``pwd`
+ done | { nc -N $SUBMISSION_HOST $SUBMISSION_PORT || return $((200+$?)); } | cut -d\ -f1,2 | sort | uniq -c | tr $'\n' ' ' | cat <(printf "team=%-2d round=%d: " $1 $ROUND_ID) /dev/stdin <(echo) >&2
+# args: team round
+ set +e
+ output_flagids=$(curl --fail-with-body --no-progress-meter "`game_flag_ids_url "$service" $1 $2`")
+ curl_exit_code=$?
+ set -e
+ echo $output_flagids
+ if [ ! $curl_exit_code -eq 0 ]
+ then
+ send_error $1 "round=$round failed to get flag ids: $output_flagids" >&2
+ return 99
+ fi
+# args: team message
+ echo [$0] ERROR: team=$1: $2
+ exploit_error_handler "$service" $1 `pwd` `whoami`@`hostname` $2
+case $subcommand in
+ once)
+ target_team=$GAME_NOP_TEAM
+ if [ $# -ge 4 ]
+ then
+ target_team=$4
+ fi
+ export TARGET_IP=`game_target_ip $target_team`
+ export TARGET_EXTRA="`get_flag_ids $target_team $ROUND_ID`"
+ source <(echo "$TARGET_EXTRA" | jq -r 'to_entries|map("export FLAG_ID_\(.key|sub("'"'"'";""))='"'"'\(.value|tostring|sub("'"'"'";"'"'\\\"'\\\"'"'"))'"'"'")|.[]')
+ set +e
+ timeout $EXPLOIT_TIMEOUT $exploit | exploit_pipe $target_team
+ exit_code=$?
+ set -e
+ if [ $exit_code -gt 200 ]
+ then
+ send_error $target_team "submission netcat failed with $(($exit_code-200))"
+ exit $exit_code
+ fi
+ if [ ! $exit_code -eq 0 ] && [ ! $exit_code -eq 124 ]
+ then
+ send_error $target_team "$exploit exited with $exit_code"
+ fi
+ if [ $exit_code -eq 124 ]
+ then
+ echo [$0] team=$target_team $exploit timed out >&2
+ fi
+ exit $exit_code
+ ;;
+ loop)
+ if parallel --version > /dev/null && [ ${EXPLOIT_NOTPARALLEL:-false} = false ]
+ then
+ commands_evaluator="parallel --color-failed"
+ commands_output="/dev/stdout"
+ have_parallel=true
+ echo "[$0] using parallel executions (:" >&2
+ else
+ commands_evaluator="cat /dev/stdin"
+ commands_output="/dev/null"
+ have_parallel=false
+ echo "[$0] parallel not found or disabled! zaporedno izvajanje ):" >&2
+ fi
+ while :
+ do
+ for target_team in $GAME_TEAMS
+ do
+ cmd2exec="ROUND_ID=$round $0 once '$service' $exploit $target_team"
+ if $have_parallel
+ then
+ echo $cmd2exec
+ else
+ eval $cmd2exec
+ fi
+ done | $commands_evaluator > $commands_output
+ round=$(($round+1))
+ we_slept=false
+ while [ `current_round_id` -lt $round ]
+ do # oh no we pollin thats ugly af, who cares we have
+ if [ ! ${EXPLOIT_LOOP_ONCE:-false} = false ]
+ then
+ echo [$0] breaking due to EXPLOIT_LOOP_ONCE
+ break
+ fi
+ we_slept=true
+ done
+ if $we_slept
+ then # execute exploit at random time instead of at start
+ sleep $(($RANDOM%$ROUND_DURATION/2))
+ fi
+ done
+ ;;
diff --git a/iv/orodja/napad/ b/iv/orodja/napad/
new file mode 100755
index 0000000..825da18
--- /dev/null
+++ b/iv/orodja/napad/
@@ -0,0 +1,114 @@
+set -xeuo pipefail
+statusresp=`curl --fail-with-body --no-progress-meter`
+starttime=`jq --raw-output .start <<<"$statusresp"`
+roundtime=`jq --raw-output .roundTime <<<"$statusresp"`
+team_names=`jq --raw-output .teams.[].shortname <<<"$statusresp" | tr $'\n' ' '`
+team_numbers=`jq --raw-output .teams.[].id <<<"$statusresp" | tr $'\n' ' '`
+services=`jq --raw-output .services.[].shortname <<<"$statusresp" | tr $'\n' ' '`
+cat <<EOF
+# THIS CONFIG IS AUTOGENERATED BY, edit config values there!
+# Common config for, and
+# It is to be sourced. It only sets environment variables.
+# ==========================
+# ========= COMMON =========
+export SUBMISSION_PORT=21502
+# ==========================
+# ======= EXPLOIT.SH =======
+# Additional help text
+export EXPLOIT_ADDITIONAL_HELP_TEXT="Services: $services"
+# This regex is used to grep -Eo flags from stdout of exploits before submitting them
+export FLAG_REGEX_SEARCH="[A-Za-z0-9]{31}="
+# Where can find Port is a common setting.
+export SUBMISSION_HOST=localhost
+### export
+# Must be precise, not less than round duration. Used to calculate round id.
+export ROUND_DURATION=$roundtime
+# When does the game start (in UTC). Used to calculate current round id.
+export GAME_START=$starttime
+# Team numbers to attack
+export GAME_TEAMS="$team_numbers"
+###export GAME_TEAMS={0..10}
+cat <<'EOF'
+# Flag IDs URL
+ echo
+ ### echo "$1&team=$2&round=$3"
+export -f game_flag_ids_url
+# Target IP from ID
+ echo 10.69.69.$1
+ ### echo 10.60.$1.1
+export -f game_target_ip
+export GAME_NOP_TEAM=0
+# For how many non-current rounds are flags valid at a time?
+# It doesn't make sense for this to be less than 0.
+# Setting to 0 means only the current round is valid.
+# Function should call on errors.
+# Args: service team pwd usr@pc message
+# 1 2 3 4 5
+ notify-send --version > /dev/null && notify-send " ERROR" "$5" --urgency critical
+export -f exploit_error_handler
+# Max exploit execution time
+# ==========================
+# ====== SUBMISSION.PY =====
+# This regex is used to verify flags before storing them
+# It can be .*, no problem, just make sure you're then not sending invalid flags
+# to submission TCP -- you shouldn't anyways, as submission expects flags neatly
+# line by line, it will not clean up random bullshit.
+# Don't just send exploit stdout to submission, use!
+export FLAG_REGEX_MATCH="^[A-Z0-9]{31}=$"
+# Where to store flags -- sqlite3 db
+export SUBMISSION_DB=flags.db
+# How much flags to send in one request.
+# With 2560, if it takes 37 bytes per flag, 2560*37=94720
+# Ostane nam torej še dobrih 5280 za headerje,
+# če je request limited na 100 kB
+# PUT request, ECSC 2024 AD style
+### export SUBMISSION_URL=
+# How many seconds to delay after a successful submission.
+# With 15, we send at most 4 requests per minute out of 15 allowed.
+# This is sent in X-Team-Token in requests to SUBMISSION_URL
+export SUBMISSION_TEAM_TOKEN=e5152d70a4d18093cae8844f4e959cf1
+# Where to bind to. Use SUBMISSION_PORT in common settings for port.
+# ==========================
+# ======== NADZOR.PY =======
diff --git a/iv/orodja/napad/ b/iv/orodja/napad/
new file mode 100755
index 0000000..515aa3e
--- /dev/null
+++ b/iv/orodja/napad/
@@ -0,0 +1,36 @@
+from flask import Flask, render_template, request
+import os
+import sqlite3
+import sys
+app = Flask(__name__)
+@app.route("/", methods=["GET"])
+def frontend():
+ return render_template("frontend.html")
+@app.route("/sql", methods=["POST"])
+def sql():
+ with sqlite3.connect(os.getenv("SUBMISSION_DB", "flags.db")) as db:
+ db.setconfig(sqlite3.SQLITE_DBCONFIG_DEFENSIVE, True)
+ rows = []
+ for row in db.execute(
+ columns = []
+ for column in row:
+ if type(column) == bytes:
+ columns.append(column.decode("utf-8", errors="surrogateescape"))
+ else:
+ columns.append(column)
+ rows.append(columns)
+ return rows
+if __name__ == "__main__":
+ port = 21503
+ host = "::"
+ if len(sys.argv) > 1:
+ port = int(sys.argv[1])
+ if len(sys.argv) > 2:
+ host = sys.argv[2]
+, debug=True, host=host)
diff --git a/iv/orodja/napad/ b/iv/orodja/napad/
new file mode 100755
index 0000000..c345bdb
--- /dev/null
+++ b/iv/orodja/napad/
@@ -0,0 +1,89 @@
+import os
+import asyncio
+import re
+import sqlite3
+import aiohttp
+import traceback
+db = sqlite3.connect(os.getenv("SUBMISSION_DB", "flags.db"))
+db.execute("CREATE TABLE IF NOT EXISTS flags (id INTEGER PRIMARY KEY, flag TEXT NOT NULL UNIQUE, team INTEGER, service BLOB, round INTEGER, context BLOB, sent INTEGER NOT NULL DEFAULT 0, date TEXT DEFAULT (strftime('%FT%R:%f', 'now')) NOT NULL, status TEXT, msg TEXT, submitted TEXT) STRICT") # submitted is date
+flag_regex = re.compile(os.getenv("FLAG_REGEX_MATCH", "^[A-Z0-9]{31}=$").encode(), re.ASCII | re.DOTALL | re.VERBOSE)
+async def submitter ():
+ while True:
+ flags_balance = dict()
+ unsent_flags = 0
+ for flag, team, service in db.execute("SELECT flag, team, service FROM flags WHERE sent == 0 ORDER BY date DESC"):
+ if (team, service) not in flags_balance.keys():
+ flags_balance[(team, service)] = []
+ flags_balance[(team, service)].append(flag)
+ unsent_flags += 1
+ flags = []
+ while len(flags) < int(os.getenv("SUBMISSION_MAX_FLAGS", "2560")) and unsent_flags > 0: # to zna biti počasno, najdi lepši način
+ for key in [x for x in flags_balance.keys()]:
+ try:
+ zastava = flags_balance[key].pop(0)
+ except IndexError:
+ flags_balance.pop(key)
+ else:
+ flags.append(zastava)
+ unsent_flags -= 1
+ if len(flags) == 0:
+ await asyncio.sleep(1)
+ continue
+ for i in [1]:
+ async with aiohttp.ClientSession(headers={"X-Team-Token": os.getenv("SUBMISSION_TEAM_TOKEN")}) as session:
+ try:
+ async with session.put(os.getenv("SUBMISSION_URL", ''), json=flags) as response:
+ if response.status // 100 != 2:
+ print("submitter error: " + await response.text())
+ break
+ cursor = db.cursor()
+ for obj in await response.json():
+ cursor.execute("UPDATE flags SET sent=?, status=?, msg=?, submitted=strftime('%FT%R:%f', 'now') WHERE flag=?", [int(obj.get("status") != "RESUBMIT"), obj.get("status"), obj.get("msg"), obj.get("flag")])
+ db.commit()
+ except Exception as e:
+ traceback.print_exc()
+ await asyncio.sleep(int(os.getenv("SUBMISSION_DELAY", "15")))
+async def handle_client (reader, writer):
+ while True:
+ try: # SUBMISSION LINE FORMAT: "flag teamnumber roundnumber service any other context"
+ incoming = await reader.readuntil(b'\n')
+ except asyncio.exceptions.IncompleteReadError as e:
+ if int(str(e).split(" ")[0]) == 0:
+ break
+ raise e
+ if len(incoming) == 0:
+ break
+ buffer = incoming.replace(b'\r', b'').replace(b'\n', b'')
+ if re.match(flag_regex, buffer.split(b' ')[0]) == None:
+ writer.write(b'BAD_FLAG\n')
+ continue
+ flag = buffer.split(b' ')[0].decode()
+ context = b' '.join(buffer.split(b' ')[1:])
+ try:
+ team = int(buffer.split(b' ')[1].decode())
+ except (ValueError, UnicodeDecodeError, IndexError):
+ team = -1
+ try:
+ runda = int(buffer.split(b' ')[2].decode())
+ except (ValueError, UnicodeDecodeError, IndexError):
+ runda = -1
+ try:
+ service = buffer.split(b' ')[3]
+ except IndexError:
+ service = None
+ try:
+ db.execute("INSERT INTO flags (flag, team, service, round, context) VALUES (?, ?, ?, ?, ?)", [flag, team, service, runda, context])
+ except sqlite3.IntegrityError:
+ status, msg, date, context = [x for x in db.execute("SELECT status, msg, date, context FROM flags WHERE flag=?", [flag])][0]
+ writer.write(b"OLD_FLAG " + str(status).encode() + b" " + date.encode() + b" " + context + b"\t" + str(msg).encode() + b"\n")
+ else:
+ writer.write(b'NEW_FLAG\n')
+ writer.close()
+async def run_server ():
+ server = await asyncio.start_server(handle_client, os.getenv("SUBMISSION_BIND", "::"), os.getenv("SUBMISSION_PORT", "21502"))
+ event_loop = asyncio.get_event_loop()
+ event_loop.create_task(submitter())
+ async with server:
+ await server.serve_forever()
diff --git a/iv/orodja/napad/ b/iv/orodja/napad/
new file mode 100755
index 0000000..2629fe9
--- /dev/null
+++ b/iv/orodja/napad/
@@ -0,0 +1,10 @@
+import os
+import requests
+import json
+target = os.getenv("TARGET_IP")
+extra = json.loads(os.getenv("TARGET_EXTRA", "{}"))
+with requests.Session() as s:
+ userid = extra["userid"]
+ response = s.get(f"http://{target}:80/dir/flags.txt?user={userid}")
+ print(response.text)
diff --git a/iv/orodja/napad/templates/frontend.html b/iv/orodja/napad/templates/frontend.html
new file mode 100644
index 0000000..8f0389d
--- /dev/null
+++ b/iv/orodja/napad/templates/frontend.html
@@ -0,0 +1,58 @@
+<meta name=viewport content='width=device-width, initial-scale=1.0'>
+<meta charset=utf-8 />
+table, td, tr, th {
+ border: 1px solid red;
+ime podatka
+<tr><td>čas zadnje ACCEPTED zastavice</td><td id=lastaccepteddate></td></tr>
+<tr><td>neposlanih zastavic</td><td id=notsentcount></td></tr>
+<div id=groupbymsg></div>
+<label for=customquery>
+<h3>custom query</h3>
+<textarea cols=80 id=customquery placeholder="select * from flags limit 10">select flag,date,msg from flags limit 10</textarea>
+<div id=customqueryres></div>
+function htmltablefromquery (rows) {
+ let table = document.createElement("table");
+ for (let i = 0; i < rows.length; i++) {
+ let tr = document.createElement("tr");
+ for (let j = 0; j < rows[i].length; j++) {
+ let td = document.createElement("td");
+ td.innerText = rows[i][j];
+ tr.appendChild(td);
+ }
+ let td = document.createElement("td");
+ td.innerText = rows[i][1];
+ table.appendChild(tr);
+ }
+ return table;
+async function refreshview () {
+ fetch("sql", {"method": "post", "body": "select count(flag) from flags where sent=0"}).then((r) => {r.json().then((t)=>{notsentcount.innerText = t[0][0]})});
+ let msgskip = 6; // 36 v dejanski igri
+ fetch("sql", {"method": "post", "body": "select substr(msg, " + msgskip + "),count(substr(msg, " + msgskip + ")) from flags group by substr(msg, " + msgskip + ")"}).then((r) => {r.json().then((rows)=>{
+ groupbymsg.innerHTML = "";
+ groupbymsg.appendChild(htmltablefromquery(rows));
+ })});
+ fetch("sql", {"method": "post", "body": "select submitted from flags where status='ACCEPTED' order by submitted desc limit 1"}).then((r) => {r.json().then((t)=>{lastaccepteddate.innerText = t[0][0]})});
+ fetch("sql", {"method": "post", "body": customquery.value}).then((r) => {r.json().then((rows)=>{
+ customqueryres.innerHTML = "";
+ customqueryres.appendChild(htmltablefromquery(rows));
+ })});
+setInterval(refreshview, 5555);
diff --git a/iv/orodja/waf/Dockerfile b/iv/orodja/waf/Dockerfile
new file mode 100644
index 0000000..bc87aaf
--- /dev/null
+++ b/iv/orodja/waf/Dockerfile
@@ -0,0 +1,6 @@
+FROM alpine:latest
+RUN apk add python3
+COPY ./ .
+RUN chmod +x ./
+CMD ["./"]
diff --git a/iv/orodja/waf/regexes.txt b/iv/orodja/waf/regexes.txt
new file mode 100644
index 0000000..301a41c
--- /dev/null
+++ b/iv/orodja/waf/regexes.txt
@@ -0,0 +1,2 @@
diff --git a/iv/orodja/waf/ b/iv/orodja/waf/
new file mode 100644
index 0000000..701b4dd
--- /dev/null
+++ b/iv/orodja/waf/
@@ -0,0 +1,85 @@
+import asyncio
+import os
+import ssl
+import re
+def manyregex (string, patterns):
+ for pattern in patterns:
+ if, string) != None:
+ return True
+ return False
+async def cevovod (reader, writer, writer2, compiled):
+ buffer = b''
+ while True:
+ prebral = await
+ buffer += prebral
+ if manyregex(buffer, compiled):
+ break ## hacker detected
+ if len(buffer) > 65536:
+ buffer = buffer[-32768:]
+ if len(prebral) == 0:
+ break
+ writer.write(prebral)
+ writer.close()
+ writer2.close()
+async def handle_client (reader, writer):
+ try:
+ compiled = []
+ reflags = re.ASCII | re.MULTILINE | re.DOTALL | re.VERBOSE
+ with open(os.getenv("WAF_REGEXES"), "rb") as rulesfile:
+ regexes ="\n")
+ for regex in regexes:
+ if len(regex) == 0:
+ continue
+ compiled.append(re.compile(regex, reflags))
+ write_to_backend = b''
+ if os.getenv("WAF_HTTP"):
+ headers = []
+ while True:
+ line = (await reader.readuntil(b'\n')).replace(b'\r', b'').replace(b'\n', b'')
+ if not line.lower().startswith(b"accept-encoding:"):
+ write_to_backend += line + b"\r\n"
+ if len(line) == 0:
+ break
+ headers.append(line)
+ if headers[0].startswith(b"GET /waf HTTP/"):
+ writer.write(b"HTTP/1.0 200 OK\r\nContent-Type: text/plain\r\n\r\nwaf works (: PID " + str(os.getpid()).encode() + b"\r\n")
+ writer.close()
+ return
+ context = None
+ if os.getenv("WAF_TLS"):
+ context = ssl.create_default_context()
+ context.check_hostname = False
+ context.verify_mode = ssl.CERT_NONE
+ backendr, backendw = await asyncio.open_connection(os.getenv("WAF_BACKEND_HOST"), os.getenv("WAF_BACKEND_PORT"), ssl=context)
+ if manyregex(write_to_backend, compiled):
+ writer.write(b'HTTP/1.0 469 Hacking\r\nContent-Type: text/plain\r\n\r\nHacking is illegal according to ZEKom-2.\r\n')
+ backendw.close() ## hacker
+ writer.close()
+ return
+ backendw.write(write_to_backend)
+ except Exception as e:
+ writer.write(b"HTTP/1.0 569 Exception\r\nContent-Type: text/plain\r\n\r\n")
+ writer.write(str(e).encode())
+ writer.write(b"\r\n")
+ backendw.close()
+ writer.close()
+ raise e
+ else:
+ event_loop = asyncio.get_event_loop()
+ event_loop.create_task(cevovod(reader, backendw, writer, compiled))
+ event_loop.create_task(cevovod(backendr, writer, backendw, compiled))
+async def run_server ():
+ context = None
+ if os.getenv("WAF_TLS"):
+ context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+ context.load_cert_chain(certfile=os.getenv("WAF_TLS"), keyfile=os.getenv("WAF_TLS_KEY"))
+ server = await asyncio.start_server(handle_client, os.getenv("WAF_LISTEN_ADDR"), os.getenv("WAF_LISTEN_PORT"), ssl=context)
+ async with server:
+ await server.serve_forever()