changed it so it doesnt need networks -> uses default one -> possible…

… todo fix service bc sometimes http connection errors occure could be checker or service?

.github/workflows/enochecker_test.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: self-hosted
     env:
       ENOCHECKER_TEST_CHECKER_ADDRESS: localhost
-      ENOCHECKER_TEST_CHECKER_PORT: 15050
+      ENOCHECKER_TEST_CHECKER_PORT: 18008
 
     steps:
     - uses: actions/checkout@v2

checker3/Dockerfile

@@ -13,6 +13,4 @@ RUN python3 -m pip install -r requirements.txt
 
 COPY ./src .
 
-EXPOSE 5050/tcp
-
 ENTRYPOINT [ "/home/checker/.local/bin/gunicorn", "-c", "gunicorn.conf.py", "checker:app" ]

checker3/docker-compose.yaml

@@ -5,24 +5,13 @@ services:
     build: .
     # The checker runs an HTTP interface, so we need to map port 5008 to the outside (port 8000).
     ports:
-      - 15050:8000
+      - 18008:8000
     environment:
       - MONGO_ENABLED=1
       - MONGO_HOST=whatsscam-mongo
       - MONGO_PORT=27017
       - MONGO_USER=whatsscam
       - MONGO_PASSWORD=whatsscam
-    # mem_limit: 1G
-    # memswap_limit: 2G
-    # ulimits:
-    #   core:
-    #     soft: 0
-    #     hard: 0
-    #   nproc:
-    #     soft: 4000
-    #     hard: 4000
-    networks:
-      - service_whatsscam-net
 
   whatsscam-mongo:
     image: mongo
@@ -31,19 +20,4 @@ services:
     environment:
       MONGO_INITDB_ROOT_USERNAME: whatsscam
       MONGO_INITDB_ROOT_PASSWORD: whatsscam
-    # mem_limit: 1G
-    # memswap_limit: 2G
-    # ulimits:
-    #   core:
-    #     soft: 0
-    #     hard: 0
-    #   nproc:
-    #     soft: 4000
-    #     hard: 4000
-    networks:
-      - service_whatsscam-net
-
-networks:
-  service_whatsscam-net:
-    external: True
 

checker3/src/checker.py

@@ -40,7 +40,8 @@
 """
 Checker config
 """
-checker = Enochecker("whatsscam", 5050)
+SERVICE_PORT = 8008
+checker = Enochecker("whatsscam", 8008)
 def app(): return checker.app
 
 
@@ -50,11 +51,13 @@ def app(): return checker.app
 @checker.putflag(0)
 async def putflag_test(
     task: PutflagCheckerTaskMessage,
-    client: AsyncClient,
     db: ChainDB,
     logger: LoggerAdapter,
 ) -> None:
-    #print("hey")
+    client = AsyncClient(
+            base_url=f"http://{task.address}:{SERVICE_PORT}"
+        )
+
     email_1, password1_1 = await checker_util_func.create_user(db, client, logger, public_key='on')
 
     MumbleException("Could not create user")
@@ -82,10 +85,14 @@ async def putflag_test(
 @checker.getflag(0)
 async def getflag_test(
     task: GetflagCheckerTaskMessage,
-    client: AsyncClient,
     db: ChainDB,
     logger: LoggerAdapter,
 ) -> None:
+    client = AsyncClient(
+            base_url=f"http://{task.address}:{SERVICE_PORT}"
+        )
+
+
     try:
         email, password = await db.get("userdata")
     except KeyError:
@@ -101,11 +108,15 @@ async def getflag_test(
 @checker.exploit(0)
 async def exploit_test(
     task: ExploitCheckerTaskMessage,
-    client: AsyncClient,
     db: ChainDB,
     logger: LoggerAdapter,
     searcher: FlagSearcher,
 ) -> None:
+    client = AsyncClient(
+            base_url=f"http://{task.address}:{SERVICE_PORT}"
+        )
+
+
     print("attacke hier")
     print(task.attack_info)
     print(task.flag_hash)
@@ -148,101 +159,88 @@ async def exploit_test(
 CHECKER FUNCTIONS 1
 """
 
-@checker.putflag(1)
-async def putflag_test(
-    task: PutflagCheckerTaskMessage,
-    client: AsyncClient,
-    db: ChainDB,
-    logger: LoggerAdapter,
-) -> None:
-    email_1, password1_1 = await checker_util_func.create_user(db, client, logger, public_key=None)
-    MumbleException("Could not create user")
-
-    group_name, group_key, redirect_url = await checker_util_func.create_group(db, client, logger)
-    group_id = str(redirect_url).split('/')[-1]
-    print(redirect_url)
-    print("hier re")
-    if "login?next=%2Fcreategroup" in group_id:
-        print("group_id is bullshit")
-        print(group_id)
-        try:
-            res = await checker_util_func.login_user(db, client, logger, email_1, password1_1)
-            print("login success")
-            print(res)
-            group_name, group_key, redirect_url = await checker_util_func.create_group(db, client, logger)
-            group_id = str(redirect_url).split('/')[-1]
-            print(redirect_url)
-            print("hier re")
-            print(group_id)
-            if "creategroup" in group_id:
-                while "creategroup" in group_id:
-                    print("login failed")
-                    print("wtf")
-                    group_name, group_key, redirect_url = await checker_util_func.create_group(db, client, logger)
-                    group_id = str(redirect_url).split('/')[-1]
-        except:
-            print("login failed")
+# @checker.putflag(1)
+# async def putflag_test(
+#     task: PutflagCheckerTaskMessage,
+#     client: AsyncClient,
+#     db: ChainDB,
+#     logger: LoggerAdapter,
+# ) -> None:
+#     email_1, password1_1 = await checker_util_func.create_user(db, client, logger, public_key=None)
+#     MumbleException("Could not create user")
+#     for i in range(0, 2):
+#         try:
+#             group_name, group_key, redirect_url = await checker_util_func.create_group(db, client, logger)
+#             break
+#         except:
+#             pass
+#     group_id = str(redirect_url).split('/')[-1]
+#     print(redirect_url)
+#     print("hier re")
+#     if "login?next=%2Fcreategroup" in group_id:
+#         print("group_id is bullshit")
+#         print(group_id)
 
-    await checker_util_func.create_group_note(db, client, logger, note = task.flag, redirect_url = redirect_url)
+#     await checker_util_func.create_group_note(db, client, logger, note = task.flag, redirect_url = redirect_url)
 
-    await db.set("group_data", (group_name, group_key, group_id))
+#     await db.set("group_data", (group_name, group_key, group_id))
 
-    return group_id
-
-
-@checker.getflag(1)
-async def getflag_test(
-    task: GetflagCheckerTaskMessage,
-    client: AsyncClient,
-    db: ChainDB,
-    logger: LoggerAdapter,
-) -> None:
-    try:
-        group_name, group_key, group_id = await db.get("group_data")
-    except KeyError:
-        raise MumbleException("Missing database entry from putflag")
+#     return group_id
 
-    print("1")
-    await checker_util_func.create_user(db, client, logger, public_key=None)
-    print("2")
-    await checker_util_func.join_group(db, client, logger, group_name, group_key, group_id)
-    print("3")
-    await checker_util_func.get_group_note(db, client, logger, group_name, group_key, group_id, note = task.flag)
 
-@checker.exploit(1)
-async def exploit_test(
-    task: ExploitCheckerTaskMessage,
-    client: AsyncClient,
-    db: ChainDB,
-    logger: LoggerAdapter,
-    searcher: FlagSearcher,
-) -> None:
-    print("attacke hier")
-    print(task.attack_info)
-    print(task.flag_hash)
-    print(task.flag_regex)
+# @checker.getflag(1)
+# async def getflag_test(
+#     task: GetflagCheckerTaskMessage,
+#     client: AsyncClient,
+#     db: ChainDB,
+#     logger: LoggerAdapter,
+# ) -> None:
+#     try:
+#         group_name, group_key, group_id = await db.get("group_data")
+#     except KeyError:
+#         raise MumbleException("Missing database entry from putflag")
 
-    target_email = task.attack_info
-    email_attacker, password = await checker_util_func.create_user(db, client, logger, public_key= None)
-    response = await checker_util_func.open_group_window(db, client, logger, task.attack_info)
-    print("response hier")
-    print(response)
+#     print("1")
+#     await checker_util_func.create_user(db, client, logger, public_key=None)
+#     print("2")
+#     await checker_util_func.join_group(db, client, logger, group_name, group_key, group_id)
+#     print("3")
+#     await checker_util_func.get_group_note(db, client, logger, group_name, group_key, group_id, note = task.flag)
 
-    soup_html = BeautifulSoup(response.text, "html.parser")
-    li = soup_html.find_all("li")
-    li = [x.text for x in li]
-    li = [x.split(" ") for x in li]
-    li = [x.strip() for sublist in li for x in sublist]
-    li = [x for x in li if x != '']
+# @checker.exploit(1)
+# async def exploit_test(
+#     task: ExploitCheckerTaskMessage,
+#     client: AsyncClient,
+#     db: ChainDB,
+#     logger: LoggerAdapter,
+#     searcher: FlagSearcher,
+# ) -> None:
+#     print("attacke hier")
+#     print(task.attack_info)
+#     print(task.flag_hash)
+#     print(task.flag_regex)
+
+#     target_email = task.attack_info
+#     email_attacker, password = await checker_util_func.create_user(db, client, logger, public_key= None)
+#     response = await checker_util_func.open_group_window(db, client, logger, task.attack_info)
+#     print("response hier")
+#     print(response)
+
+#     soup_html = BeautifulSoup(response.text, "html.parser")
+#     li = soup_html.find_all("li")
+#     li = [x.text for x in li]
+#     li = [x.split(" ") for x in li]
+#     li = [x.strip() for sublist in li for x in sublist]
+#     li = [x for x in li if x != '']
 
-    print("li hier")
-    print(li)
-    cipher = li[0]
-    time = li[2]
-    seed = str(int(time.split(":")[0]) + 2) + time.split(":")[1]
-    flag = await checker_util_func.exploit2(db, client, logger, cipher, str(seed), searcher)
-    print("flag hier")
-    return flag
+#     print("li hier")
+#     print(li)
+#     cipher = li[0]
+#     time = li[2]
+#     seed = str(int(time.split(":")[0]) + 2) + time.split(":")[1]
+#     flag = await checker_util_func.exploit2(db, client, logger, cipher, str(seed), searcher)
+#     print("flag hier")
+#     return flag
 
 
 

exploit/exploit_new.py

@@ -7,7 +7,7 @@
 import math
 import base64
 
-url = "http://localhost:5050"
+url = "http://localhost:8008"
 target_email = ""
 
 def format_rsa_public_key(key_str):

service/Dockerfile

@@ -7,4 +7,4 @@ COPY main.py /
 
 RUN pip install -r src/requirements.txt
 
-CMD gunicorn --bind 0.0.0.0:5050 main:app
+CMD gunicorn --bind 0.0.0.0:8008 main:app

service/docker-compose.yml

@@ -7,10 +7,5 @@ services:
     volumes:
       - ./instance:/instance
     ports:
-      - "5050:5050"
-    networks:
-      - whatsscam-net
-
-networks:
-  whatsscam-net:
-    driver: bridge
+      - "8008:8008"
+

service/main.py

@@ -3,4 +3,4 @@
 app = create_app()
 
 if __name__ == '__main__':
-    app.run(debug=True, port=5050)
+    app.run(debug=True, port=8008)

service/src/aes_encryption.py

@@ -16,7 +16,7 @@ def insecure_aes_encrypt(plaintext):
     time_str = str(current_time)
     time = time_str.split(':')
     seed = time[0] + time[1]
-    print(seed)
+    #print(seed)
     random.seed(seed)
 
     key = not_so_random()

service/src/auth.py

@@ -39,7 +39,7 @@ def logout():
 @auth.route('/sign-up', methods=['GET', 'POST'])
 def sign_up():
     if request.method == 'POST':
-        print("attempting to sign up")
+        #print("attempting to sign up")
         email = request.form.get('email')
         first_name = request.form.get('firstName')
         password1 = request.form.get('password1')

service/src/exploit.py

@@ -65,16 +65,16 @@ def expprime(cipher, publickey):
 
     # Decrypt message with private key
     plaintext = rsa.decrypt(cipher, private_key)
-    print("Decrypted message:")
-    print(plaintext.decode())
+    #print("Decrypted message:")
+    #print(plaintext.decode())
 
 if __name__ == "__main__":
     # cipher, seed = insecure_aes_encrypt("5kY0IAjEFkgpYZ/s+2GyZQ==")
     flag = "🥺h3lWJ0o5bO4zymUtaaXyG05zjlO1xoIwv0vTCj7v1kt6zoU+🥺🥺"
     cipher, seed = insecure_aes_encrypt(flag)
-    print(cipher)
+    #print(cipher)
     #cipher = "oUQXt2uVi47FmsHokkeL6Ou/BKk3mZGuCB5VleDFJ8xwaKd/zmeJnjq1fBdhFqtMUWMeufU1BOHeqBczIsPtTA=="
-    print(base64.b64decode(cipher))
+    #print(base64.b64decode(cipher))
 
     for hour in range(24):         # Loop over hours from 0 to 23
         for minute in range(60):   # Loop over minutes from 0 to 59
@@ -83,7 +83,7 @@ def expprime(cipher, publickey):
                 formatted_time = f"{hour:02d}{minute:02d}"
                 seed1 = formatted_time
                 decryp = insecure_aes_decrypt(cipher, seed1)
-                print(decryp.decode())
+                #print(decryp.decode())
             except:
                 pass