jdejeu/CTF_Site
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Final (hopefully working) version!

Browse source
This commit is contained in:
Julius de Jeu 2019-06-13 18:06:08 +02:00
parent d60171f6f7
commit e0e9c15c6e
8 changed files with 64 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Dockerfile
View file

@ -1,4 +1,4 @@
FROM python:3.7 FROM python:3.7 as build
RUN pip install pipenv RUN pip install pipenv
@ -6,4 +6,10 @@ RUN pip install pipenv
WORKDIR /app WORKDIR /app
COPY . /app COPY . /app
RUN pipenv install --system --deploy --ignore-pipfile RUN pipenv install --system --deploy --ignore-pipfile
RUN mkdocs build
FROM nginx:alpine
COPY --from=build /app/site /usr/share/nginx/html
EXPOSE 80

1
Pipfile
View file

@ -9,6 +9,7 @@ pylint = "*"
[packages] [packages]
mkdocs = "*" mkdocs = "*"
mkdocs-bootswatch = "*"
[requires] [requires]
python_version = "3.7" python_version = "3.7"

10
Pipfile.lock generated
View file

@ -1,7 +1,7 @@
{ {
"_meta": { "_meta": {
"hash": { "hash": {
"sha256": "d94cad0dc30488627958d67d89ddc51fed636a03f30aa583585e6ee8247086f5" "sha256": "875711ee7e44ef60b24f4cfb89e0c6894741eededcd39192bdc2fd3d32134063"
}, },
"pipfile-spec": 6, "pipfile-spec": 6,
"requires": { "requires": {
@ -85,6 +85,14 @@
"index": "pypi", "index": "pypi",
"version": "==1.0.4" "version": "==1.0.4"
}, },
"mkdocs-bootswatch": {
"hashes": [
"sha256:1abe0b2ba0af643092202ec33e709d6cd06881bade66e2447c6c10fdb4bcccfa",
"sha256:6be56764675814036a507d32828710e93dbe3e7aced2cdd820b946a3ebf2308e"
],
"index": "pypi",
"version": "==1.0"
},
"pyyaml": { "pyyaml": {
"hashes": [ "hashes": [
"sha256:57acc1d8533cbe51f6662a55434f0dbecfa2b9eaf115bede8f6fd00115a0c0d3", "sha256:57acc1d8533cbe51f6662a55434f0dbecfa2b9eaf115bede8f6fd00115a0c0d3",

3
docs/easy.md
View file

@ -2,4 +2,5 @@
> These challenges are considered easy, they basically guide you to what to do. Do remember to read everything correctly okay? > These challenges are considered easy, they basically guide you to what to do. Do remember to read everything correctly okay?
## Finally ## Finally
You are not a master yet, but you can get closer [here](/medium) You are not a master yet, but you can get closer [here](/medium)
<script src="/js/verify.js"></script>

3
docs/hard.md
View file

@ -2,4 +2,5 @@
> These challenges simply don't tell you what to do at all, these are supposed to be hard for first/second year CSE students. > These challenges simply don't tell you what to do at all, these are supposed to be hard for first/second year CSE students.
## Finally ## Finally
Yeah, you are a master now, and I hope you had fun! - J Yeah, you are a master now, and I hope you had fun! - J
<script src="/js/verify.js"></script>

28
docs/js/verify.js Normal file
View file

@ -0,0 +1,28 @@
function httpGet(theUrl, elem) {
function reqListener() {
let res = this.responseText
if(res === "wrong"){
alert("Nope, sorry. This is the wrong key!")
}else if(res === "nope" || res === "missing"){
alert(`Could you send a message to J00LZ##9386 on Discord with the challenge name, he apparently misconfigured this... (${res})`)
}else if(res === "ok"){
alert("Good job! You solved the challenge!")
}
}
var oReq = new XMLHttpRequest();
oReq.addEventListener("load", reqListener);
oReq.open("GET", theUrl);
oReq.send();
}
function check(challenge, elem) {
flag = document.querySelector(`input#${elem}`).value
flagExp = flag.match(/(?:flag)\{([\w]+)\}/i)
if(flagExp == null || flagExp == undefined){
alert("That isn't even a flag?")
return
}
console.log(flagExp)
httpGet(`https://challengeverify.voidcorp.nl/${challenge}/${flagExp[1]}`, elem)
}

21
docs/medium.md
View file

@ -3,17 +3,22 @@
## Socks to be you ## Socks to be you
### The story so far ### The story so far
Our friendly IT guy John has set up a hidden service to control his VM's.
The only problem is that his rival in the company, Dave, kind of wants to screw John over.
This is not an issue for John, he is quite capable with coding and knows exactly which commands to use. This is quite useful when he wants to hide the commands from Dave.
Dave did however figure out where the server is hosted: [wsecho.voidcorp.nl](https://wsecho.voidcorp.nl)!
Now dave wants to find John's password to really screw him over. He knows dave so it probably isn't hidden too well...
#### Your mission > Our friendly IT guy John has set up a hidden service to control his VM's.
> The only problem is that his rival in the company, Dave, kind of wants to screw John over.
> This is not an issue for John, he is quite capable with coding and knows exactly which commands to use.
> This is quite useful when he wants to hide the commands from Dave.
> Dave did however figure out where the server is hosted: [johndoor.voidcorp.nl](https://johndoor.voidcorp.nl)!
> Now Dave wants to find John's password to really screw him over.
> He knows John so it probably isn't hidden too well...
### Your mission
1. Hack into the server 1. Hack into the server
2. Read the hidden password (format=`flag{xxx}`) 2. Read the hidden password (format=`flag{xxx}`)
3. Report back to Dave (aka the sender of this mission) with the password! 3. <input id="johnFlag"><button onClick="check('johndoor', 'johnFlag')">Check!</button>
## Finally ## Finally
Getting closer to being considered a master, but you'll have to get the rank [here](/hard)! Getting closer to being considered a master, but you'll have to get the rank [here](/hard)!
<script src="/js/verify.js"></script>

2
mkdocs.yml
View file

@ -6,7 +6,7 @@ nav:
- Hard: hard.md - Hard: hard.md
- About: about.md - About: about.md
theme: theme:
name: mkdocs name: slate
shortcuts: shortcuts:
help: 191 # ? help: 191 # ?
next: 78 # n next: 78 # n