roleback bc uninted bug in bugfixing

enowars · May 22, 2024 · 4bb351b · 4bb351b
1 parent a089691
commit 4bb351b
Show file tree

Hide file tree

Showing 3 changed files with 126 additions and 115 deletions.
diff --git a/checker/src/checker.py b/checker/src/checker.py
@@ -292,119 +292,119 @@ async def exploit_test(
 CHECKER FUNCTIONS 1
 """
 
-@checker.putflag(1)
-async def putflag_test_1(
-    task: PutflagCheckerTaskMessage,
-    client: AsyncClient,
-    db: ChainDB,
-    logger: LoggerAdapter,
-) -> None:
-    try:
-        email_1, password1_1 = await checker_util_func.create_user(db, client, logger, public_key=None)
-    except:
-        raise MumbleException("Could not create user 1")
-    for i in range(0, 2):
-        try:
-            group_name, group_key, redirect_url = await checker_util_func.create_group(db, client, logger)
-            break
-        except:
-            pass
-    group_id = str(redirect_url).split('/')[-1]
-    print(redirect_url)
-    print("hier re")
-    if "login?next=%2Fcreategroup" in group_id:
-        print("group_id is bullshit")
-        print(group_id)
+# @checker.putflag(1)
+# async def putflag_test_1(
+#     task: PutflagCheckerTaskMessage,
+#     client: AsyncClient,
+#     db: ChainDB,
+#     logger: LoggerAdapter,
+# ) -> None:
+#     try:
+#         email_1, password1_1 = await checker_util_func.create_user(db, client, logger, public_key=None)
+#     except:
+#         raise MumbleException("Could not create user 1")
+#     for i in range(0, 2):
+#         try:
+#             group_name, group_key, redirect_url = await checker_util_func.create_group(db, client, logger)
+#             break
+#         except:
+#             pass
+#     group_id = str(redirect_url).split('/')[-1]
+#     print(redirect_url)
+#     print("hier re")
+#     if "login?next=%2Fcreategroup" in group_id:
+#         print("group_id is bullshit")
+#         print(group_id)
 
-    try:
-        await checker_util_func.create_group_note(db, client, logger, note = task.flag, redirect_url = redirect_url)
-    except:
-        raise MumbleException("Could not create group note")
-    try:
-        await db.set("group_data", (group_name, group_key, group_id))
-    except:
-        raise MumbleException("Could not set group data")
+#     try:
+#         await checker_util_func.create_group_note(db, client, logger, note = task.flag, redirect_url = redirect_url)
+#     except:
+#         raise MumbleException("Could not create group note")
+#     try:
+#         await db.set("group_data", (group_name, group_key, group_id))
+#     except:
+#         raise MumbleException("Could not set group data")
 
-    return group_id
+#     return group_id
 
 
-@checker.getflag(1)
-async def getflag_test_1(
-    task: GetflagCheckerTaskMessage,
-    client: AsyncClient,
-    db: ChainDB,
-    logger: LoggerAdapter,
-) -> None:
-    try:
-        group_name, group_key, group_id = await db.get("group_data")
-    except KeyError:
-        raise MumbleException("Missing database entry from putflag")
-
-    print("1")
-    try:
-        await checker_util_func.create_user(db, client, logger, public_key=None)
-    except:
-        raise MumbleException("Could not create user")
-    print("2")
-    try:
-        await checker_util_func.join_group(db, client, logger, group_name, group_key, group_id)
-    except:
-        raise MumbleException("Could not join group")
-    print("3")
-    try:
-        await checker_util_func.get_group_note(db, client, logger, group_name, group_key, group_id, note = task.flag)
-    except:
-        raise MumbleException("Could not get group note")
-
-@checker.exploit(1)
-async def exploit_test_1(
-    task: ExploitCheckerTaskMessage,
-    client: AsyncClient,
-    db: ChainDB,
-    logger: LoggerAdapter,
-    searcher: FlagSearcher,
-) -> None:
-    if not isinstance(task.attack_info, int):
-        return None
+# @checker.getflag(1)
+# async def getflag_test_1(
+#     task: GetflagCheckerTaskMessage,
+#     client: AsyncClient,
+#     db: ChainDB,
+#     logger: LoggerAdapter,
+# ) -> None:
+#     try:
+#         group_name, group_key, group_id = await db.get("group_data")
+#     except KeyError:
+#         raise MumbleException("Missing database entry from putflag")
 
+#     print("1")
+#     try:
+#         await checker_util_func.create_user(db, client, logger, public_key=None)
+#     except:
+#         raise MumbleException("Could not create user")
+#     print("2")
+#     try:
+#         await checker_util_func.join_group(db, client, logger, group_name, group_key, group_id)
+#     except:
+#         raise MumbleException("Could not join group")
+#     print("3")
+#     try:
+#         await checker_util_func.get_group_note(db, client, logger, group_name, group_key, group_id, note = task.flag)
+#     except:
+#         raise MumbleException("Could not get group note")
 
-    print("attacke hier")
-    print(task.attack_info)
-    print(task.flag_hash)
-    print(task.flag_regex)
+# @checker.exploit(1)
+# async def exploit_test_1(
+#     task: ExploitCheckerTaskMessage,
+#     client: AsyncClient,
+#     db: ChainDB,
+#     logger: LoggerAdapter,
+#     searcher: FlagSearcher,
+# ) -> None:
+#     if not isinstance(task.attack_info, int):
+#         return None
 
-    target_email = task.attack_info
-    try:
-        email_attacker, password = await checker_util_func.create_user(db, client, logger, public_key= None)
-    except:
-        raise MumbleException("Could not create user 3")
-    try:
-        response = await checker_util_func.open_group_window(db, client, logger, task.attack_info)
-    except:
-        raise MumbleException("Could not open group window")
-
-    print("response hier")
-    print(response)
 
-    soup_html = BeautifulSoup(response.text, "html.parser")
-    li = soup_html.find_all("li")
-    li = [x.text for x in li]
-    li = [x.split(" ") for x in li]
-    li = [x.strip() for sublist in li for x in sublist]
-    li = [x for x in li if x != '']
+#     print("attacke hier")
+#     print(task.attack_info)
+#     print(task.flag_hash)
+#     print(task.flag_regex)
+
+#     target_email = task.attack_info
+#     try:
+#         email_attacker, password = await checker_util_func.create_user(db, client, logger, public_key= None)
+#     except:
+#         raise MumbleException("Could not create user 3")
+#     try:
+#         response = await checker_util_func.open_group_window(db, client, logger, task.attack_info)
+#     except:
+#         raise MumbleException("Could not open group window")
 
-    print("li hier")
-    print(li)
-    cipher = li[0]
-    time = li[2]
-    seed = str(int(time.split(":")[0]) + 2) + time.split(":")[1]
-    try:
-        flag = await checker_util_func.exploit2(db, client, logger, cipher, str(seed), searcher)
-    except:
-        raise MumbleException("Could not exploit")
+#     print("response hier")
+#     print(response)
+
+#     soup_html = BeautifulSoup(response.text, "html.parser")
+#     li = soup_html.find_all("li")
+#     li = [x.text for x in li]
+#     li = [x.split(" ") for x in li]
+#     li = [x.strip() for sublist in li for x in sublist]
+#     li = [x for x in li if x != '']
+
+#     print("li hier")
+#     print(li)
+#     cipher = li[0]
+#     time = li[2]
+#     seed = str(int(time.split(":")[0]) + 2) + time.split(":")[1]
+#     try:
+#         flag = await checker_util_func.exploit2(db, client, logger, cipher, str(seed), searcher)
+#     except:
+#         raise MumbleException("Could not exploit")
 
-    print("flag hier")
-    return flag
+#     print("flag hier")
+#     return flag
 
 
 

diff --git a/checker/src/checker_util_func.py b/checker/src/checker_util_func.py
@@ -168,22 +168,33 @@ async def get_user_of_userlist(
     assert_equals(100 < response.status_code < 300, True, "Getting user of userlist failed")
 
     soup = BeautifulSoup(response.text, "html.parser")
-    print("soup: ", soup)
     li = soup.find_all("li")
-    print("buggy li: ", li)
     li = [x.text for x in li]
-    print("text1 li: ", li)
     li = [x.split(" ") for x in li]
-    print("split2 li: ", li)
     li = filter(lambda x: email + '\n' in x, li)
-    print("filter1 li: ", list(li)[0])
-    li = filter(lambda x: x != '' and x != '\n' and x != email + '\n', list(li)[0]) #change to list with 1 element 
-    print("filter2 li: ", list(li))
+    li = filter(lambda x: x != '' and x != '\n' and x != email + '\n', list(li)[0])
     public_key = list(li)
-    #print(public_key[0].strip())
+    return public_key[0].strip()
+
+
+
+    # soup = BeautifulSoup(response.text, "html.parser")
+    # print("soup: ", soup)
+    # li = soup.find_all("li")
+    # print("buggy li: ", li)
+    # li = [x.text for x in li]
+    # print("text1 li: ", li)
+    # li = [x.split(" ") for x in li]
+    # print("split2 li: ", li)
+    # li = filter(lambda x: email + '\n' in x, li)
+    # print("filter1 li: ", list(li)[0])
+    # li = filter(lambda x: x != '' and x != '\n' and x != email + '\n', list(li)[0]) #change to list with 1 element 
+    # print("filter2 li: ", list(li))
+    # public_key = list(li)
+    # #print(public_key[0].strip())
 
 
-    return public_key[0].strip()
+    # return public_key[0].strip()
 
 async def get_all_notes(
     db: ChainDB,

diff --git a/exploit/a.py b/exploit/a.py
@@ -1,6 +1,6 @@
 from bs4 import BeautifulSoup
 
-email = 'jfswokwrbu@example.com'
-x = ['\n', '', '', '', '', '', '', '', '', '', 'jfswokwrbu@example.com\n', '', '', '', '', '', '', '', '', '', 'MCgCIQChNFaDJuLBYkIrQhLVz6yCY2iIUeTJWJK/Ns5D8xGCZQIDAQAB\n', '', '', '', '', '', '', '', '']
-x = filter(lambda x: x != '' and x != '\n' and x != email + '\n', list(x))
+email = 'qlkjbdzvrb@example.com'
+x = ['\n', '', '', '', '', '', '', '', '', '', 'qlkjbdzvrb@example.com\n', '', '', '', '', '', '', '', '', '', 'MCgCIQD6JpONz+wvbjYvhxNeKDxyfqC83cg8Ns08CCts/C6dBQIDAQAB\n', '', '', '', '', '', '', '', '']
+x = filter(lambda x: x != '' and x != '\n' and x != email + '\n', x)
 print(list(x))