summaryrefslogtreecommitdiffstats
path: root/iv/orodja/napad/genconfig.sh
blob: 825da18ad965c833c60502ade07149a4da35393d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
#!/bin/bash
set -xeuo pipefail
statusresp=`curl --fail-with-body --no-progress-meter https://ad.ecsc2024.it/api/status`
starttime=`jq --raw-output .start <<<"$statusresp"`
roundtime=`jq --raw-output .roundTime <<<"$statusresp"`
team_names=`jq --raw-output .teams.[].shortname <<<"$statusresp" | tr $'\n' ' '`
team_numbers=`jq --raw-output .teams.[].id <<<"$statusresp" | tr $'\n' ' '`
services=`jq --raw-output .services.[].shortname <<<"$statusresp" | tr $'\n' ' '`
cat <<EOF
# THIS CONFIG IS AUTOGENERATED BY genconfig.sh, edit config values there!
# Common config for exploit.sh, submission.py and nadzor.py
# It is to be sourced. It only sets environment variables.

# ==========================
# ========= COMMON =========

export SUBMISSION_PORT=21502

# ==========================
# ======= EXPLOIT.SH =======

# Additional help text
export EXPLOIT_ADDITIONAL_HELP_TEXT="Services: $services"

# This regex is used to grep -Eo flags from stdout of exploits before submitting them
export FLAG_REGEX_SEARCH="[A-Za-z0-9]{31}="

# Where can exploit.sh find submission.py. Port is a common setting.
export SUBMISSION_HOST=localhost
### export SUBMISSION_HOST=k.4a.si

# Must be precise, not less than round duration. Used to calculate round id.
export ROUND_DURATION=$roundtime

# When does the game start (in UTC). Used to calculate current round id.
export GAME_START=$starttime

# Team numbers to attack
export GAME_TEAMS="$team_numbers"
###export GAME_TEAMS={0..10}
EOF
cat <<'EOF'
# Flag IDs URL
game_flag_ids_url()
{
	echo http://splet.4a.si/dir/flagids.txt
	### echo "http://10.10.0.1:8081/flagIds?service=$1&team=$2&round=$3"
}
export -f game_flag_ids_url

# Target IP from ID
game_target_ip()
{
	echo 10.69.69.$1
	### echo 10.60.$1.1
}
export -f game_target_ip

# NOP TEAM ID
export GAME_NOP_TEAM=0

# For how many non-current rounds are flags valid at a time?
# It doesn't make sense for this to be less than 0.
# Setting to 0 means only the current round is valid.
export GAME_VALID_ROUNDS=4

# Function exploit.sh should call on errors.
# Args:	service	team	pwd	usr@pc	message
# 	1	2	3	4	5
exploit_error_handler()
{
	notify-send --version > /dev/null && notify-send "exploit.sh ERROR" "$5" --urgency critical
}
export -f exploit_error_handler

# Max exploit execution time
export EXPLOIT_TIMEOUT=5

# ==========================
# ====== SUBMISSION.PY =====

# This regex is used to verify flags before storing them
# It can be .*, no problem, just make sure you're then not sending invalid flags
# to submission TCP -- you shouldn't anyways, as submission expects flags neatly
# line by line, it will not clean up random bullshit.
# Don't just send exploit stdout to submission, use exploit.sh!
export FLAG_REGEX_MATCH="^[A-Z0-9]{31}=$"

# Where to store flags -- sqlite3 db
export SUBMISSION_DB=flags.db

# How much flags to send in one request.
# With 2560, if it takes 37 bytes per flag, 2560*37=94720
# Ostane nam torej še dobrih 5280 za headerje,
# če je request limited na 100 kB
export SUBMISSION_MAX_FLAGS=2560

# PUT request, ECSC 2024 AD style
export SUBMISSION_URL=http://z.4a.si/dir/submit.php
### export SUBMISSION_URL=http://10.10.0.1:8080/flags

# How many seconds to delay after a successful submission.
# With 15, we send at most 4 requests per minute out of 15 allowed.
export SUBMISSION_DELAY=15

# This is sent in X-Team-Token in requests to SUBMISSION_URL
export SUBMISSION_TEAM_TOKEN=e5152d70a4d18093cae8844f4e959cf1

# Where to bind to. Use SUBMISSION_PORT in common settings for port.
export SUBMISSION_BIND=::

# ==========================
# ======== NADZOR.PY =======
EOF