Add a challenge for shadow password
This commit is contained in:
parent
b2de685e24
commit
5de31f10d7
@ -1,7 +1,10 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"compress/gzip"
|
"compress/gzip"
|
||||||
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
@ -157,6 +160,48 @@ func passwd(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
err = RegisterShadowChallenge(initrd)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("%s: Unable to register shadow challenge: %s", r.RemoteAddr, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
log.Println("Registered shadow for", r.RemoteAddr)
|
log.Println("Registered shadow for", r.RemoteAddr)
|
||||||
http.Error(w, "Success", http.StatusOK)
|
http.Error(w, "Success", http.StatusOK)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func RegisterShadowChallenge(initrd string) error {
|
||||||
|
// Retrieve username
|
||||||
|
fdlogin, err := os.Open(path.Join(tftpDir, "shadows", initrd, "whois"))
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
defer fdlogin.Close()
|
||||||
|
|
||||||
|
cnt, err := io.ReadAll(fdlogin)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
tmp := bytes.Split(cnt, []byte("\n"))
|
||||||
|
if len(tmp) < 0 {
|
||||||
|
return fmt.Errorf("Too few fields in whois file")
|
||||||
|
}
|
||||||
|
|
||||||
|
login := tmp[0]
|
||||||
|
|
||||||
|
// Register shadow challenge
|
||||||
|
if j, err := json.Marshal(struct {
|
||||||
|
Token string
|
||||||
|
Login string
|
||||||
|
}{Token: loginSalt, Login: string(login)}); err != nil {
|
||||||
|
return err
|
||||||
|
} else if r, err := http.NewRequest("POST", "https://adlin.nemunai.re/challenge/0", bytes.NewReader(j)); err != nil {
|
||||||
|
return err
|
||||||
|
} else if resp, err := http.DefaultClient.Do(r); err == nil {
|
||||||
|
resp.Body.Close()
|
||||||
|
} else {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|||||||
@ -237,6 +237,12 @@ var challenges []Challenge
|
|||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
challenges = []Challenge{
|
challenges = []Challenge{
|
||||||
|
/* Challenge 0 : shadow updated */
|
||||||
|
Challenge{
|
||||||
|
Accessible: []func(*adlin.Student, *http.Request) error{noAccessRestriction},
|
||||||
|
Check: challengeOk,
|
||||||
|
},
|
||||||
|
|
||||||
/* Challenge 1 : 42 */
|
/* Challenge 1 : 42 */
|
||||||
Challenge{
|
Challenge{
|
||||||
Accessible: []func(*adlin.Student, *http.Request) error{noAccessRestriction},
|
Accessible: []func(*adlin.Student, *http.Request) error{noAccessRestriction},
|
||||||
@ -333,10 +339,10 @@ func getChallengeList(_ httprouter.Params, _ []byte) (interface{}, error) {
|
|||||||
func accessibleChallenge(r *http.Request, ps httprouter.Params, _ []byte) (interface{}, error) {
|
func accessibleChallenge(r *http.Request, ps httprouter.Params, _ []byte) (interface{}, error) {
|
||||||
if chid, err := strconv.Atoi(string(ps.ByName("chid"))); err != nil {
|
if chid, err := strconv.Atoi(string(ps.ByName("chid"))); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else if chid == 0 || chid >= len(challenges) {
|
} else if chid == 0 || chid > len(challenges) {
|
||||||
return nil, errors.New("This challenge doesn't exist")
|
return nil, errors.New("This challenge doesn't exist")
|
||||||
} else {
|
} else {
|
||||||
for _, a := range challenges[chid-1].Accessible {
|
for _, a := range challenges[chid].Accessible {
|
||||||
if err := a(nil, r); err != nil {
|
if err := a(nil, r); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -345,12 +351,13 @@ func accessibleChallenge(r *http.Request, ps httprouter.Params, _ []byte) (inter
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// receiveChallenge treats TP1{shadow} and TP2, TP3 challenges.
|
||||||
func receiveChallenge(r *http.Request, ps httprouter.Params, body []byte) (interface{}, error) {
|
func receiveChallenge(r *http.Request, ps httprouter.Params, body []byte) (interface{}, error) {
|
||||||
if chid, err := strconv.Atoi(string(ps.ByName("chid"))); err != nil {
|
if chid, err := strconv.Atoi(string(ps.ByName("chid"))); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else if chid == 0 {
|
} else if chid < 0 {
|
||||||
return nil, errors.New("This challenge doesn't exist")
|
return nil, errors.New("This challenge doesn't exist")
|
||||||
} else if chid <= len(challenges) {
|
} else if chid != 0 && chid <= len(challenges) {
|
||||||
return nil, errors.New("This is not the good way to hit this challenge")
|
return nil, errors.New("This is not the good way to hit this challenge")
|
||||||
} else {
|
} else {
|
||||||
var gt givenToken
|
var gt givenToken
|
||||||
@ -382,6 +389,7 @@ func receiveChallenge(r *http.Request, ps httprouter.Params, body []byte) (inter
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// receiveToken handles challenges for TP1 except shadow
|
||||||
func receiveToken(r *http.Request, body []byte, chid int) (interface{}, error) {
|
func receiveToken(r *http.Request, body []byte, chid int) (interface{}, error) {
|
||||||
var gt givenToken
|
var gt givenToken
|
||||||
if err := json.Unmarshal(body, >); err != nil {
|
if err := json.Unmarshal(body, >); err != nil {
|
||||||
@ -398,12 +406,12 @@ func receiveToken(r *http.Request, body []byte, chid int) (interface{}, error) {
|
|||||||
chid = gt.Challenge
|
chid = gt.Challenge
|
||||||
}
|
}
|
||||||
|
|
||||||
if chid <= 0 || chid-1 > len(challenges) {
|
if chid <= 0 || chid > len(challenges) {
|
||||||
return nil, errors.New("This challenge doesn't exist")
|
return nil, errors.New("This challenge doesn't exist")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Is the challenge accessible?
|
// Is the challenge accessible?
|
||||||
for _, a := range challenges[chid-1].Accessible {
|
for _, a := range challenges[chid].Accessible {
|
||||||
if err := a(nil, r); err != nil {
|
if err := a(nil, r); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -412,7 +420,7 @@ func receiveToken(r *http.Request, body []byte, chid int) (interface{}, error) {
|
|||||||
if std, err := adlin.GetStudentByLogin(gt.Login); err != nil {
|
if std, err := adlin.GetStudentByLogin(gt.Login); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else {
|
} else {
|
||||||
if err := challenges[chid-1].Check(std, >, chid); err != nil {
|
if err := challenges[chid].Check(std, >, chid); err != nil {
|
||||||
log.Printf("%s just try ch#%d: %s\n", std.Login, chid, err)
|
log.Printf("%s just try ch#%d: %s\n", std.Login, chid, err)
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -13,6 +13,7 @@ const tuto_legend = {
|
|||||||
|
|
||||||
const tuto_progress = [
|
const tuto_progress = [
|
||||||
{
|
{
|
||||||
|
0: { title: "single", icon: "🕵️", label: "Shadow"},
|
||||||
1: { title: "Is alive?", icon: "👋", label: "Token 1"},
|
1: { title: "Is alive?", icon: "👋", label: "Token 1"},
|
||||||
2: { title: "DMZ reached", icon: "📚", label: "Token 2"},
|
2: { title: "DMZ reached", icon: "📚", label: "Token 2"},
|
||||||
3: { title: "HTTPS on + time", icon: "⏲", label: "Token 3"},
|
3: { title: "HTTPS on + time", icon: "⏲", label: "Token 3"},
|
||||||
|
|||||||
Reference in New Issue
Block a user