Exemple #1
0
        public static int ProcessPut(string host, string id, string flag)
        {
            log.Info("Processing Vuln1.Put");

            var r = new Random();
            var candidateUsers       = GenerateCandidates(candidatesMinCount, candidatesMaxCount);
            var candidateWithFlagNum = r.Next(candidateUsers.Length);
            var candidateWithFlag    = candidateUsers[candidateWithFlagNum];

            candidateWithFlag.PrivateMessage = flag;
            log.InfoFormat("Generated {0} candidates (#{1} has flag)", candidateUsers.Length, candidateWithFlagNum);

            candidateUsers = Vuln2Methods.RegisterCandidates(host, candidateUsers).OrderBy(user => user.Login).ToArray();
            var election        = Vuln2Methods.StartElection(host, candidateUsers[0], true, nominateTimeInSec, voteTimeInSec);
            var electionStartDt = DateTime.UtcNow;

            Vuln2Methods.NominateUsers(host, election, candidateUsers.Skip(1).ToArray());

            var state = new Vuln1State
            {
                ElectionStartDate = electionStartDt,
                NominateTimeInSec = nominateTimeInSec,
                VoteTimeInSec     = voteTimeInSec,
                ElectionId        = election.Id.ToString(),
                Candidates        = candidateUsers
            };

            log.Info("Flag put");
            Console.Out.WriteLine(Convert.ToBase64String(Encoding.UTF8.GetBytes(state.ToJsonString())));
            return((int)ExitCode.OK);
        }
Exemple #2
0
        private static int ProcessPut(string[] args)
        {
            string host, id, flag;
            int    vuln;

            int ec;

            if ((ec = GetCommonParams(args, out host, out id, out flag, out vuln)) != (int)ExitCode.OK)
            {
                return(ec);
            }

            if (vuln == 1)
            {
                return(Vuln1Methods.ProcessPut(host, id, flag));
            }
            else if (vuln == 2)
            {
                return(Vuln2Methods.ProcessPut(host, id, flag));
            }
            else
            {
                return(ExitWithMessage(ExitCode.CHECKER_ERROR, string.Format("Unsupported vuln #{0}", vuln)));
            }
        }
Exemple #3
0
        public static int ProcessGet(string host, string id, string flag)
        {
            log.Info("Processing Vuln1.Get");

            var state = JsonHelper.ParseJson <Vuln1State>(Convert.FromBase64String(id));

            var now            = DateTime.UtcNow;
            var elapsedSeconds = now.Subtract(state.ElectionStartDate).TotalMilliseconds;

            if (elapsedSeconds < 0)
            {
                throw new ServiceException(ExitCode.CHECKER_ERROR, string.Format("Possible time desynchronization on checksystem hosts! Election started in future: '{0}' and now is only '{1}'", state.ElectionStartDate.ToSortable(), now.ToSortable()));
            }

            var nominateEndTime = state.ElectionStartDate.AddSeconds(nominateTimeInSec);
            var voteEndTime     = state.ElectionStartDate.AddSeconds(nominateTimeInSec + voteTimeInSec);

            log.InfoFormat("Looking for Election {0}", state.ElectionId);
            var election = ElectroClient.FindElection(host, Program.PORT, state.Candidates[0].Cookies, state.ElectionId);

            if (election == null || election.Candidates == null || election.Candidates.Count < 2)
            {
                throw new ServiceException(ExitCode.CORRUPT, string.Format("Can't find election '{0}' or it has less than 2 candidates", state.ElectionId));
            }
            log.InfoFormat("Election {0} found", state.ElectionId);

            log.InfoFormat("Election startDt {0}", state.ElectionStartDate.ToSortable());
            log.InfoFormat("Nominate end Dt  {0}", nominateEndTime.ToSortable());
            log.InfoFormat("Vote end Dt      {0}", voteEndTime.ToSortable());
            log.InfoFormat("Now              {0}", now.ToSortable());

            if (now < nominateEndTime)
            {
                log.InfoFormat("Nomination is still going, got election, considering everything OK");
                return((int)ExitCode.OK);
            }
            else if (now < voteEndTime)
            {
                log.InfoFormat("Nomination finished, but voting is still going. Trying to win!");
                int notFlagNum = 0;
                for (; notFlagNum < election.Candidates.Count; notFlagNum++)
                {
                    if (election.Candidates[notFlagNum] != null && !election.Candidates[notFlagNum].IsMe)
                    {
                        break;
                    }
                }
                if (notFlagNum == election.Candidates.Count)
                {
                    throw new ServiceException(ExitCode.CORRUPT, string.Format("Can't find candidate with no flag in election '{0}'", state.ElectionId));
                }

                var random      = new Random();
                var votersCount = random.Next(votesMinCount, votesMaxCount + 1);

                var votesForWinner =
                    Enumerable.Repeat(Utils.GenVoteVector(election.Candidates.Count, notFlagNum), (votersCount / 2) + 1).ToArray();
                var restVotes = Utils.GenRandomVoteVectors(election.Candidates.Count, votersCount - votesForWinner.Length).ToArray();
                var votes     = votesForWinner.Concat(restVotes).ToArray();

                var voters = Vuln2Methods.RegisterVoters(host, votes, state.Candidates);
                Vote(host, voters, election.Id, election.PublicKey);
                return((int)ExitCode.OK);
            }
            else
            {
                log.InfoFormat("Voting has already finished. Considering everything OK");
                var realWinner = election.FindWinner();
                if (realWinner == null)
                {
                    throw new ServiceException(ExitCode.MUMBLE, string.Format("Can't find winner in election '{0}'", election.Id));
                }

                var winner = state.Candidates.FirstOrDefault(info => info.Login == realWinner.Name);
                if (winner == null)
                {
                    throw new ServiceException(ExitCode.CORRUPT, string.Format("We have no credentials for winner in election '{0}'. Possibly hacker won, so we lost a flag", election.Id));
                }

                log.InfoFormat("Reloading election, now as winner '{0}'", winner.Login);
                election = ElectroClient.FindElection(host, Program.PORT, winner.Cookies, election.Id.ToString());
                if (election == null)
                {
                    throw new ServiceException(ExitCode.CORRUPT, string.Format("Can't find election '{0}'", state.ElectionId));
                }

                if (election.Candidates.All(info => info.PrivateNotesForWinner != flag))
                {
                    throw new ServiceException(ExitCode.CORRUPT, "Can't find flag", null);
                }

                log.Info("Flag found! Ok");
                return((int)ExitCode.OK);
            }
        }