Skip to content

C
CTF
Commit af04e3b0 authored by Grzegorz Pietrusza's avatar Grzegorz Pietrusza
Browse files
Options

first try to implement flags

parent 7f0c0cff
Hide whitespace changes
Inline Side-by-side
Showing with 236 additions and 30 deletions
service/src/main/java/CTFApplication.java
View file @ af04e3b0
import Repository.SolutionsRepository;
import Repository.TasksRepository; import Repository.TasksRepository;
import Repository.TeamsRepository; import Repository.TeamsRepository;
import Repository.UsersRepository; import Repository.UsersRepository;
...@@ -11,6 +12,7 @@ import core.TaskType; ...@@ -11,6 +12,7 @@ import core.TaskType;
import database.MongoDBConnector; import database.MongoDBConnector;
import io.dropwizard.Application; import io.dropwizard.Application;
import io.dropwizard.setup.Environment; import io.dropwizard.setup.Environment;
import objects.Flag;
import objects.Task; import objects.Task;
import objects.Team; import objects.Team;
import objects.User; import objects.User;
...@@ -30,6 +32,9 @@ public class CTFApplication extends Application<ApplicationConfiguration> { ...@@ -30,6 +32,9 @@ public class CTFApplication extends Application<ApplicationConfiguration> {
MongoDBConnector dbConnector = new MongoDBConnector(); MongoDBConnector dbConnector = new MongoDBConnector();
dbConnector.connect(); dbConnector.connect();
//CREATE SOLUTION REPOSITORY
SolutionsRepository solutionsRepository = new SolutionsRepository(dbConnector);
// UsersRepository usersRepository = new UsersRepository(dbConnector);//todo: use injections // UsersRepository usersRepository = new UsersRepository(dbConnector);//todo: use injections
//GENERATE TEAMS //GENERATE TEAMS
...@@ -61,19 +66,19 @@ public class CTFApplication extends Application<ApplicationConfiguration> { ...@@ -61,19 +66,19 @@ public class CTFApplication extends Application<ApplicationConfiguration> {
for(int i = 0; i < 20; i++) { for(int i = 0; i < 20; i++) {
Task task = new Task(String.valueOf(UUID.randomUUID()), i, Task task = new Task(String.valueOf(UUID.randomUUID()), i,
i % 2 == 0 ? TaskType.CRYPTO : TaskType.WEB i % 2 == 0 ? TaskType.CRYPTO : TaskType.WEB,
Flag.newRandomFlag()
); );
tasksRepository.add(task); tasksRepository.add(task);
} }
//GENERATE TASKS END //GENERATE TASKS END
//REGISTER RESOURCES //REGISTER RESOURCES
// environment.jersey().register(new UsersResource(usersRepository)); // environment.jersey().register(new UsersResource(usersRepository));
environment.jersey().register(new TeamsResource(teamsRepository)); environment.jersey().register(new TeamsResource(teamsRepository));
environment.jersey().register(new TasksResource(tasksRepository)); environment.jersey().register(new TasksResource(tasksRepository, teamsRepository, solutionsRepository));
environment.jersey().register(new ProxyResource()); environment.jersey().register(new ProxyResource());
} }
......
service/src/main/java/Repository/Repository.java
View file @ af04e3b0
package Repository; package Repository;
import java.util.List;
import java.util.UUID;
/** /**
* Created by gpietrus on 20.02.2016. * Created by gpietrus on 20.02.2016.
*/ */
public interface Repository { public interface Repository {
void get(UUID uuid); // void get(UUID uuid);
List<Object> getAll(); // List<Task> getAll();
// void add(User user); //todo: not user //todo: use generics? // void add(User user); //todo: not user //todo: use generics?
} }
service/src/main/java/Repository/SolutionsRepository.java 0 → 100644
View file @ af04e3b0
package Repository;
import database.MongoDBConnector;
import objects.Solution;
import org.bson.Document;
/**
* Created by gpietrus on 20.02.2016.
*/
public class SolutionsRepository implements Repository {
private MongoDBConnector mongoDBConnector;
public SolutionsRepository(MongoDBConnector mongoDBConnector) {
this.mongoDBConnector = mongoDBConnector;
}
// public void get(UUID uuid) {
//
// }
// public List<Solution> getAll() {
// return mongoDBConnector.getCollection("solutions")
// .stream()
// .map(Solution::new)
// .collect(Collectors.toList());
// }
public void add(Solution solution) {
mongoDBConnector.addDocument("solutions", new Document(solution.toMap()));
}
public void clean() {
mongoDBConnector.removeCollection("solutions");
}
}
//todo: generify!
\ No newline at end of file
service/src/main/java/Repository/TasksRepository.java
View file @ af04e3b0
...@@ -6,7 +6,6 @@ import org.bson.Document; ...@@ -6,7 +6,6 @@ import org.bson.Document;
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
import java.util.function.Function;
import java.util.stream.Collectors; import java.util.stream.Collectors;
/** /**
...@@ -20,16 +19,14 @@ public class TasksRepository implements Repository { ...@@ -20,16 +19,14 @@ public class TasksRepository implements Repository {
this.mongoDBConnector = mongoDBConnector; this.mongoDBConnector = mongoDBConnector;
} }
@Override
public void get(UUID uuid) { public void get(UUID uuid) {
} }
@Override public List<Task> getAll() {
public List<Object> getAll() {
return mongoDBConnector.getCollection("tasks") return mongoDBConnector.getCollection("tasks")
.stream() .stream()
.map((Function<Document, Object>) Task::new) .map(Task::new)
.collect(Collectors.toList()); .collect(Collectors.toList());
} }
......
service/src/main/java/Repository/TeamsRepository.java
View file @ af04e3b0
...@@ -2,6 +2,7 @@ package Repository; ...@@ -2,6 +2,7 @@ package Repository;
import database.MongoDBConnector; import database.MongoDBConnector;
import objects.Team; import objects.Team;
import objects.User;
import org.bson.Document; import org.bson.Document;
import java.util.List; import java.util.List;
...@@ -20,16 +21,29 @@ public class TeamsRepository implements Repository { ...@@ -20,16 +21,29 @@ public class TeamsRepository implements Repository {
this.mongoDBConnector = mongoDBConnector; this.mongoDBConnector = mongoDBConnector;
} }
@Override public Team getTeamByUser(String username) {
return getAll().stream()
.filter(team -> team.getMembers().stream()
.map(new Function<User, String>() {
@Override
public String apply(User user) {
return user.getName();
}
})
.collect(Collectors.toList())
.contains(username))
.findFirst()
.get();
}
public void get(UUID uuid) { public void get(UUID uuid) {
} }
@Override public List<Team> getAll() {
public List<Object> getAll() {
return mongoDBConnector.getCollection("teams") return mongoDBConnector.getCollection("teams")
.stream() .stream()
.map((Function<Document, Object>) Team::new) .map(Team::new)
.collect(Collectors.toList()); .collect(Collectors.toList());
} }
...@@ -40,4 +54,5 @@ public class TeamsRepository implements Repository { ...@@ -40,4 +54,5 @@ public class TeamsRepository implements Repository {
public void clean() { public void clean() {
mongoDBConnector.removeCollection("teams"); mongoDBConnector.removeCollection("teams");
} }
} }
service/src/main/java/Repository/UsersRepository.java
View file @ af04e3b0
...@@ -20,17 +20,15 @@ public class UsersRepository implements Repository { ...@@ -20,17 +20,15 @@ public class UsersRepository implements Repository {
this.mongoDBConnector = mongoDBConnector; this.mongoDBConnector = mongoDBConnector;
} }
@Override
public void get(UUID uuid) { public void get(UUID uuid) {
// new HashMap<>() // new HashMap<>()
// return mongoDBConnector.getDocument(""); // return mongoDBConnector.getDocument("");
} }
@Override public List<User> getAll() {
public List<Object> getAll() {
return mongoDBConnector.getCollection("users") return mongoDBConnector.getCollection("users")
.stream() .stream()
.map((Function<Document, Object>) User::new) .map((Function<Document, User>) User::new)
.collect(Collectors.toList()); .collect(Collectors.toList());
} }
......
service/src/main/java/api/TasksResource.java
View file @ af04e3b0
package api; package api;
import Repository.SolutionsRepository;
import Repository.TasksRepository; import Repository.TasksRepository;
import Repository.TeamsRepository;
import core.FlagChecker;
import objects.Task;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
...@@ -16,15 +21,24 @@ import java.util.List; ...@@ -16,15 +21,24 @@ import java.util.List;
public class TasksResource public class TasksResource
{ {
private TasksRepository tasksRepository; private TasksRepository tasksRepository;
private TeamsRepository teamsRepository;
private SolutionsRepository solutionsRepository;
//todo: use injections //todo: use injections
public TasksResource(TasksRepository tasksRepository) { public TasksResource(TasksRepository tasksRepository, TeamsRepository teamsRepository, SolutionsRepository solutionsRepository) {
this.tasksRepository = tasksRepository; this.tasksRepository = tasksRepository;
this.teamsRepository = teamsRepository;
this.solutionsRepository = solutionsRepository;
} }
@GET @GET
public List<Object> getTasks() { public List<Task> getTasks() {
return tasksRepository.getAll(); return tasksRepository.getAll();
} }
@POST
public boolean submitSolution(String flag) throws Exception {
return new FlagChecker(tasksRepository, teamsRepository, solutionsRepository).checkFlag(flag);
}
} }
service/src/main/java/api/TeamsResource.java
View file @ af04e3b0
package api; package api;
import Repository.TeamsRepository; import Repository.TeamsRepository;
import objects.Team;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.Path; import javax.ws.rs.Path;
...@@ -23,7 +24,7 @@ public class TeamsResource ...@@ -23,7 +24,7 @@ public class TeamsResource
} }
@GET @GET
public List<Object> getTeams() { public List<Team> getTeams() {
return teamsRepository.getAll(); return teamsRepository.getAll();
} }
......
service/src/main/java/api/UsersResource.java
View file @ af04e3b0
package api; package api;
import Repository.UsersRepository; import Repository.UsersRepository;
import objects.User;
import javax.inject.Inject;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
...@@ -24,7 +24,7 @@ public class UsersResource ...@@ -24,7 +24,7 @@ public class UsersResource
} }
@GET @GET
public List<Object> getUsers() { public List<User> getUsers() {
return usersRepository.getAll(); return usersRepository.getAll();
} }
......
service/src/main/java/core/FlagChecker.java 0 → 100644
View file @ af04e3b0
package core;
import Repository.SolutionsRepository;
import Repository.TasksRepository;
import Repository.TeamsRepository;
import objects.Solution;
import objects.Task;
import org.apache.commons.codec.binary.Hex;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
/**
* Created by gpietrus on 20.02.2016.
*/
public class FlagChecker {
private String salt = "SECURE_SALT"; //todo
private TasksRepository tasksRepository;
private TeamsRepository teamsRepository;
private SolutionsRepository solutionsRepository;
public FlagChecker(TasksRepository tasksRepository, TeamsRepository teamsRepository, SolutionsRepository solutionsRepository) {
this.tasksRepository = tasksRepository;
this.teamsRepository = teamsRepository;
this.solutionsRepository = solutionsRepository;
}
private String calculateHashValue(String username, String flagValue) {
String combinedStrings = salt + username + flagValue; //todo
MessageDigest md5 = null;//todo: discuss
try {
md5 = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return Hex.encodeHexString(md5.digest(combinedStrings.getBytes()));
}
private void acceptSolution(String username, Task task) {
//todo: getname, of get id?
solutionsRepository.add(new Solution(teamsRepository.getTeamByUser(username).getName(), task.getName()));
}
private boolean compareHash(String hash, String username) throws Exception {
Optional<Map.Entry<Task, String>> matchingHash = tasksRepository.getAll().stream()
.collect(Collectors.toMap(
task -> task,
task -> calculateHashValue(username, task.getFlag().getValue())
))
.entrySet()
.stream()
.filter(taskHashEntry -> taskHashEntry.getValue().equals(hash))
.findFirst();
if(matchingHash.isPresent()) {
acceptSolution(username, matchingHash.get().getKey());
return true;
}
return false;
}
public boolean checkFlag(String flagValue) throws Exception {
String username = "gpietrus"; //todo
String hash = calculateHashValue(username, flagValue);
return compareHash(hash, username);
}
}
service/src/main/java/objects/Flag.java
View file @ af04e3b0
package objects; package objects;
import java.util.Random;
/** /**
* Created by gpietrus on 20.02.2016. * Created by gpietrus on 20.02.2016.
*/ */
public class Flag { public class Flag {
private String value;
private static int flagLength = 32;
public Flag(String value) {
this.value = value;
}
public static Flag newRandomFlag() {
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.append("AGH_CTF_");
for(int i = 0; i < flagLength; i++) {
char c = (char) (new Random().nextInt(128 - 32) + 32);
stringBuilder.append(c);
}
return new Flag(stringBuilder.toString());
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
} }
service/src/main/java/objects/Solution.java 0 → 100644
View file @ af04e3b0
package objects;
import com.google.common.collect.ImmutableMap;
import java.util.Map;
/**
* Created by gpietrus on 20.02.2016.
*/
public class Solution {
private String taskId;
private String teamId;
public Solution(String teamId, String taskId) {
this.teamId = teamId;
this.taskId = taskId;
}
//todo: refactor mapping
public Map<String, Object> toMap() {
return ImmutableMap.<String, Object>builder()
.put("teamId",teamId)
.put("taskId", taskId)
.build();
}
}
service/src/main/java/objects/Task.java
View file @ af04e3b0
...@@ -13,22 +13,24 @@ public class Task { ...@@ -13,22 +13,24 @@ public class Task {
private String name; private String name;
private int level; private int level;
private TaskType type; private TaskType type;
private Flag flag;
public Task(Document document) { public Task(Document document) {
this.name = document.get("name").toString(); this.name = document.get("name").toString();
this.level = (int) document.get("level"); this.level = (int) document.get("level");
this.type = TaskType.valueOf(document.get("type").toString()); this.type = TaskType.valueOf(document.get("type").toString());
this.flag = new Flag(document.get("flag").toString());
} }
public TaskType getType() { public TaskType getType() {
return type; return type;
} }
public Task(String name, int level, TaskType type) { public Task(String name, int level, TaskType type, Flag flag) {
this.name = name; this.name = name;
this.level = level; this.level = level;
this.type = type; this.type = type;
this.flag = flag;
} }
public void setType(TaskType type) { public void setType(TaskType type) {
...@@ -51,12 +53,21 @@ public class Task { ...@@ -51,12 +53,21 @@ public class Task {
this.level = level; this.level = level;
} }
public Flag getFlag() {
return flag;
}
public void setFlag(Flag flag) {
this.flag = flag;
}
//todo: refactor mapping //todo: refactor mapping
public Map<String, Object> toMap() { public Map<String, Object> toMap() {
return ImmutableMap.<String, Object>builder() return ImmutableMap.<String, Object>builder()
.put("name", name) .put("name", name)
.put("level", level) .put("level", level)
.put("type", type.getType()) .put("type", type.getType())
.put("flag", flag.getValue())
.build(); .build();
} }
} }
service/src/main/java/objects/Team.java
View file @ af04e3b0
...@@ -3,6 +3,7 @@ package objects; ...@@ -3,6 +3,7 @@ package objects;
import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableMap;
import org.bson.Document; import org.bson.Document;
import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.stream.Collectors; import java.util.stream.Collectors;
...@@ -19,10 +20,13 @@ public class Team { ...@@ -19,10 +20,13 @@ public class Team {
//todo: refactor mapping //todo: refactor mapping
this.name = document.get("name").toString(); this.name = document.get("name").toString();
this.description = document.get("description").toString(); this.description = document.get("description").toString();
this.members = (List<User>) document.get("members");//todo this.members = ((ArrayList<Document>) document.get("members")) //todo
.stream()
.map(document1 -> new User(document1))
.collect(Collectors.toList());
} }
public List getMembers() { public List<User> getMembers() {
return members; return members;
} }
......
service/src/main/java/objects/User.java
View file @ af04e3b0
...@@ -25,6 +25,7 @@ public class User { ...@@ -25,6 +25,7 @@ public class User {
this.email = email; this.email = email;
} }
public String getName() { public String getName() {
return name; return name;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment