mirror of https://github.com/dirtbags/moth.git
Start at p2 server package
This commit is contained in:
parent
2617552974
commit
a7753f712c
|
@ -1,13 +1,20 @@
|
|||
00ADMIN_PKGDIR = $(TARGET)/00admin
|
||||
00ADMIN_BUILDDIR = $(BUILD)/00admin
|
||||
|
||||
ifndef PASSWORD
|
||||
$(error PASSWORD not defined)
|
||||
endif
|
||||
|
||||
00admin-install:
|
||||
00admin-build: $(00ADMIN_BUILDDIR)/build
|
||||
$(00ADMIN_BUILDDIR)/build:
|
||||
$(MAKE) -C packages/00admin/src
|
||||
touch $<
|
||||
|
||||
00admin-install: $(00ADMIN_BUILDDIR)/build
|
||||
$(call COPYTREE, packages/00admin/service, $(00ADMIN_PKGDIR)/service)
|
||||
echo "$(PASSWORD)" > $(00ADMIN_PKGDIR)/password
|
||||
mkdir -p $(00ADMIN_PKGDIR)/sbin
|
||||
cp packages/00admin/sbin/* $(00ADMIN_PKGDIR)/sbin
|
||||
cp packages/00admin/bin/* $(00ADMIN_PKGDIR)/bin
|
||||
cp packages/00admin/src/tea $(00ADMIN_PKGDIR)/bin
|
||||
|
||||
PACKAGES += 00admin
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
all: tea
|
||||
clean:
|
||||
rm -f tea
|
|
@ -1,14 +1,11 @@
|
|||
CFLAGS = -Wall -Werror
|
||||
TARGETS = claim.cgi puzzler.cgi puzzles.cgi
|
||||
TARGETS += pointscli arc4 tea
|
||||
TARGETS += pointscli
|
||||
|
||||
all: build
|
||||
|
||||
build: $(TARGETS)
|
||||
|
||||
arc4: CFLAGS += -DARC4_MAIN
|
||||
arc4: arc4.o
|
||||
|
||||
pointscli: pointscli.o common.o
|
||||
|
||||
puzzles.cgi: puzzles.cgi.o common.o
|
||||
|
|
|
@ -1,230 +0,0 @@
|
|||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include "arc4.h"
|
||||
|
||||
#define swap(a, b) do {uint8_t _swap=a; a=b, b=_swap;} while (0)
|
||||
|
||||
void
|
||||
arc4_init(struct arc4_ctx *ctx, uint8_t const *key, size_t keylen)
|
||||
{
|
||||
int i;
|
||||
int j = 0;
|
||||
|
||||
for (i = 0; i < 256; i += 1) {
|
||||
ctx->S[i] = i;
|
||||
}
|
||||
|
||||
for (i = 0; i < 256; i += 1) {
|
||||
j = (j + ctx->S[i] + key[i % keylen]) % 256;
|
||||
swap(ctx->S[i], ctx->S[j]);
|
||||
}
|
||||
ctx->i = 0;
|
||||
ctx->j = 0;
|
||||
}
|
||||
|
||||
uint8_t
|
||||
arc4_out(struct arc4_ctx *ctx)
|
||||
{
|
||||
ctx->i = (ctx->i + 1) % 256;
|
||||
ctx->j = (ctx->j + ctx->S[ctx->i]) % 256;
|
||||
swap(ctx->S[ctx->i], ctx->S[ctx->j]);
|
||||
return ctx->S[(ctx->S[ctx->i] + ctx->S[ctx->j]) % 256];
|
||||
}
|
||||
|
||||
void
|
||||
arc4_crypt(struct arc4_ctx *ctx,
|
||||
uint8_t *obuf, const uint8_t *ibuf, size_t buflen)
|
||||
{
|
||||
size_t k;
|
||||
|
||||
for (k = 0; k < buflen; k += 1) {
|
||||
obuf[k] = ibuf[k] ^ arc4_out(ctx);
|
||||
}
|
||||
}
|
||||
|
||||
/* Create a nonce as an arc4 stream with key=seed */
|
||||
void
|
||||
arc4_nonce(uint8_t *nonce, size_t noncelen,
|
||||
void *seed, size_t seedlen)
|
||||
{
|
||||
struct arc4_ctx ctx;
|
||||
int i;
|
||||
|
||||
arc4_init(&ctx, seed, seedlen);
|
||||
for (i = 0; i < noncelen; i += 1) {
|
||||
nonce[i] = arc4_out(&ctx);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/***************************************************
|
||||
*
|
||||
* Psuedo Random Number Generation
|
||||
*
|
||||
*/
|
||||
static struct arc4_ctx prng_ctx;
|
||||
static int prng_initialized = 0;
|
||||
|
||||
void
|
||||
arc4_rand_seed(const uint8_t *seed, size_t seedlen)
|
||||
{
|
||||
arc4_init(&prng_ctx, seed, seedlen);
|
||||
prng_initialized = 1;
|
||||
}
|
||||
|
||||
static void
|
||||
arc4_rand_autoseed()
|
||||
{
|
||||
if (! prng_initialized) {
|
||||
uint8_t key[ARC4_KEYLEN];
|
||||
FILE *urandom;
|
||||
|
||||
/* Open /dev/urandom or die trying */
|
||||
urandom = fopen("/dev/urandom", "r");
|
||||
if (! urandom) {
|
||||
perror("Opening /dev/urandom");
|
||||
abort();
|
||||
}
|
||||
setbuf(urandom, NULL);
|
||||
fread(&key, sizeof(key), 1, urandom);
|
||||
fclose(urandom);
|
||||
|
||||
arc4_rand_seed(key, sizeof(key));
|
||||
}
|
||||
}
|
||||
|
||||
uint8_t
|
||||
arc4_rand8()
|
||||
{
|
||||
arc4_rand_autoseed();
|
||||
return arc4_out(&prng_ctx);
|
||||
}
|
||||
|
||||
uint32_t
|
||||
arc4_rand32()
|
||||
{
|
||||
arc4_rand_autoseed();
|
||||
return ((arc4_out(&prng_ctx) << 0) |
|
||||
(arc4_out(&prng_ctx) << 8) |
|
||||
(arc4_out(&prng_ctx) << 16) |
|
||||
(arc4_out(&prng_ctx) << 24));
|
||||
}
|
||||
|
||||
/*****************************************
|
||||
*
|
||||
* Stream operations
|
||||
*
|
||||
*/
|
||||
|
||||
ssize_t
|
||||
arc4_encrypt_stream(FILE *out, FILE *in,
|
||||
const uint8_t *key, size_t keylen)
|
||||
{
|
||||
struct arc4_ctx ctx;
|
||||
uint32_t seed = arc4_rand32();
|
||||
uint8_t nonce[ARC4_KEYLEN];
|
||||
ssize_t written = 0;
|
||||
int i;
|
||||
|
||||
fwrite("arc4", 4, 1, out);
|
||||
fwrite(&seed, sizeof(seed), 1, out);
|
||||
|
||||
arc4_nonce(nonce, sizeof(nonce), &seed, sizeof(seed));
|
||||
for (i = 0; i < keylen; i += 1) {
|
||||
nonce[i] ^= key[i];
|
||||
}
|
||||
arc4_init(&ctx, nonce, sizeof(nonce));
|
||||
|
||||
while (1) {
|
||||
int c = fgetc(in);
|
||||
|
||||
if (EOF == c) break;
|
||||
fputc((uint8_t)c ^ arc4_out(&ctx), out);
|
||||
written += 1;
|
||||
}
|
||||
|
||||
return written;
|
||||
}
|
||||
|
||||
ssize_t
|
||||
arc4_decrypt_stream(FILE *out, FILE *in,
|
||||
const uint8_t *key, size_t keylen)
|
||||
{
|
||||
struct arc4_ctx ctx;
|
||||
uint32_t seed;
|
||||
uint8_t nonce[ARC4_KEYLEN];
|
||||
ssize_t written = 0;
|
||||
char sig[4];
|
||||
int i;
|
||||
|
||||
fread(&sig, sizeof(sig), 1, in);
|
||||
if (memcmp(sig, "arc4", 4)) {
|
||||
return -1;
|
||||
}
|
||||
fread(&seed, sizeof(seed), 1, in);
|
||||
|
||||
arc4_nonce(nonce, sizeof(nonce), &seed, sizeof(seed));
|
||||
for (i = 0; i < keylen; i += 1) {
|
||||
nonce[i] ^= key[i];
|
||||
}
|
||||
arc4_init(&ctx, nonce, sizeof(nonce));
|
||||
|
||||
while (1) {
|
||||
int c = fgetc(in);
|
||||
|
||||
if (EOF == c) break;
|
||||
fputc((uint8_t)c ^ arc4_out(&ctx), out);
|
||||
written += 1;
|
||||
}
|
||||
|
||||
return written;
|
||||
}
|
||||
|
||||
|
||||
#ifdef ARC4_MAIN
|
||||
|
||||
#include <sysexits.h>
|
||||
#include <unistd.h>
|
||||
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
uint8_t key[ARC4_KEYLEN] = {0};
|
||||
size_t keylen;
|
||||
|
||||
/* Read key and initialize context */
|
||||
{
|
||||
char *ekey = getenv("KEY");
|
||||
|
||||
if (ekey) {
|
||||
keylen = strlen(ekey);
|
||||
memcpy(key, ekey, keylen);
|
||||
} else {
|
||||
keylen = read(3, key, sizeof(key));
|
||||
if (-1 == keylen) {
|
||||
fprintf(stderr, "error: must specify key.\n");
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (! argv[1]) {
|
||||
if (-1 == arc4_decrypt_stream(stdout, stdin, key, keylen)) {
|
||||
fprintf(stderr, "error: not an arc4 stream.\n");
|
||||
return 1;
|
||||
}
|
||||
} else if (0 == strcmp(argv[1], "-e")) {
|
||||
arc4_encrypt_stream(stdout, stdin, key, keylen);
|
||||
} else {
|
||||
fprintf(stderr, "Usage: %s [-e] <PLAINTEXT\n", argv[0]);
|
||||
fprintf(stderr, "\n");
|
||||
fprintf(stderr, "You must pass in a key on fd 3 or in the environment variable KEY.\n");
|
||||
return EX_USAGE;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* ARC4_MAIN */
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
/opt/00admin/bin/fire-ip del
|
|
@ -0,0 +1 @@
|
|||
10.0.0.2/24
|
|
@ -0,0 +1,25 @@
|
|||
#! /bin/sh -e
|
||||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(/opt/00admin/bin/fire-ip add)
|
||||
|
||||
addgroup -g 65534 nogroup || true
|
||||
adduser -D -g nogroup -u 65534 -h /tmp -H nobody || true
|
||||
|
||||
hostname p2
|
||||
|
||||
# Link in puzzles and web pages
|
||||
install -d /var/www
|
||||
for d in /opt/*; do
|
||||
w=/var/www/$(basename $d)
|
||||
if [ -d $d/puzzles ] && ! [ -d $w ]; then
|
||||
ln -sf $d/puzzles $w
|
||||
fi
|
||||
if [ -d $d/www ]; then
|
||||
ln -sf $d/www/* /var/www/
|
||||
fi
|
||||
done
|
||||
|
||||
ln -sf /var/www default
|
||||
exec tcpsvd -u nobody ${IP%/*} 80 /opt/p2/bin/eris -c
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
exec svlogd -tt $PWD
|
|
@ -0,0 +1,31 @@
|
|||
#! /bin/sh -e
|
||||
|
||||
fn=$2/$3
|
||||
|
||||
WWW=${CTF_BASE:-/var/www}
|
||||
BASE=${CTF_BASE:-/var/lib/ctf}
|
||||
OPT=${CTF_BASE:-/opt}
|
||||
|
||||
POINTS=$BASE/points.log
|
||||
BACKUP=$WWW/backup.png
|
||||
SCOREBOARD=$WWW/scoreboard.html
|
||||
|
||||
# Only do this if this score hasn't yet been recorded
|
||||
if [ -z "$(sort -k2 $POINTS $fn | uniq -f1 -d)" ]; then
|
||||
cat $fn >> $POINTS
|
||||
rm $fn
|
||||
fi
|
||||
|
||||
if [ $POINTS -nt $SCOREBOARD ]; then
|
||||
# Generate new backup
|
||||
(
|
||||
cat bkup.png;
|
||||
tar cvf - $BASE | gzip -c | $OPT/00admin/bin/tea 3< $OPT/00admin/password
|
||||
) > $BACKUP.new
|
||||
mv $BACKUP.new $BACKUP
|
||||
|
||||
# Render scoreboard
|
||||
/opt/p2/bin/scoreboard < $POINTS > $SCOREBOARD.new
|
||||
mv $SCOREBOARD.new $SCOREBOARD
|
||||
fi
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
#! /bin/sh -e
|
||||
|
||||
exec 2>&1
|
||||
|
||||
install -d /var/lib/ctf
|
||||
|
||||
# Create CTF and nobody users
|
||||
touch /etc/group /etc/passwd
|
||||
addgroup -g 65534 nogroup || true
|
||||
adduser -D -S -h /var/lib/ctf -H ctf || true
|
||||
adduser -D -g nogroup -u 65534 -h /tmp -H nobody || true
|
||||
|
||||
# Set up base directories
|
||||
NEWDIR=/var/lib/ctf/points.new
|
||||
install -d /var/www
|
||||
install -d /var/lib/ctf
|
||||
install -o ctf -m 0755 -d $NEWDIR
|
||||
install -o ctf -m 0755 -d /var/lib/ctf/points.tmp
|
||||
|
||||
# Create some files
|
||||
CLAIM=/var/lib/ctf/claim.db
|
||||
touch $CLAIM
|
||||
chown ctf $CLAIM
|
||||
touch /var/lib/ctf/points.log
|
||||
|
||||
# Generate preliminary scoreboard
|
||||
if ! [ -f /var/www/scoreboard.html ]; then
|
||||
/opt/mcp/bin/scoreboard < /dev/null > /var/www/scoreboard.html
|
||||
fi
|
||||
|
||||
|
||||
if [ -x /sbin/inotifyd ]; then
|
||||
exec /sbin/inotifyd ./pointsd $NEWDIR:y
|
||||
fi
|
||||
|
||||
# Simulate inotifyd
|
||||
cd $NEWDIR
|
||||
while true; do
|
||||
for fn in *; do
|
||||
[ -f "$fn" ] || continue
|
||||
./pointsd m $NEWDIR $fn
|
||||
done
|
||||
sleep 7
|
||||
done
|
Binary file not shown.
After Width: | Height: | Size: 247 B |
Loading…
Reference in New Issue