Merge branch 'master' of gitlab.telemabk.pl:jifwin/CTF

1ca25f29 · Grzegorz Pietrusza · 8f2f8d12 · b59031fe · 1ca25f29 · 1ca25f29
Commit 1ca25f29 authored Apr 05, 2016 by Grzegorz Pietrusza
17 changed files
--- a/flags/PHP_1/Hkuas7VKk7/cat.txt
+++ b/flags/PHP_1/Hkuas7VKk7/cat.txt
+Tu będzie o kotkach
--- a/flags/PHP_1/Hkuas7VKk7/cow.txt
+++ b/flags/PHP_1/Hkuas7VKk7/cow.txt
+A tu o krówkach
--- a/flags/PHP_1/Hkuas7VKk7/dog.txt
+++ b/flags/PHP_1/Hkuas7VKk7/dog.txt
+Za to tu o pieskach
--- a/flags/PHP_1/Hkuas7VKk7/flag.txt
+++ b/flags/PHP_1/Hkuas7VKk7/flag.txt
@@ -2,4 +2,4 @@ Jesteś już bardzo blisko ;)

 <?php

-//KYN2016_NieLubiePlackuff
+//KYN2016_PatriInterentu
--- a/flags/PHP_1/Hkuas7VKk7/index.txt
+++ b/flags/PHP_1/Hkuas7VKk7/index.txt
+Zapraszam do oglądania struktury przyszłej strony o zwierzątkach
--- a/flags/PHP_1/Hkuas7VKk7/quest.txt
+++ b/flags/PHP_1/Hkuas7VKk7/quest.txt
+A gdzie będzie o flagach?
--- a/flags/PHP_1/Hkuas7VKk7/site.txt
+++ b/flags/PHP_1/Hkuas7VKk7/site.txt
-1
--- a/flags/PHP_1/Hkuas7VKk7/site1.txt
+++ b/flags/PHP_1/Hkuas7VKk7/site1.txt
-1
--- a/flags/PHP_1/Hkuas7VKk7/site2.txt
+++ b/flags/PHP_1/Hkuas7VKk7/site2.txt
-2
--- a/flags/PHP_1/Hkuas7VKk7/site3.txt
+++ b/flags/PHP_1/Hkuas7VKk7/site3.txt
-3
--- a/flags/PHP_1/Hkuas7VKk7/site4.txt
+++ b/flags/PHP_1/Hkuas7VKk7/site4.txt
-4
--- a/flags/PHP_1/index.php
+++ b/flags/PHP_1/index.php
@@ -5,29 +5,33 @@ error_reporting(E_ALL);
 $flag = 'KYN2016_WartoSieGlowic';
 $site = filter_input(INPUT_GET, 'site');
 if(!$site){
-    $site='site';
+    $site='index';
+}
+$header = filter_input(INPUT_SERVER, 'HTTP_KYN2016', False);
+if (!$header){
+	header("KYN2016: How are you?");
 }
-$header = filter_input(INPUT_SERVER, 'HTTP_KYN2016');
 ?>
 <html>
 <head>
-	
+	<meta charset="utf-8" />
+	<title>Tymczasem w budowie...</title>
 </head>
 </html>
 <?php
-if($header){
+if(!$header){
 	?>
 	Nie masz tutaj wstępu, ale pamiętaj:<br />
-	<pre>Krak Your Net 2016 na mojej głowie</pre>
+	<pre>Krak Your Net 2016 w mojej głowie</pre>
 	<?php
    exit;
 }
 ?>
 Witaj, poniżej kilka linków testowych :)<br />
-<a href="?site=site1">Strona 1</a> | 
-<a href="?site=site2">Strona 2</a> | 
-<a href="?site=site3">Strona 3</a> | 
-<a href="?site=site4">Strona 4</a> | 
+<a href="?site=cat">Kotki</a> | 
+<a href="?site=dog">Pieski</a> | 
+<a href="?site=cow">Krówki</a> | 
+<a href="?site=quest">Pytania?</a>
 <br />
 <pre>
 <?php

--- a/flags/README.md
+++ b/flags/README.md
 taiga_46:
  - depend
  - Kodowania base64, rot13, rot47 w jednym skrypcie
-taiga_48:
+taiga_48.html:8e4c93cc865a3b3d85d3613aa0ba9500:
  - supereasy
  - Zwykłe przekierowania w JS
 taiga_62:

--- a/flags/ecb.py
+++ b/flags/ecb.py
-#!/usr/bin/python
-# coding=utf-8
-flag = "AGH_{FLAGA}"
-text = "To jest przykładowy tekst!"
-
-
-flag_int = [ord(letter) for letter in flag]
-text_int = [ord(letter) for letter in text]
-
-for i in range(len(text_int) % len(flag_int)):
-  text_int.append(0)
-
-flag_int = len(text_int)/len(flag_int)*flag_int
-
-result = [chr(i^j) for i,j in zip(flag_int, text_int)]
-
-print "".join(result)
--- a/flags/static/8e4c93cc865a3b3d85d3613aa0ba9500/index.html
+++ b/flags/static/8e4c93cc865a3b3d85d3613aa0ba9500/index.html
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Close all</title>
+    <script>
+        document.location.href="//google.pl";
+        flag = "KYN2016_OpenYourEyes"
+    </script>
+</head>
+<body>
+
+</body>
+</html>
--- a/flags/taiga_48.html
+++ b/flags/taiga_48.html
@@ -5,7 +5,7 @@
    <title>Close all</title>
    <script>
        document.location.href="//google.pl";
-        flag = "AGH_{JuStGoogleIt}"
+        flag = "KYN2016_OpenYourEyes"
    </script>
 </head>
 <body>

--- a/service/configuration.prod.yml
+++ b/service/configuration.prod.yml
@@ -115,26 +115,20 @@ textTasks:


 webTasks:
-  - name: "SQL Injection"
-    url: "http://google.pl"
-    description: "Opis zadania SQL INJECTION"
+  - name: "PHP taki bezpieczny"
+    description: "A może by tak coś z klasyki? vol. 1"
+    url: "http://52.29.190.67"
    level: 3
    flags:
-      - value: "AGH_sdfg1fs"
-        description: "flaga 11"
-      - value: "AGH_sdfdg1f"
-        description: "flaga 22"
-      - value: "AGH_sfdfgf1"
-        description: "flaga 33"
+      - value: "KYN2016_WartoSieGlowic"
+        description: "Set custom header KYN2016"
+      - value: "KYN2016_PatriInterentu"
+        description: "Remote File Include"

-  - name: "Inna dziura"
-    description: "Opis zadania inna dziura"
-    url: "http://wikipedia.pl"
+  - name: "Zadanie testowe nr. 7"
+    description: "Opis zadania testowego. Usunąć w wersji produkcyjnej."
+    url: "http://localhost:1337/flags/8e4c93cc865a3b3d85d3613aa0ba9500/index.html"
    level: 4
    flags:
-      - value: "AGH_sdfffg1fs"
-        description: "flaga 11"
-      - value: "AGH_sffdfdg1f"
-        description: "flaga 22"
-      - value: "AGH_sdfassfdfgf1"
-        description: "flaga 33"
\ No newline at end of file
+      - value: "KYN2016_OpenYourEyes"
+        description: "Source"