neale/moth
neale
/
moth
mirror of https://github.com/dirtbags/moth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Seems to work.

This commit is contained in:
Neale Pickett 2010-03-02 22:18:13 -07:00
parent 00694e8472
commit 868a6a6b92
50 changed files with 773 additions and 1249 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,2 +1,3 @@
*~
*#
*.pyc

48
Makefile
View File

@ -6,19 +6,16 @@ BIN = $(BASE)/bin
SBIN = $(BASE)/sbin
BASE_URL = /ctf/
install:
id ctf || useradd --system --shell /bin/false --home $(VAR) \
--comment "Capture The Flag" ctf
install --directory $(LIB) $(BIN) $(SBIN) $(LIB)/disabled
install --directory --owner=ctf $(VAR)
install --directory --owner=ctf $(WWW)
install --directory --owner=ctf $(WWW)/puzzler
install --directory --owner=ctf $(VAR)/points
install --directory --owner=ctf $(VAR)/points/tmp
install --directory --owner=ctf $(VAR)/points/cur
install --directory --owner=ctf $(VAR)/flags
TEMPLATE = $(CURDIR)/template.html
MDWNTOHTML = $(CURDIR)/mdwntohtml.py --template=$(TEMPLATE) --base=$(BASE_URL)
# Tanks has a lot of files.
default: install
SUBDIRS = mdwn
INSTALL_TARGETS = $(addsuffix -install, $(SUBDIRS))
include $(addsuffix /*.mk, $(SUBDIRS))
install: base-install $(INSTALL_TARGETS)
install --directory --owner=ctf $(VAR)/tanks
install --directory --owner=ctf $(VAR)/tanks/results
install --directory --owner=ctf $(VAR)/tanks/errors
@ -47,7 +44,34 @@ install:
./mkpuzzles.py --base=$(BASE_URL) --puzzles=puzzles \
--htmldir=$(WWW)/puzzler --keyfile=$(LIB)/puzzler.keys
install --directory $(VAR)/disabled
touch $(VAR)/disabled/bletchley
touch $(VAR)/disabled/compaq
touch $(VAR)/disabled/crypto
touch $(VAR)/disabled/forensics
touch $(VAR)/disabled/hackme
touch $(VAR)/disabled/hispaniola
touch $(VAR)/disabled/net-re
touch $(VAR)/disabled/skynet
touch $(VAR)/disabled/survey
base-install:
id ctf || useradd --system --shell /bin/false --home $(VAR) \
--comment "Capture The Flag" ctf
install --directory $(LIB) $(BIN) $(SBIN)
install --directory --owner=ctf $(VAR)
install --directory --owner=ctf $(WWW)
install --directory --owner=ctf $(WWW)/puzzler
install --directory --owner=ctf $(VAR)/points
install --directory --owner=ctf $(VAR)/points/tmp
install --directory --owner=ctf $(VAR)/points/cur
install --directory --owner=ctf $(VAR)/flags
uninstall:
rm -rf $(VAR) $(WWW) $(LIB) $(BIN) $(SBIN)
rmdir $(BASE) || true
clean: $(addsuffix -clean, $(SUBDIRS))

16
mdwn/mdwn.mk Normal file
View File

@ -0,0 +1,16 @@
MDWN_DIR = mdwn
MDWN_SRC += $(wildcard $(MDWN_DIR)/src/*.mdwn)
MDWN_SRC += $(wildcard $(MDWN_DIR)/src/*/*.mdwn)
MDWN_SRC += $(wildcard $(MDWN_DIR)/src/*/*/*.mdwn)
MDWN_OUT = $(subst $(MDWN_DIR)/src/, $(WWW)/, $(MDWN_SRC:.mdwn=.html))
mdwn-install: $(MDWN_OUT)
$(WWW)/%.html: $(MDWN_DIR)/src/%.mdwn
install -d $(@D)
$(MDWNTOHTML) $< $@
mdwn-clean:
rm -f $(MDWN_OUT)

15
mdwn/src/index.mdwn Normal file
View File

@ -0,0 +1,15 @@
Title: Welcome
Welcome to Caf&eacute; Scientifique Capture The Flag.
1. [Register](register.cgi) your team
2. [View the score board](scoreboard.html)
3. Check out the [base conversion table](table.html)
4. Start playing
The following categories exist for this version of CTF:
* [Sequence](puzzler.cgi?c=sequence)
* [Code Breaking](puzzler.cgi?c=codebreaking)
* [Webapp](puzzler.cgi?c=webapp)
* [Tanks](tanks/results.html)

103
mdwn/src/intro.mdwn Normal file
View File

@ -0,0 +1,103 @@
Title: Introduction
Welcome to Capture The Flag.
What This Is
============
* A hacking contest
* A chance to experience the nature of cyber incident response
* An environment to safely experiment with offensive techniques
What This Is Not
================
* An arena for purely malicious attacks
* A rave
Rules
=====
Important Rules
---------------
* The contest network is 10.<i>x</i>.<i>x</i>.<i>x</i>. **Do
not attack machines outside the contest network**. All
federal, state, and school laws still apply to the outside
network.
* If the "outside network" requires you to plug into a different
switch, do not connect any machine that has been on the contest
network.
* Consider this network hostile: your machine may be
compromised.
* We expect you to be disruptive within the framework of the
game (malicious code, network scanning, social engineering,
etc.). Disruptive behavior outside the game will result in a
public and humiliating ejection from the contest area.
* No ARP attacks. While cute, they are not particularly clever
given our network topology, and would require expensive and
bulky equipment to prevent. Find something else to do.
Less-Important Rules
--------------------
* If IRC is up, you should use it to communicate with the
contest staff. Staff will have operator status in #ctf.
* If you think something is wrong with the game, you are
expected to demonstrate the problem and explain what you think
is the correct behavior.
Scoring
=======
The contest is made up of multiple categories. Each category is worth
one point toward the total score; the percentage of the total points
held by your team is the percentage of one point your team has for that
category. The team that has 30% of the points in each of five
categories has 1.5 points, whereas the team that has 80% of the points
in only one category has 0.8 points. It is typically better to have a
few points in many categories, than many points in a few categories.
There are two kinds of categories: *flags* and *puzzles*.
Flags
-----
Flag categories are challenges with a notion of a *winner* or *service
availability*. In these categories, the flag-holder (the winner, or
each team with a running service) makes 1 point per minute for as long
as they hold the flag. If there is a single flag-holder, and the flag
changes hands, a point is awarded to the new winner at the moment the
flag moves.
Puzzles
-------
Most of the categories come in the form of multiple *puzzles*: for each
puzzle presented, a key (answer) must be found to recieve the amount of
points that puzzle is worth. Any team may answer any puzzle question at
any time. A new puzzle is revealed when a team correctly answers the
highest-valued puzzle in that category.
Hints
=====
If you are really stuck, you can ask for a hint. It will cost you
points, though. For puzzles, you will lose ¼ of the points for that
puzzle <em>even if you never solve the puzzle</em>. For other events,
the staff member will decide how many points it will cost. You can try
to bribe or otherwise fanagle information out of us or other
contestants. *It's a hacking contest.*
About Us
========
We are the <a href="http://dirtbags.net/">dirtbags</a>. People pay us
money to do the sorts of things you'll be doing in this contest.

161
mdwn/src/table.mdwn Normal file
View File

@ -0,0 +1,161 @@
Title: Counting in different bases
<table>
<tr><th>Base</th></tr>
<tr>
<th>2</th>
<td>0</td>
<td>1</td>
<td>10</td>
<td>11</td>
<td>100</td>
<td>101</td>
<td>110</td>
<td>111</td>
<td>1000</td>
<td>1001</td>
<td>1010</td>
<td>1011</td>
<td>1100</td>
<td>1101</td>
<td>1110</td>
<td>1111</td>
<td>10000</td>
<td>10001</td>
<td>10010</td>
<td>10011</td>
<td>10100</td>
<td>10101</td>
<td>10110</td>
<td>10111</td>
<td>11000</td>
<td>11001</td>
<td>11010</td>
<td>11011</td>
<td>11100</td>
<td>11101</td>
<td>11110</td>
<td>11111</td>
<td>100000</td>
<td>100001</td>
<td>100010</td>
<td>100011</td>
</tr>
<tr>
<th>8</th>
<td>0</td>
<td>1</td>
<td>2</td>
<td>3</td>
<td>4</td>
<td>5</td>
<td>6</td>
<td>7</td>
<td>10</td>
<td>11</td>
<td>12</td>
<td>13</td>
<td>14</td>
<td>15</td>
<td>16</td>
<td>17</td>
<td>20</td>
<td>21</td>
<td>22</td>
<td>23</td>
<td>24</td>
<td>25</td>
<td>26</td>
<td>27</td>
<td>30</td>
<td>31</td>
<td>32</td>
<td>33</td>
<td>34</td>
<td>35</td>
<td>36</td>
<td>37</td>
<td>40</td>
<td>41</td>
<td>42</td>
<td>43</td>
</tr>
<tr>
<th>10</th>
<td>0</td>
<td>1</td>
<td>2</td>
<td>3</td>
<td>4</td>
<td>5</td>
<td>6</td>
<td>7</td>
<td>8</td>
<td>9</td>
<td>10</td>
<td>11</td>
<td>12</td>
<td>13</td>
<td>14</td>
<td>15</td>
<td>16</td>
<td>17</td>
<td>18</td>
<td>19</td>
<td>20</td>
<td>21</td>
<td>22</td>
<td>23</td>
<td>24</td>
<td>25</td>
<td>26</td>
<td>27</td>
<td>28</td>
<td>29</td>
<td>30</td>
<td>31</td>
<td>32</td>
<td>33</td>
<td>34</td>
<td>35</td>
</tr>
<tr>
<th>16</th>
<td>0</td>
<td>1</td>
<td>2</td>
<td>3</td>
<td>4</td>
<td>5</td>
<td>6</td>
<td>7</td>
<td>8</td>
<td>9</td>
<td>a</td>
<td>b</td>
<td>c</td>
<td>d</td>
<td>e</td>
<td>f</td>
<td>10</td>
<td>11</td>
<td>12</td>
<td>13</td>
<td>14</td>
<td>15</td>
<td>16</td>
<td>17</td>
<td>18</td>
<td>19</td>
<td>1a</td>
<td>1b</td>
<td>1c</td>
<td>1d</td>
<td>1e</td>
<td>1f</td>
<td>20</td>
<td>21</td>
<td>22</td>
<td>23</td>
</tr>
</table>

332
mdwn/src/tanks/docs.mdwn Normal file
View File

@ -0,0 +1,332 @@
Title: Tanks Documentation
Introduction
============
You are the proud new operator of a M-375 Pflanzarr Tank. Your tank is
equipped with a powerful laser cannon, independently rotating turret
section, up to 10 enemy detection sensors, and a standard issue NATO
hull. Unfortunately, it lacks seats, and thus must rely own its own
wits and your skills at designing those wits to survive.
An Example Tank
===============
You can to paste this tank code into the [submit page](submit.html) page
to get started. Then, start changing things to see how it affects your
tank's behavior.
>addsensor(50, 0, 5, 1); # Sensor 0: Fire Sensor
>addsensor(30, 0, 50); # Sensor 1: Anti-collision sensor
# Commands
: move(90, 100) . turretset(0); # Always do this
sense(0) : fire(); # If sensor 0 is active, fire
sense(1) : move(-100, 100) # If sensor 1 is active, turn
Programming Your Tank
=====================
Your tanks are programmed using the Super Useful Command and Kontrol
language, the very best in laser tank AI languages. It includes amazing
features such as comments (Started by a #, ended at EOL), logic,
versatility, and semi-colons (all lines must end in one). As with all
new military systems it utilizes only integers; we must never rest in
our diligence against the communist floating point conspiracy.
Whitespace is provided by trusted contractors, and should never
interfere with operations.
Your program should be separated into Setup and AI commands. The
definitions section lets you designated the behaviors of its
sensors and memory. Each setup command must begin with a
'>'. Placing setup commands after the first AI command is a
violation of protocol. Here are some examples of correct setup
commands:
>addsensor(80, 90, 33);
>addsensor(50, 0, 10, 1);
>addtimer(3);
The AI section will act as the brain of your tank. Each AI line
is separated into a group of conditions functions and a group of
action functions. If all the conditions are satisfactory (true),
all of the actions are given as orders. Conditions are separated
by ampersands, actions separated by periods. Here are some
examples of AI commands:
sense(1) & sense(2) & fireready() : fire();
sense(0,0)&sin(5): move(40, 30) . turretcw(50);
sense(4) & random(4,5) : led(1).settoggle(0,1);
Your tank will execute its program each turn(frame), and attempt
to the best of its abilities to carry out its orders (or die
trying). Like any military mind, your tank may receive a plethora
of often conflicting orders and information. This a SMART TANK,
however. It knows that the proper thing to do with each subsystem
is to have that subsystem follow only the last order given each
turn.
#Setup commands define your tank when your program
#compiles
>addsensor(50, 0, 5, 1); # 0-Fire Sensor
>addsensor(30, 0, 180); # 1-Anti-collision sensor
# These commands execute each frame.
# Blank condition sections are true.
: move(90, 100).
turretset(0);
sense(0) : fire();
sense(1) : move(-100, 100)
Setup Actions
-------------
These functions can be used to setup your tank. Abuse of these
functions has, in the past, resulted in mine sweeping duty. With
a broom.
<dl>
<dt>addsensor(range, angle, width, [turretAttached])</dt>
<dd>
<p>Add a new sensor to the tank.</p>
<p>
Sensors are an arc (pie slice) centered on the tank that
detect other tanks within their sweep.<br/>
A sensor is 'on' if another tank is within this arc.
</p>
<p>
Sensors are numbered, starting at 0, in the order they are
added.
</p>
<p>
range - The range of the sensor, as a percent of the tanks max
range.<br/>
angle - The angle of the center of the sensor, in degrees.<br />
width - The width of the sensor, in degrees.<br />
turretAttached - Normally, the angle is relative to the front of
the
tank.<br /> When this is set, the angle is relative to the current
turret
direction.<br />
</p>
</dd>
<dt>addtimer(timeout)</dt>
<dd>
<p>
Add a new timer (they're numbered in the order added, starting from 0),
with the given timeout.
</p>
<p>
The timeout is in number of turns.<br />
The timer
is created in inactive mode.<br /> You'll need to do a starttimer()
action
to reset and start the timer.<br /> When the timer expires, the
timer()
condition will begin to return True.
</p>
</dd>
<dt>addtoggle([state])</dt>
<dd>
<p>Add a toggle to the tank.</p>
<p>
The state of the toggle defaults to 0 (False).<br />
ese essentially act as a single bit of memory.<br />
e the toggle() condition to check its state and the settoggle,
eartoggle,
d toggle actions to change the state.<br /> Toggles are named
merically,
arting at 0.
</p>
</dd>
</dl>
Conditions
----------
These functions are used to check the state of reality. If reality
stops being real, refer to chapter 5 in your girl scout handbook.
<dl>
<dt>cos(T)</dt>
<dd>
<p>
A cos wave with period T (in turns).
</p>
<p>
Returns True when the wave is
positive.<br /> A wave of period 1 is always True.<br /> Period
2 is True every
other turn, etc.
</p>
</dd>
<dt>firenotready()</dt>
<dd>
<p>
True when the tank can not fire.
</p>
</dd>
<dt>fireready()</dt>
<dd>
<p>
True when the tank can fire.
</p>
</dd>
<dt>random(n,m)</dt>
<dd>
<p>Generate a random number.</p>
<p>
Takes two
arguments, n and m.<br /> Generates a random number between 1
and m (inclusive) each time it's checked.<br /> If the random
number is less
than or equal
to n, then the condition returns True.<br /> Returns False
otherwise.
</p>
</dd>
<dt>sense(#, [invert])</dt>
<dd>
<p>True when a sensor is activated.</p>
<p>
Takes a Sensor number as an argument.<br />
Returns True if the given sensor is currently activated, False
otherwise.<br />
If the option argument invert is set to true then logic is
inverted,
and then sensor returns True when it is NOT activated, and
False when
it is.<br /> Invert is false by default.
</p>
</dd>
<dt>sin(T)</dt>
<dd>
<p>A sin wave of period T (in turns).</p>
<p>
Returns True when the wave is positive.<br />
A wave with period 1 or 2 is always False (it's 0 each turn),
only
at periods of 3 or more does this become useful.
</p>
</dd>
<dt>timer(#, [invert])</dt>
<dd>
<p>Checks the state of timer # 'key'.</p>
<p>
Returns True if time has run
out.<br />
If invert is given (and true), then True is returned if the
timer has
yet to expire.
</p>
</dd>
<dt>toggle(#)</dt>
<dd>
<p>Returns True if the given toggle is set, False
otherwise.</p>
</dd>
</dl>
Actions
-------
These actions are not for cowards. Remember, if actions contradict,
your tank will simply do the last thing it was told in a turn. If
ordered to hop on a plane to hell it will gladly do so. If order to
make tea shortly afterwards, it will serve it politely and with cookies
instead.
<dl>
<dt>cleartimer(#)</dt>
<dd>
<p>Clear the given timer such that it is no longer active (inactive timers
are always False).</p>
</dd>
<dt>fire()</dt>
<dd>
<p>Attempt to fire the tanks laser cannon.</p>
<p>
Its range is 50% of your sensor range.
</p>
</dd>
<dt>led(state)</dt>
<dd>
<p>Set the tank's LED to state (true is on, false is off).</p>
<p>
The led is a light that appears behind the tanks turret.<br/>
It remains on for a single turn.
</p>
</dd>
<dt>move(left tread speed, right tread speed)</dt>
<dd>
<p>Set the speeds for the tanks right and left treads.</p>
<p>
The speeds should
be a number (percent power) between -100 and
100.
</p>
</dd>
<dt>settoggle(key, state)</dt>
<dd>
<p>Set toggle 'key' to 'state'.</p>
</dd>
<dt>starttimer(#)</dt>
<dd>
<p>Start (and reset) the given timer, but only if it is
inactive.</p>
</dd>
<dt>toggle(key)</dt>
<dd>
<p>Toggle the value of toggle 'key'.</p>
</dd>
<dt>turretccw([percent speed])</dt>
<dd>
<p>Rotate the turret counter clockwise as a
percentage of the max speed.</p>
</dd>
<dt>turretcw([percent speed])</dt>
<dd>
<p>Rotate the turret clockwise at a rate
preportional to speed.</p>
</dd>
<dt>turretset([angle])</dt>
<dd>
<p>Set the turret to the given angle, in degrees, relative to the
front of the tank.</p>
<p>
Angles increase counterclockwise.<br/> The angle can be left
out; in that case, this locks the turret to its current
position.
</p>
</dd>
</dl>

10
mdwn/src/tanks/links.xml Normal file
View File

@ -0,0 +1,10 @@
<h3>Tanks</h3>
<ul>
<li><a href="docs.html">Docs</a></li>
<li><a href="results.cgi">Results</a></li>
<li><a href="submit.html">Submit</a></li>
<li><a href="errors.cgi">My Errors</a></li>
</ul>

14
mdwn/src/tanks/submit.mdwn Normal file
View File

@ -0,0 +1,14 @@
Title: Tanks Submission
<form action="submit.cgi" method="post">
<fieldset>
<legend>Your program:</legend>
Team:
<input type="text" name="team"/><br/>
Password:
<input type="password" name="passwd"/><br/>
<textarea cols="80" rows="30" name="code"></textarea><br/>
<button type="submit">Submit</button>
</fieldset>
</form>

44
mdwntohtml.py Executable file
View File

@ -0,0 +1,44 @@
#! /usr/bin/python
import os
import shutil
import optparse
import string
import markdown
from codecs import open
p = optparse.OptionParser('%prog [OPTIONS] infile outfile')
p.add_option('-t', '--template', dest='template', default='template.html',
help='Location of HTML template')
p.add_option('-b', '--base', dest='base', default='',
help='Base URL for contest')
opts, args = p.parse_args()
basedir = os.path.dirname(args[0])
links_fn = os.path.join(basedir, 'links.xml')
try:
links = open(links_fn, encoding='utf-8').read()
except IOError:
links = ''
f = open(args[0], encoding='utf-8')
title = ''
for line in f:
line = line.strip()
if not line:
break
k, v = line.split(': ')
if k.lower() == 'title':
title = v
body = markdown.markdown(f.read(99999))
template = string.Template(open(opts.template, encoding='utf-8').read())
page = template.substitute(hdr='',
title=title,
base=opts.base,
links=links,
body_class='',
onload='',
body=body)
open(args[1], 'w', encoding='utf-8').write(page)

112
puzzler.keys
View File

@ -1,112 +0,0 @@
bletchley 50 extra special text
bletchley 1000 It is a lovely day outside
bletchley 150 jackalope wheeze
bletchley 350 PC LOAD LETTER
bletchley 300 jako561962
bletchley 200 unequivocal
bletchley 900 PEANUT BUTTER JELLY TIME
bletchley 100 antediluvian
bletchley 500 xez.3nt
bletchley 250 DB1663<3
net-re 4 PINHEAD CATASTROPHE
net-re 2 great job
net-re 25000 galloping gallimimus
net-re 1000 a difficult key!
net-re 7 60.0.13.65
net-re 4000 gaucho moped fleet
net-re 800 10.72.148.66
net-re 5000 miniature commodore exercise
net-re 300 pumpkins
net-re 5 fishsticks
net-re 30 RSTNFGEAID
net-re 3000 galactic octopus
net-re 200 particulate
net-re 6 whatever.example.net
net-re 2000 obtuse
net-re 3 2,4,6,8,A,B,C,D,F
net-re 400 lettuce
net-re 100 chumbucket
net-re 8 bacon
net-re 1200 hotshot tomato
net-re 20 squirrel
net-re 1 163
net-re 10 69.35
net-re 700 fixate rasterize
net-re 250 alice_test@hotmail.com
survey 1000000 quux blorb frotz
sequence 50 42
sequence 2 111 1000
sequence 35 13 21
sequence 300 ┤
sequence 25 36
sequence 600 61 64 9b
sequence 200 E G G
sequence 16 a
sequence 400 0101
sequence 100 45
sequence 8 100
sequence 19 17
sequence 1 6
sequence 700 01 00 00 ca 0a
sequence 450 05
hispaniola 50 LANL GUYS
hispaniola 5 3acd767f2717b84076cdcd18e882f01d
hispaniola 125 ‽
hispaniola 75 ⚑ ◢ ◕ ★ ♥ ◢ ♥ ⚑ ◕ ★ ♥ ◕ ★ ♥ ⚑ ★ ⚑ ◢ ♥ ◢ ◕ ◕ ◢ ★ ⚑
hispaniola 15 -462766
hispaniola 10 You're well on your way :)
skynet 302 SkynetSasserVersionWithPingFast
skynet 401 67678dj*&78
skynet 102 beagle_beagle
skynet 300 pecompact
skynet 202 tftp
skynet 203 FreeConsole
skynet 200 402fcc
skynet 301 4028de
skynet 400 services.exe
skynet 100 bbeagle.exe
skynet 500 c:\windows\system32:lzx32.sys
skynet 500
skynet 501 kdD
crypto 160 chronic failure
crypto 220 open meadows
crypto 230 quavering tendrils
crypto 130 probable cause
crypto 210 The Colour Out of Space
crypto 150 flaming mastiff
crypto 240 in the same vein
crypto 140 giant chickens
crypto 200 the squirrels crow at noon
crypto 110 the s is for sucks
crypto 120 Rat Fink
crypto 180 The key for this puzzle is this sentence
crypto 400 --------========Thanks for Pl@y|ng========--------
crypto 100 caesar
crypto 170 terrifying silence
crypto 1 dirtbags
forensics 50 C:\WINDOWS\system32\klog.sys
forensics 200 winsecur.dll
forensics 400 avatar.txt
forensics 100 dll injection
forensics 20 klog.txt
forensics 10 lsass.exe
forensics 250 Dirka Dirka
compaq 50 4C
compaq 150 This is our world now... the world of the electron and the switch, the beauty of the baud.
compaq 350 Actually, Werner, we're all tickled to here you say that. Frankly, watchin' Donny beat Nazis to death is is the closest we ever get to goin' to the movies.
compaq 600 Now think real hard. You been bird-doggin' this township awhile now. They wouldn't mind a corpse of you. Now, you can luxuriate in a nice jail cell, but if your hand touches metal, I swear by my pretty floral bonnet, I will end you.
compaq 200 Gawain Ballard Tunisia
compaq 400 lawful forths Amanda
compaq 100 root:x:0:0:root:/root:/bin/bash
compaq 500 codger launched jet
hackme 806 That's all, folks.
hackme 200 james
hackme 614 james
webapp 50 eVkIwHzOok
webapp 40 765JBo4B54
webapp 70 s4nNlaMScV
webapp 30 BRrHdtdADI
webapp 60 QJebByJaKX
webapp 80 dmW5f9P54e
webapp 20 uq4G4dXrpx
webapp 10 ktFfb8R1Bw

1
puzzles/basemath/1/index.mdwn Normal file
View File

@ -0,0 +1 @@
1 2 3 4 5 6 7 8 9 10 _

1
puzzles/basemath/1/key Normal file
View File

@ -0,0 +1 @@
11

2
puzzles/basemath/2/index.mdwn Normal file
View File

@ -0,0 +1,2 @@
1 10 11 100 101 110 111 _

1
puzzles/basemath/2/key Normal file
View File

@ -0,0 +1 @@
1000

1
puzzles/basemath/3/index.mdwn Normal file
View File

@ -0,0 +1 @@
... 4 5 6 7 10 11 12 ... 75 76 77 _

1
puzzles/basemath/3/key Normal file
View File

@ -0,0 +1 @@
100

1
puzzles/basemath/4/index.mdwn Normal file
View File

@ -0,0 +1 @@
... 7 8 9 A B C D E F 10 11 12 13 ... 1C8 1C9 _

1
puzzles/basemath/4/key Normal file
View File

@ -0,0 +1 @@
1CA

1
puzzles/basemath/5/index.mdwn Normal file
View File

@ -0,0 +1 @@
1 2 4 8 16 32 _

1
puzzles/basemath/5/key Normal file
View File

@ -0,0 +1 @@
64

1
puzzles/codebreaking/1/index.mdwn Normal file
View File

@ -0,0 +1 @@
The answer for this page is "snickers".

1
puzzles/codebreaking/1/key Normal file
View File

@ -0,0 +1 @@
snickers

1
puzzles/codebreaking/2/index.mdwn Normal file
View File

@ -0,0 +1 @@
Uif botxfs gps uijt qbhf jt "hpctupqqfs".

1
puzzles/codebreaking/2/key Normal file
View File

@ -0,0 +1 @@
gobstopper

BIN
puzzles/codebreaking/3/dancing.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.7 KiB

1
puzzles/codebreaking/3/index.mdwn Normal file
View File

@ -0,0 +1 @@
![dancing men](danging.png)

1
puzzles/codebreaking/3/key Normal file
View File

@ -0,0 +1 @@
tootsie

1
puzzles/codebreaking/4/index.mdwn Normal file
View File

@ -0,0 +1 @@
Xts cgmvsl ihl otfm jcns fm "tslmtsx".

1
puzzles/codebreaking/4/key Normal file
View File

@ -0,0 +1 @@
hershey

BIN
puzzles/codebreaking/5/image.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB

1
puzzles/codebreaking/5/key Normal file
View File

@ -0,0 +1 @@
skittles

BIN
puzzles/codebreaking/6/image.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 23 KiB

1
puzzles/codebreaking/6/key Normal file
View File

@ -0,0 +1 @@
toffee

13
puzzles/codebreaking/7/index.mdwn Normal file
View File

@ -0,0 +1,13 @@
toaatbs 1
hdsthea 2
iectern 3
siyetos 4
tstnofw 5
ycattle 6
paliaer 7
eleoltb 8
olpnnte 9
featuee 10
cdyomrt 11
1234567

1
puzzles/codebreaking/7/key Normal file
View File

@ -0,0 +1 @@
beet

1
puzzles/codebreaking/8/index.mdwn Normal file
View File

@ -0,0 +1 @@
cusoeecolorsahnanicnagtfnyslriagtwuaoctaeptnthlra

1
puzzles/codebreaking/8/key Normal file
View File

@ -0,0 +1 @@
chalupa

0
puzzles/sequence/summary.txt
View File

2
template.html
View File

@ -13,8 +13,6 @@
<div id="navigation">
<ul>
<li><a href="${base}">Home</a></li>
<li><a href="${base}intro.html">Intro/Rules</a></li>
<li><a href="${base}services.html">Svc flags</a></li>
<li><a href="${base}tanks/results.cgi">Tanks</a></li>
<li><a href="${base}puzzler.cgi">Puzzles</a></li>
<li><a href="${base}scoreboard.html">Scoreboard</a></li>

28
www/index.html
View File

@ -1,28 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Capture The Flag</title>
<link rel="stylesheet" href="ctf.css" type="text/css" />
</head>
<body>
<h1>Welcome</h1>
<ol>
<li><a href="survey.html">Take the survey</a></li>
<li><a href="intro.html">Read the introduction and rules</a></li>
<li><a href="register.cgi">Register</a> your team</li>
<li><a href="scoreboard.html">View the score board</a></li>
</ol>
<ul>
<li>Some categories are <a href="puzzler.cgi">puzzles</a>.</li>
<li>Some categories live on the network; you have to find them
yourself.</li>
<li>Announcements will be made
on <a href="irc://10.1.1.1/ctf">IRC</a>.</li>
</ul>
</body>
</html>

122
www/intro.html
View File

@ -1,122 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Introduction</title>
<link rel="stylesheet" href="ctf.css" type="text/css" />
</head>
<body>
<h1>Introduction</h1>
<p>
Welcome to Capture The Flag.
</p>
<h2>What This Is</h2>
<ul>
<li>A hacking contest</li>
<li>A chance to experience the nature of cyber incident response</li>
<li>An environment to safely experiment with offensive techniques</li>
</ul>
<h2>What This Is Not</h2>
<ul>
<li>An arena for purely malicious attacks</li>
<li>A rave</li>
</ul>
<h2>Rules</h2>
<h3>Important Rules</h3>
<ul>
<li>The contest network is 10.<i>x</i>.<i>x</i>.<i>x</i>. <b>Do
not attack machines outside the contest network</b>. All
federal, state, and school laws still apply to the outside
network.</li>
<li>If the "outside network" requires you to plug into a different
switch, do not connect any machine that has been on the contest
network.</li>
<li>Consider this network hostile: your machine may be
compromised.</li>
<li>We expect you to be disruptive within the framework of the
game (malicious code, network scanning, social engineering,
etc.). Disruptive behavior outside the game will result in a
public and humiliating ejection from the contest area.</li>
<li>No ARP attacks. While cute, they are not particularly clever
given our network topology, and would require expensive and
bulky equipment to prevent. Find something else to do.</li>
</ul>
<h3>Less-Important Rules</h3>
<ul>
<li>If IRC is up, you should use it to communicate with the
contest staff. Staff will have operator status in #ctf.</li>
<li>If you think something is wrong with the game, you are
expected to demonstrate the problem and explain what you think
is the correct behavior.</li>
</ul>
<h2>Scoring</h2>
<p>
The contest is made up of multiple <em>categories</em>. Each
category is worth one point toward the total score; the percentage
of the total points held by your team is the percentage of one
point your team has for that category. The team that has 30% of
the points in each of five categories has 1.5 points, whereas the
team that has 80% of the points in only one category has 0.8
points.
</p>
<p>
There are two kinds of categories: <em>flags</em>
and <em>puzzles</em>.
</p>
<h3>Flags</h3>
<p>
Flag categories are challenges with a notion of a <em>winner</em>
or <em>service availability</em>. In these categories, the
flag-holder (the winner, or each team with a running service)
makes 1 point per minute for as long as they hold the flag. If
there is a single flag-holder, and the flag changes hands, a point
is awarded to the new winner at the moment the flag moves.
</p>
<h3>Puzzles</h3>
<p>
Most of the categories come in the form of
multiple <em>puzzles</em>: for each puzzle presented, a key
(answer) must be found to recieve the amount of points that puzzle
is worth. Any team may answer any puzzle question at any time. A
new puzzle is revealed when a team correctly answers the
highest-valued puzzle in that category.
</p>
<h2>Hints</h2>
<p>
If you are really stuck, you can ask for a hint. It will cost you
points, though. For puzzles, you will lose ¼ of the points for
that puzzle <em>even if you never solve the puzzle</em>. For
other events, the staff member will decide how many points it will
cost. You can try to bribe or otherwise fanagle information out
of us or other contestants. <em>It's a hacking contest.</em>
</p>
<h2>About Us</h2>
<p>
We are the <a href="http://dirtbags.net/">dirtbags</a>. People
pay us money to do the sorts of things you'll be doing in this
contest.
</p>
</body>
</html>

2
www/puzzler.cgi
View File

@ -92,7 +92,7 @@ def dump_file(fn):
sys.stdout.buffer.write(d)
def disabled(cat):
return os.path.exists(os.path.join(paths.LIB, 'disabled', cat))
return os.path.exists(os.path.join(paths.VAR, 'disabled', cat))
def show_cats():
out = StringIO()

1
www/services.html
View File

@ -1 +0,0 @@
/tmp/services.html

95
www/survey.cgi
View File

@ -1,95 +0,0 @@
#!/usr/bin/env python
import cgi
import cgitb
import os
import time
cgitb.enable()
form = cgi.FieldStorage()
client = os.environ["REMOTE_ADDR"]
fields = {
'affiliation' : ['nnsa', 'doe', 'dod', 'otherfed', 'state', 'private', 'other'],
'hostforensics' : ['has', 'doesnt_have_can_get', 'doesnt_have_cant_get'],
'netforensics' : ['has', 'doesnt_have_can_get', 'doesnt_have_cant_get'],
'reversing' : ['has', 'doesnt_have_can_get', 'doesnt_have_cant_get'],
'regularcollab' : ['0', '1', '2', '3', '4', '5+'],
'collab' : ['0', '1', '2', '3', '4', '5+'],
'incident' : ['0', '1', '2', '3', '4', '5+'],
'channels' : ['official', 'unofficial'],
'helpfulone' : ['tracer', 'cons', 'vtc', 'tc', 'irc'],
'helpfultwo' : ['tracer', 'cons', 'vtc', 'tc', 'irc'],
'helpfulthree' : ['tracer', 'cons', 'vtc', 'tc', 'irc'],
'helpfulfour' : ['tracer', 'cons', 'vtc', 'tc', 'irc'],
'helpfulfive' : ['tracer', 'cons', 'vtc', 'tc', 'irc'],
'toolset' : ['0', '1', '2', '3', '4'],
'overall' : ['0', '1', '2', '3', '4'],
'comments' : []
}
def validate(form):
for k,v in fields.items():
if len(v) and form.getfirst(k) not in v:
return False
vals = []
for k in ['helpfulone', 'helpfultwo', 'helpfulthree', 'helpfulfour', 'helpfulfive']:
if form.getfirst(k) in vals:
return False
vals.append(form.getfirst(k))
return True
print 'Content-Type: text/html'
print ''
print '''
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB">
<head>
<title>CyberTracer Collaboration Survey</title>
<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" />
<link rel="stylesheet" href="survey.css" type="text/css" />
</head>
<body>
<div id="wrapper">
<div id="header">
<h1>Cyber Security Collaboration Survey &mdash; Tracer FIRE II</h1>
</div>
<div id="content">
'''
if validate(form):
results = [client, str(time.time())]
for k in fields.keys():
val = form.getfirst(k) or ''
if k == 'comments':
val = val.replace(',', ' ')
val = val.replace(':', ' ')
val = val.replace('\n', ' ')
val = val.replace('\r', ' ')
results.append('%s:%s' % (k, val))
f = open('/var/lib/ctf/survey/%s' % client, 'a')
f.write(','.join(results) + '\n')
f.close()
print '<p><b>SUCCESS!</b> Your survey submission has been accepted. Please <b>do not</b> retake the survey. Thanks!</p>'
else:
print '''
<p><b>FAIL!</b> It looks like you bypassed the client-side validation of the survey! That's too easy and the contest
hasn't even begun yet! Would you please go back and just take the survey? It is very important!</p>
'''
print '''
</div>
</div>
</body>
</html>
'''

125
www/survey.css
View File

@ -1,125 +0,0 @@
html {
background: #454545;
}
body {
margin: 0;
padding: 0;
border: 0;
border-right: 1px solid #000;
border-bottom: 1px solid #000;
width: 100%;
height: 100%;
background: #fff;
max-width: 800px;
color: #000;
font-size: 0.7em;
font-family: Tahoma, Arial, sans-serif;
}
#wrapper {
padding: 5em;
}
#header {
border-bottom: 1px solid #373737;
}
#content {
padding: 1em 0;
}
p {
margin: 0;
padding: 2px 0 2px 0;
}
a { color: #369; }
a:hover {
color: #fff;
background: #369;
text-decoration: none;
}
img {
padding: 0;
margin: 0;
border: none;
vertical-align: top;
}
table {
margin: 0.5em;
padding: 0;
border: 1px solid #373737;
border-collapse: collapse;
}
thead {
font-weight: bold;
background: #fff;
border-bottom-style: double;
}
tr {
padding: 0;
margin: 0;
border: 1px solid #373737;
}
td {
margin: 0;
padding: 2px 5px 2px 5px;
border: 1px dotted #c0c0c0;
}
h1, h2, h3, h4 { margin: .5em 0 .2em 0; }
h1 { font-size: 150%; }
h2 { font-size: 120%; }
h3 { font-size: 110%; }
h4 { font-size: 100%; }
fieldset { margin-top: 1em; }
input {
font-size: 100%;
margin: .25em .25em 0 .5em;
}
textarea {
width: 97%;
margin: .25em .25em 0 .5em;
}
.sep {
height:1px;
margin: 1em 0 1em 0;
border-bottom: 1px dashed #c0c0c0;
}
.question {
font-weight: bold;
margin-bottom: .5em;
}
ul {
margin: .25em .25em 0 .5em;
padding: 0 1.25em;
}
li {
margin-bottom: 1em;
}
.submit {
text-align: right;
margin-top: 1em;
border-top: 1px solid #373737;
padding-top: 1em;
}
.error {
margin: 1em 0;
padding: 1em;
border: 1px solid red;
background: #ffaaaa;
color: #000;
font-weight: bold;
}

344
www/survey.html
View File

@ -1,344 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB">
<head>
<title>CyberTracer Collaboration Survey</title>
<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" />
<link rel="stylesheet" href="survey.css" type="text/css" />
<script type="text/javascript">
function appendError(errorbox, txt) {
errorbox.appendChild(document.createTextNode(txt));
errorbox.appendChild(document.createElement("br"));
}
function hasSelection(radio) {
for(var i=0;i<radio.length;i++) {
if (radio[i].checked) {
return radio[i].value;
}
}
return false;
}
function validate(form) {
var f = document.survey;
var errorbox = document.createElement("p");
errorbox.className="error";
var errorCount = 0;
if (!hasSelection(f.affiliation)) {
appendError(errorbox, "No selection made for question 1.");
errorCount++;
}
if (!hasSelection(f.hostforensics)) {
appendError(errorbox, "No selection made for question 2 (host forensics).");
errorCount++;
}
if (!hasSelection(f.netforensics)) {
appendError(errorbox, "No selection made for question 2 (network forensics).");
errorCount++;
}
if (!hasSelection(f.reversing)) {
appendError(errorbox, "No selection made for question 2 (reverse engineering).");
errorCount++;
}
if (!hasSelection(f.regularcollab)) {
appendError(errorbox, "No selection made for question 3.");
errorCount++;
}
if (!hasSelection(f.collab)) {
appendError(errorbox, "No selection made for question 4.");
errorCount++;
}
if (!hasSelection(f.incident)) {
appendError(errorbox, "No selection made for question 5.");
errorCount++;
}
if (!hasSelection(f.channels)) {
appendError(errorbox, "No selection made for question 6.");
errorCount++;
}
var rankArray = [];
var sel = hasSelection(f.helpfulone);
if (!sel) {
appendError(errorbox, "No selection made for question 7 (rank 1).");
errorCount++;
} else {
rankArray.push(sel);
}
sel = hasSelection(f.helpfultwo);
if (!sel) {
appendError(errorbox, "No selection made for question 7 (rank 2).");
errorCount++;
} else if (rankArray.indexOf(sel) != -1) {
appendError(errorbox, "One item given multiple ranks in question 7.");
errorCount++;
} else {
rankArray.push(sel);
}
sel = hasSelection(f.helpfulthree);
if (!sel) {
appendError(errorbox, "No selection made for question 7 (rank 3).");
errorCount++;
} else if (rankArray.indexOf(sel) != -1) {
appendError(errorbox, "One item given multiple ranks in question 7.");
errorCount++;
} else {
rankArray.push(sel);
}
sel = hasSelection(f.helpfulfour);
if (!sel) {
appendError(errorbox, "No selection made for question 7 (rank 4).");
errorCount++;
} else if (rankArray.indexOf(sel) != -1) {
appendError(errorbox, "One item given multiple ranks in question 7.");
errorCount++;
} else {
rankArray.push(sel);
}
sel = hasSelection(f.helpfulfive);
if (!sel) {
appendError(errorbox, "No selection made for question 7 (rank 5).");
errorCount++;
} else if (rankArray.indexOf(sel) != -1) {
appendError(errorbox, "One item given multiple ranks in question 7.");
errorCount++;
} else {
rankArray.push(sel);
}
if (!hasSelection(f.toolset)) {
appendError(errorbox, "No selection made for question 8.");
errorCount++;
}
if (!hasSelection(f.overall)) {
appendError(errorbox, "No selection made for question 9.");
errorCount++;
}
if (errorCount != 0) {
errorbox.appendChild(document.createElement("br"));
appendError(errorbox, errorCount + " error(s) were encountered. Please correct them and resubmit.");
var d = document.getElementById("errordiv");
while(d.childNodes.length) {
d.removeChild(d.childNodes[0]);
}
d.appendChild(errorbox);
window.scrollTo(0,0);
return false;
}
return true;
}
</script>
</head>
<body>
<div id="wrapper">
<div id="header">
<h1>Cyber Security Collaboration Survey &mdash; Tracer FIRE II</h1>
</div>
<div id="content">
<p>Please take a few minutes to fill out and submit this survey. One of
the primary goals of the Cyber Tracer Team, the people behind Tracer FIRE,
is to improve the existing collaboration environment between NNSA sites
and other stakeholders. The information you provide in this survey will help
us to accomplish that goal.</p>
<div id="errordiv"></div>
<div class="sep"></div>
<form name="survey" action="survey.cgi" method="POST" onsubmit="return validate(this);">
<p class="question">1. What is your affiliation?</p>
<input type="radio" name="affiliation" value="nnsa" />NNSA<br />
<input type="radio" name="affiliation" value="doe" />DOE<br />
<input type="radio" name="affiliation" value="dod" />DOD<br />
<input type="radio" name="affiliation" value="otherfed" />Other Federal government<br />
<input type="radio" name="affiliation" value="state" />State government<br />
<input type="radio" name="affiliation" value="private" />Private sector<br />
<input type="radio" name="affiliation" value="other" />Other
<div class="sep"></div>
<p class="question">2. For each skill area listed, select the option that best describes the situation
at your site or within your organization.</p>
<ul>
<li>Host forensics<br />
<input type="radio" name="hostforensics" value="has" />have an advanced capability in this area<br />
<input type="radio" name="hostforensics" value="doesnt_have_can_get" />don't have an advanced capability in this area, but
<span style="font-style: italic;">can</span> obtain help from other sites<br />
<input type="radio" name="hostforensics" value="doesnt_have_cant_get" />don't have an advanced
capability in this area, and <span style="font-style: italic;">cannot</span>
obtain help from other sites
</li>
<li>Network forensics<br />
<input type="radio" name="netforensics" value="has" />have an advanced capability in this area<br />
<input type="radio" name="netforensics" value="doesnt_have_can_get" />don't have an advanced capability in this area, but
<span style="font-style: italic;">can</span> obtain help from other sites<br />
<input type="radio" name="netforensics" value="doesnt_have_cant_get" />don't have an advanced
capability in this area, and <span style="font-style: italic;">cannot</span>
obtain help from other sites
</li>
<li>Reverse engineering<br />
<input type="radio" name="reversing" value="has" />have an advanced capability in this area<br />
<input type="radio" name="reversing" value="doesnt_have_can_get" />don't have an advanced capability in this area, but
<span style="font-style: italic;">can</span> obtain help from other sites<br />
<input type="radio" name="reversing" value="doesnt_have_cant_get" />don't have an advanced
capability in this area, and <span style="font-style: italic;">cannot</span>
obtain help from other sites
</li>
</ul>
<div class="sep"></div>
<p class="question">3. How many other sites or organizations do you
<span style="font-style: italic;">regularly</span> collaborate with? "Regular" collaboration
is defined as collaboration that is frequent or part of standard operation procedure.</p>
<input type="radio" name="regularcollab" value="0" />0
<input type="radio" name="regularcollab" value="1" />1
<input type="radio" name="regularcollab" value="2" />2
<input type="radio" name="regularcollab" value="3" />3
<input type="radio" name="regularcollab" value="4" />4
<input type="radio" name="regularcollab" value="5+" />5+
<div class="sep"></div>
<p class="question">4. How many other sites or organizations did you collaborate
with in all of FY09?</p>
<input type="radio" name="collab" value="0" />0
<input type="radio" name="collab" value="1" />1
<input type="radio" name="collab" value="2" />2
<input type="radio" name="collab" value="3" />3
<input type="radio" name="collab" value="4" />4
<input type="radio" name="collab" value="5+" />5+
<div class="sep"></div>
<p class="question">5. If there were a serious cyber security incident at your site,
how many organizations would you feel comfortable calling for help?</p>
<input type="radio" name="incident" value="0" />0
<input type="radio" name="incident" value="1" />1
<input type="radio" name="incident" value="2" />2
<input type="radio" name="incident" value="3" />3
<input type="radio" name="incident" value="4" />4
<input type="radio" name="incident" value="5+" />5+
<div class="sep"></div>
<p class="question">6. Would you prefer to use official channels (e.g., make a request to a team dedicated to
vetting and fielding incident responders from around the complex) or unofficial channels (e.g., pick up the
phone and call the reverse engineering expert you exchanged business cards with at Tracer FIRE) to request
help with an incident?</p>
<input type="radio" name="channels" value="official" />Official channels
<input type="radio" name="channels" value="unofficial" />Unofficial channels
<div class="sep"></div>
<p class="question">7. Rank the items listed below from least to most helpful (1 = least helpful,
5 = most helpful) for establishing trust relationships and fostering collaboration between sites.</p>
<table>
<tr>
<td>Tracer FIRE</td>
<td>
<input type="radio" name="helpfulone" value="tracer" />1
<input type="radio" name="helpfultwo" value="tracer" />2
<input type="radio" name="helpfulthree" value="tracer" />3
<input type="radio" name="helpfulfour" value="tracer" />4
<input type="radio" name="helpfulfive" value="tracer" />5
</td>
</tr>
<tr>
<td>Cyber security conferences</td>
<td>
<input type="radio" name="helpfulone" value="cons" />1
<input type="radio" name="helpfultwo" value="cons" />2
<input type="radio" name="helpfulthree" value="cons" />3
<input type="radio" name="helpfulfour" value="cons" />4
<input type="radio" name="helpfulfive" value="cons" />5
</td>
</tr>
<tr>
<td>Video teleconferencing</td>
<td>
<input type="radio" name="helpfulone" value="vtc" />1
<input type="radio" name="helpfultwo" value="vtc" />2
<input type="radio" name="helpfulthree" value="vtc" />3
<input type="radio" name="helpfulfour" value="vtc" />4
<input type="radio" name="helpfulfive" value="vtc" />5
</td>
</tr>
<tr>
<td>Teleconferencing</td>
<td>
<input type="radio" name="helpfulone" value="tc" />1
<input type="radio" name="helpfultwo" value="tc" />2
<input type="radio" name="helpfulthree" value="tc" />3
<input type="radio" name="helpfulfour" value="tc" />4
<input type="radio" name="helpfulfive" value="tc" />5
</td>
</tr>
<tr>
<td>SILC or IRC</td>
<td>
<input type="radio" name="helpfulone" value="irc" />1
<input type="radio" name="helpfultwo" value="irc" />2
<input type="radio" name="helpfulthree" value="irc" />3
<input type="radio" name="helpfulfour" value="irc" />4
<input type="radio" name="helpfulfive" value="irc" />5
</td>
</tr>
</table>
<div class="sep"></div>
<p class="question">8. How effective is the toolset (hardware and software) that is available to you
for cyber collaboration?</p>
<input type="radio" name="toolset" value="0" />Not effective at all
<input type="radio" name="toolset" value="1" />Somewhat effective
<input type="radio" name="toolset" value="2" />Sufficient
<input type="radio" name="toolset" value="3" />Very effective
<input type="radio" name="toolset" value="4" />Couldn't be better
<div class="sep"></div>
<p class="question">9. How effective is the existing collaboration environment between NNSA sites
and other stakeholders?</p>
<input type="radio" name="overall" value="0" />Not effective at all
<input type="radio" name="overall" value="1" />Somewhat effective
<input type="radio" name="overall" value="2" />Sufficient
<input type="radio" name="overall" value="3" />Very effective
<input type="radio" name="overall" value="4" />Couldn't be better
<div class="sep"></div>
<p class="question">10. Do you have any suggestions or ideas for improving the cyber collaboration
environment between NNSA sites and other stakeholders? Please be brief.</p>
<textarea name="comments" rows="5"></textarea>
<div class="submit">
<input type="submit" value="Submit" />
</div>
</form>
</div>
</div>
</body>
</html>

360
www/tanks/docs.html
View File

@ -1,360 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Tanks Documentation</title>
<link rel="stylesheet" href="/ctf.css" type="text/css" />
</head>
<body class="">
<h1>Tanks Documentation</h1>
<div id="navigation">
<ul>
<li><a href="/intro.html">Intro/Rules</a></li>
<li><a href="/services.html">Svc
flags</a></li>
<li><a href="/tanks/results.cgi">Tanks</a></li>
<li><a href="/puzzler.cgi">Puzzles</a></li>
<li><a href="/scoreboard.html">Scoreboard</a></li>
</ul>
<h3>Tanks</h3>
<li><a href="docs.html">Docs</a></li>
<li><a href="results.cgi">Results</a></li>
<li><a href="submit.html">Submit</a></li>
<li><a href="errors.cgi">My Errors</a></li>
</div>
<h2>Introduction</h2>
<p>
You are the proud new operator of a M-375 Pflanzarr Tank. Your
tank is equipped with a powerful laser cannon, independently
rotating turret section, up to 10 enemy detection sensors, and a
standard issue NATO hull. Unfortunately, it lacks seats, and thus
must rely own its own wits and your skills at designing those wits
to survive.
</p>
<h2>Programming Your Tank</h2>
<p>
Your tanks are programmed using the Super Useful Command and
Kontrol language, the very best in laser tank AI languages. It
includes amazing features such as comments (Started by a #, ended
at EOL), logic, versatility, and semi-colons (all lines must end
in one). As with all new military systems it utilizes only
integers; we must never rest in our diligence against the
communist floating point conspiracy. Whitespace is provided by
trusted contractors, and should never interfere with operations.
</p>
<p>
Your program should be separated into Setup and AI commands. The
definitions section lets you designated the behaviors of its
sensors and memory. Each setup command must begin with a
'&gt;'. Placing setup commands after the first AI command is a
violation of protocol. Here are some examples of correct setup
commands:
</p>
<pre class="docs">&gt;addsensor(80, 90, 33);
&gt;addsensor(50, 0, 10, 1);
&gt;addtimer(3);</pre>
<p>
The AI section will act as the brain of your tank. Each AI line
is separated into a group of conditions functions and a group of
action functions. If all the conditions are satisfactory (true),
all of the actions are given as orders. Conditions are separated
by ampersands, actions separated by periods. Here are some
examples of AI commands:
</p>
<pre class="docs">sense(1) & sense(2) & fireready() : fire();
sense(0,0)&sin(5): move(40, 30) . turretcw(50);
sense(4) & random(4,5) :
led(1).settoggle(0,1);</pre>
<p>
Your tank will execute its program each turn(frame), and attempt
to the best of its abilities to carry out its orders (or die
trying). Like any military mind, your tank may receive a plethora
of often conflicting orders and information. This a SMART TANK,
however. It knows that the proper thing to do with each subsystem
is to have that subsystem follow only the last order given each
turn.
</p>
<pre class="docs">#Setup commands define your tank when your program
#compiles
&gt;addsensor(50, 0, 5, 1); # 0-Fire Sensor
&gt;addsensor(30, 0, 180); # 1-Anti-collision sensor
# These commands execute each frame.
# Blank condition sections are true.
: move(90, 100).
turretset(0);
sense(0) : fire();
sense(1) : move(-100, 100)</pre>
<h3>Setup Actions:</h3>
<p>
These functions can be used to setup your tank. Abuse of these
functions has, in the past, resulted in mine sweeping duty. With
a broom.
</p>
<p>
<dl>
<dt>addsensor(range, angle, width, [turretAttached])</dt>
<dd>
<p>Add a new sensor to the tank.</p>
<p>
Sensors are an arc (pie slice) centered on the tank that
detect other tanks within their sweep.<br/>
A sensor is 'on' if another tank is within this arc.
</p>
<p>
Sensors are numbered, starting at 0, in the order they are
added.
</p>
<p>
range - The range of the sensor, as a percent of the tanks max
range.<br/>
angle - The angle of the center of the sensor, in degrees.<br />
width - The width of the sensor, in degrees.<br />
turretAttached - Normally, the angle is relative to the front of
the
tank.<br /> When this is set, the angle is relative to the current
turret
direction.<br />
</p>
</dd>
<dt>addtimer(timeout)</dt>
<dd>
<p>
Add a new timer (they're numbered in the order added, starting from 0),
with the given timeout.
</p>
<p>
The timeout is in number of turns.<br />
The timer
is created in inactive mode.<br /> You'll need to do a starttimer()
action
to reset and start the timer.<br /> When the timer expires, the
timer()
condition will begin to return True.
</p>
</dd>
<dt>addtoggle([state])</dt>
<dd>
<p>Add a toggle to the tank.</p>
<p>
The state of the toggle defaults to 0 (False).<br />
These essentially act as a single bit of memory.<br />
Use the toggle() condition to check its state and the settoggle,
cleartoggle,
and toggle actions to change the state.<br /> Toggles are named
numerically,
starting at 0.
</p>
</dd>
</dl>
<h3>Conditions:</h3>
<p>
These functions are used to check the state of reality. If reality
stops being real, refer to chapter 5 in your girl scout
handbook.
</p>
<dl>
<dt>cos(T)</dt>
<dd>
<p>
A cos wave with period T (in turns).
</p>
<p>
Returns True when the wave is
positive.<br /> A wave of period 1 is always True.<br /> Period
2 is True every
other turn, etc.
</p>
</dd>
<dt>firenotready()</dt>
<dd>
<p>
True when the tank can not fire.
</p>
</dd>
<dt>fireready()</dt>
<dd>
<p>
True when the tank can fire.
</p>
</dd>
<dt>random(n,m)</dt>
<dd>
<p>Generate a random number.</p>
<p>
Takes two
arguments, n and m.<br /> Generates a random number between 1
and m (inclusive) each time it's checked.<br /> If the random
number is less
than or equal
to n, then the condition returns True.<br /> Returns False
otherwise.
</p>
</dd>
<dt>sense(#, [invert])</dt>
<dd>
<p>True when a sensor is activated.</p>
<p>
Takes a Sensor number as an argument.<br />
Returns True if the given sensor is currently activated, False
otherwise.<br />
If the option argument invert is set to true then logic is
inverted,
and then sensor returns True when it is NOT activated, and
False when
it is.<br /> Invert is false by default.
</p>
</dd>
<dt>sin(T)</dt>
<dd>
<p>A sin wave of period T (in turns).</p>
<p>
Returns True when the wave is positive.<br />
A wave with period 1 or 2 is always False (it's 0 each turn),
only
at periods of 3 or more does this become useful.
</p>
</dd>
<dt>timer(#, [invert])</dt>
<dd>
<p>Checks the state of timer # 'key'.</p>
<p>
Returns True if time has run
out.<br />
If invert is given (and true), then True is returned if the
timer has
yet to expire.
</p>
</dd>
<dt>toggle(#)</dt>
<dd>
<p>Returns True if the given toggle is set, False
otherwise.</p>
</dd>
</dl>
<h3>Actions:</h3>
<p>
These actions are not for cowards. Remember, if actions
contradict, your tank will simply do the last thing it was told in
a turn. If ordered to hop on a plane to hell it will gladly do
so. If order to make tea shortly afterwards, it will serve it
politely and with cookies instead.
</p>
<dl>
<dt>cleartimer(#)</dt>
<dd>
<p>Clear the given timer such that it is no longer active (inactive timers
are always False).</p>
</dd>
<dt>fire()</dt>
<dd>
<p>Attempt to fire the tanks laser cannon.</p>
<p>
Its range is 50% of your sensor range.
</p>
</dd>
<dt>led(state)</dt>
<dd>
<p>Set the tank's LED to state (true is on, false is off).</p>
<p>
The led is a light that appears behind the tanks turret.<br/>
It remains on for a single turn.
</p>
</dd>
<dt>move(left tread speed, right tread speed)</dt>
<dd>
<p>Set the speeds for the tanks right and left treads.</p>
<p>
The speeds should
be a number (percent power) between -100 and
100.
</p>
</dd>
<dt>settoggle(key, state)</dt>
<dd>
<p>Set toggle 'key' to 'state'.</p>
</dd>
<dt>starttimer(#)</dt>
<dd>
<p>Start (and reset) the given timer, but only if it is
inactive.</p>
</dd>
<dt>toggle(key)</dt>
<dd>
<p>Toggle the value of toggle 'key'.</p>
</dd>
<dt>turretccw([percent speed])</dt>
<dd>
<p>Rotate the turret counter clockwise as a
percentage of the max speed.</p>
</dd>
<dt>turretcw([percent speed])</dt>
<dd>
<p>Rotate the turret clockwise at a rate
preportional to speed.</p>
</dd>
<dt>turretset([angle])</dt>
<dd>
<p>Set the turret to the given angle, in degrees, relative to the
front of the tank.</p>
<p>
Angles increase counterclockwise.<br/> The angle can be left
out; in that case, this locks the turret to its current
position.
</p>
</dd>
</dl>
</body>
</html>

4
www/tanks/errors.cgi
View File

@ -23,7 +23,9 @@ body = []
fields = cgi.FieldStorage()
team = fields.getfirst('team', '').strip()
passwd = fields.getfirst('passwd', '').strip()
if teams.chkpasswd(team, passwd):
if not team:
pass
elif teams.chkpasswd(team, passwd):
path = os.path.join(basedir, 'errors', quote(team))
if os.path.isfile(path):
body.append('<p>Your latest errors:</p>')

46
www/tanks/submit.html
View File

@ -1,46 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Tanks Submission</title>
<link rel="stylesheet" href="/ctf.css" type="text/css" />
</head>
<body class="">
<h1>Tanks Submission</h1>
<div id="navigation">
<ul>
<li><a href="/">Home</a></li>
<li><a href="/intro.html">Intro/Rules</a></li>
<li><a href="/services.html">Svc flags</a></li>
<li><a href="/puzzler.cgi">Puzzles</a></li>
<li><a href="/scoreboard.html">Scoreboard</a></li>
</ul>
<h3>Tanks</h3>
<li><a href="docs.html">Docs</a></li>
<li><a href="results.cgi">Results</a></li>
<li><a href="submit.html">Submit</a></li>
<li><a href="errors.cgi">My Errors</a></li>
</div>
<form action="submit.cgi" method="post">
<fieldset>
<legend>Your program:</legend>
Team:
<input type="text" name="team"/><br/>
Password:
<input type="password" name="passwd"/><br/>
<textarea cols="80" rows="30" name="code"></textarea><br/>
<button type="submit">Submit</button>
</fieldset>
</form>
</body>
</html>