adapted for slashroot 2019

5 years ago · 689693df2b
--- a/.drone.yml
+++ b/.drone.yml
@ -1,10 +0,0 @@
 pipeline:
  build-docker:
    image: docker:18.06.1-ce
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    commands:
      - chmod +x ./build-image.sh
      - ./build-image.sh
    when:
 event: [push]
--- a/.start.sh
+++ b/.start.sh
@ -0,0 +1,2 @@
 #!/bin/bash
 (socat TCP-LISTEN:20202,reuseaddr,fork EXEC:/chall/version002,su=nobody)
--- a/+ 4
+++ b/+ 4
@ -1,5 +1,5 @@
 # Use ubuntu 16.04
 FROM ubuntu:16.04
 # Use ubuntu 19.04
 FROM ubuntu:latest
 EXPOSE 20202
 RUN apt-get update

@ -15,6 +15,7 @@ WORKDIR /chall
 # Secure ENV
 COPY flag.txt .
 COPY version002 .
 COPY .start.sh /var/tmp/

 RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
 RUN chmod 700 /tmp /usr/bin/* /bin/* /dev/shm
@ -22,9 +23,8 @@ RUN chmod 700 /tmp /usr/bin/* /bin/* /dev/shm

 RUN chown root:ksl /chall/version002
 RUN chmod 775 /chall/version002
 RUN chmod 775 /var/tmp/.start.sh

 # Run Service

 RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:20202,reuseaddr,fork EXEC:"/chall/version002,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh

 CMD ["/var/tmp/.start.sh"]
--- a/+ 1
+++ b/+ 1
@ -1,7 +1,7 @@
 COMPILER=g++
 #FLAGS=-g -I. -pedantic -Wall -Wextra -Wcast-align -Wcast-qual -Wctor-dtor-privacy -Wdisabled-optimization -Wformat=2 -Winit-self -Wlogical-op -Wmissing-declarations -Wmissing-include-dirs -Wnoexcept -Wold-style-cast -Woverloaded-virtual -Wredundant-decls -Wshadow -Wsign-conversion -Wsign-promo -Wstrict-null-sentinel -Wstrict-overflow=5 -Wswitch-default -Wundef -Werror -Wno-unused
 #FLAGS=-g -I.
 FLAGS=-I.
 FLAGS=-s -I.
 O_DIR=obj

 CLASS_DIR=src/class
--- a/build-image.sh
+++ b/build-image.sh
@ -1,14 +0,0 @@
 #!/bin/sh
 set -e
 set -o xtrace

 IMAGE_NAME=hack-the-game-v002

 # clean old images
 OLD_IMAGES=$(docker images $IMAGE_NAME -q --no-trunc)
 if [ -n "${OLD_IMAGES}" ]; then
  docker rmi -f ${OLD_IMAGES};
 fi

 #Build Images
 docker build . -t $IMAGE_NAME
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,10 @@
 version: "2"

 services:
  main:
    build: .
    container_name: "htg2"
    network_mode: "bridge"
    restart: on-failure
    ports:
      - "30313:20202"
--- a/flag.txt
+++ b/flag.txt
@ -1 +1 @@
 GKSK{H0w_d1d_I_n0t_real1ze_such_4_s7up1d_m1sT4k3}
 SlashRootCTF{Th47_15_d3f1Nit3ly_a_5tup1D_m1sT4kE}
--- a/src/system/betatest.cpp
+++ b/src/system/betatest.cpp
@ -1,9 +1,9 @@
 #include "src/system/betatest.hpp"


 std::string BetaTest::betaFlag = "4re_Y0u_53ri0usly_checking_f0r_b3t4_t3sT?";
 std::string BetaTest::betaFlag = "7h1s_i5_n0t_a_b3t4_tE5t_k3y";

 bool BetaTest::check(std::string input)
 {
    return input.compare("GKSK{" + betaFlag + "}") == 0;
    return input.compare("SlashRootCTF{" + betaFlag + "}") == 0;
 }
--- a/src/system/memory.cpp
+++ b/src/system/memory.cpp
@ -4,32 +4,33 @@
 #include <string>
 #include <cstring>

 static const std::string base64_chars = 
             "abcdefghijklmnopqrstuvwxyz"
             "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
             "0123456789+/";
 static const std::string base64_chars =
    "s1XWgtaLvfyEeYUi42Mo36NR9DKrVjbTpPuwHc5lA8dC0OSxzknm7qGJBIZFQh+/";


 static inline bool is_base64(unsigned char c) {
 static inline bool is_base64(unsigned char c)
 {
  return (isalnum(c) || (c == '+') || (c == '/'));
 }

 std::string base64_encode(unsigned char const* bytes_to_encode, unsigned int in_len) {
 std::string base64_encode(unsigned char const *bytes_to_encode, unsigned int in_len)
 {
  std::string ret;
  int i = 0;
  int j = 0;
  unsigned char char_array_3[3];
  unsigned char char_array_4[4];

  while (in_len--) {
  while (in_len--)
  {
    char_array_3[i++] = *(bytes_to_encode++);
    if (i == 3) {
    if (i == 3)
    {
      char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
      char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
      char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);
      char_array_4[3] = char_array_3[2] & 0x3f;

      for(i = 0; (i <4) ; i++)
      for (i = 0; (i < 4); i++)
        ret += base64_chars[char_array_4[i]];
      i = 0;
    }
@ -37,26 +38,25 @@ std::string base64_encode(unsigned char const* bytes_to_encode, unsigned int in_

  if (i)
  {
    for(j = i; j < 3; j++)
    for (j = i; j < 3; j++)
      char_array_3[j] = '\0';

    char_array_4[0] = ( char_array_3[0] & 0xfc) >> 2;
    char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
    char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
    char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);

    for (j = 0; (j < i + 1); j++)
      ret += base64_chars[char_array_4[j]];

    while((i++ < 3))
    while ((i++ < 3))
      ret += '=';

  }

  return ret;

 }

 std::string base64_decode(std::string const& encoded_string) {
 std::string base64_decode(std::string const &encoded_string)
 {
  int in_len = encoded_string.size();
  int i = 0;
  int j = 0;
@ -64,15 +64,18 @@ std::string base64_decode(std::string const& encoded_string) {
  unsigned char char_array_4[4], char_array_3[3];
  std::string ret;

  while (in_len-- && ( encoded_string[in_] != '=') && is_base64(encoded_string[in_])) {
    char_array_4[i++] = encoded_string[in_]; in_++;
    if (i ==4) {
      for (i = 0; i <4; i++)
  while (in_len-- && (encoded_string[in_] != '=') && is_base64(encoded_string[in_]))
  {
    char_array_4[i++] = encoded_string[in_];
    in_++;
    if (i == 4)
    {
      for (i = 0; i < 4; i++)
        char_array_4[i] = base64_chars.find(char_array_4[i]);

      char_array_3[0] = ( char_array_4[0] << 2       ) + ((char_array_4[1] & 0x30) >> 4);
      char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
      char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);
      char_array_3[2] = ((char_array_4[2] & 0x3) << 6) +   char_array_4[3];
      char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3];

      for (i = 0; (i < 3); i++)
        ret += char_array_3[i];
@ -80,14 +83,16 @@ std::string base64_decode(std::string const& encoded_string) {
    }
  }

  if (i) {
  if (i)
  {
    for (j = 0; j < i; j++)
      char_array_4[j] = base64_chars.find(char_array_4[j]);

    char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
    char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);

    for (j = 0; (j < i - 1); j++) ret += char_array_3[j];
    for (j = 0; (j < i - 1); j++)
      ret += char_array_3[j];
  }

  return ret;
@ -95,47 +100,47 @@ std::string base64_decode(std::string const& encoded_string) {

 Player *Memory::loadFromCode(std::string code)
 {
    code = base64_decode(code);
    char playerName[16] = {0};
    int playerHP = 0;
    int playerAtk = 0;
    int playerDef = 0;
    int playerLevel = 0;
    int playerExp = 0;

    int result = sscanf(code.c_str(),
                        "PlayerLevel=%d;PlayerExp=%d;PlayerHP=%d;PlayerAtk=%d;PlayerDef=%d;PlayerName=%15s",
                        &playerLevel,
                        &playerExp,
                        &playerHP,
                        &playerAtk,
                        &playerDef,
                        playerName);

    std::string playerTrueName = playerName;

    if (result == 6)
    {
        return new Player(playerTrueName, playerHP, playerAtk, playerDef, playerLevel, playerExp);
    }
    else
    {
        return nullptr;
    }
  code = base64_decode(code);
  char playerName[16] = {0};
  int playerHP = 0;
  int playerAtk = 0;
  int playerDef = 0;
  int playerLevel = 0;
  int playerExp = 0;

  int result = sscanf(code.c_str(),
                      "PlayerLevel=%d;PlayerExp=%d;PlayerHP=%d;PlayerAtk=%d;PlayerDef=%d;PlayerName=%15s",
                      &playerLevel,
                      &playerExp,
                      &playerHP,
                      &playerAtk,
                      &playerDef,
                      playerName);

  std::string playerTrueName = playerName;

  if (result == 6)
  {
    return new Player(playerTrueName, playerHP, playerAtk, playerDef, playerLevel, playerExp);
  }
  else
  {
    return nullptr;
  }
 }

 std::string Memory::saveToCode(Player *player)
 {
    char code[256];
    snprintf(code, sizeof(code),
             "PlayerLevel=%d;PlayerExp=%d;PlayerHP=%d;PlayerAtk=%d;PlayerDef=%d;PlayerName=%s",
             player->getLevel(),
             player->getExp(),
             player->getMaxHP(),
             player->getAtk(),
             player->getDef(),
             player->getName().c_str());

    return base64_encode(reinterpret_cast<unsigned char *>(code),
                         strlen(code));
  char code[256];
  snprintf(code, sizeof(code),
           "PlayerLevel=%d;PlayerExp=%d;PlayerHP=%d;PlayerAtk=%d;PlayerDef=%d;PlayerName=%s",
           player->getLevel(),
           player->getExp(),
           player->getMaxHP(),
           player->getAtk(),
           player->getDef(),
           player->getName().c_str());

  return base64_encode(reinterpret_cast<unsigned char *>(code),
                       strlen(code));
 }
--- a/BIN
+++ b/BIN