solve/main.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115

#!/usr/bin/env python3

from hashlib import sha1
from base64 import b64encode, b64decode
from secrets import token_hex

from secret import FLAG


KEY = token_hex(16)


def get_mac(data: bytes) -> str:
    return sha1(KEY.encode("latin1") + data).hexdigest()


def parse_token(token: str) -> dict:
    # Decode token
    token = b64decode(token)

    # Check the MAC
    token, mac = token.split(b"|mac=")
    if get_mac(token) != mac.decode("latin1"):
        return None

    # Parse values
    values = dict()
    for part in token.decode("latin1").split("|"):
        key, value = part.split("=")
        values[key] = value
    return values


def generate_token(values: dict) -> str:
    token = "|".join(f"{key}={value}" for key, value in values.items())
    secure_token = f"{token}|mac={get_mac(token.encode('latin1'))}"

    return b64encode(secure_token.encode("latin1")).decode("latin1")


def handle_register():
    name = input("What is you name? ")
    animal = input("What is your favorite animal? ")

    token = generate_token(
        {
            "name": name,
            "animal": animal,
            "admin": "false",
        }
    )

    print("Here is your access token:", token)


def handle_show_animal_videos():
    user_data = parse_token(input("Enter access token: "))

    if user_data is None:
        print("Invalid token.")
        return

    print(
        f"\nHere are some {user_data['animal']} videos for you: https://www.youtube.com/results?search_query=funny+{user_data['animal']}+video+compilation"
    )


def handle_show_flag():
    user_data = parse_token(input("Enter access token: "))

    if user_data is None:
        print("Invalid token.")
        return

    if user_data["admin"] == "true":
        print("The flag is", FLAG)
    else:
        print("You are not an admin.")


def main():
    while True:
        # Show main menu

        print(
            """
        1. Register
        2. Show animal videos
        3. Show flag
        4. Exit
        """
        )

        try:
            choice = int(input("Enter your choice: "))
        except ValueError:
            print("Please enter a number next time.")
            continue
        except EOFError:
            break

        if choice == 1:
            handle_register()
        elif choice == 2:
            handle_show_animal_videos()
        elif choice == 3:
            handle_show_flag()
        elif choice == 4:
            break
        else:
            print("Please enter a valid choice.")


if __name__ == "__main__":
    main()