blob: 1111b0033cc70b2bf01004743c06caddcd21ab3b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
#!/bin/sh
if [ x$1 = x ]
then
echo >&2 <<EOF
No command. Subcommands:
$0 once <exploit> # runs an exploit once, print captured flags
$1 loop <exploit> # runs an exploit in a loop once per round
<exploit> is an executable file. Flags, grepped from stdout, are submitted.
It is called for every target. Args are target IP and flag IDs JSON object.
Example: <exploit> 10.1.2.3 '{"user": "root", "pass": "hunter2"}'
Flag IDs are also available in the environment as variables FLAG_ID_<key>:
{"user": "root", "pass": "hunter2"} will be in environment as vars
FLAG_ID_user=root and FLAG_ID_pass=hunter2
In loop mode, exploit is first exec'd rapidly for still valid old rounds.
Max execution time is $EXPLOIT_TIMEOUT seconds (EXPLOIT_TIMEOUT in config)
Exploits are NOT executed in parallel.
Make sure that your system time is set CORRECTLY TO THE SECOND, it's used
to get the current round id. Current time: `date`.
Configuration values are also available in environment of exploits.
EOF
exit 1
fi
set -xeuo pipefail
|
