commit 76bc7273b64450dde8dc634f2247cdc30a78ba7f
parent ae2a0897dbb00977e384076b5abc5daa3d542081
Author: Louis Burda <quent.burda@gmail.com>
Date: Thu, 10 Jun 2021 21:36:17 +0200
added code to stress-test of service and search for memory leaks
Diffstat:
4 files changed, 171 insertions(+), 13 deletions(-)
diff --git a/checker/.gitignore b/checker/.gitignore
@@ -1,3 +1,4 @@
data/
venv/
.data/
+fails
diff --git a/checker/enoreq.py b/checker/enoreq.py
@@ -0,0 +1,116 @@
+import argparse
+import hashlib
+import sys
+
+import jsons
+import requests
+from enochecker_core import CheckerMethod, CheckerResultMessage, CheckerTaskMessage
+
+TASK_TYPES = [str(i) for i in CheckerMethod]
+
+
+def add_arguments(parser: argparse.ArgumentParser) -> None:
+ _add_arguments(parser, hide_checker_address=True)
+
+
+def _add_arguments(parser: argparse.ArgumentParser, hide_checker_address=False) -> None:
+ parser.add_argument("method", choices=TASK_TYPES, help="One of {} ".format(TASK_TYPES))
+ if not hide_checker_address:
+ parser.add_argument("-A", "--checker_address", type=str, default="http://localhost", help="The URL of the checker")
+ parser.add_argument("-i", "--task_id", type=int, default=1, help="An id for this task. Must be unique in a CTF.")
+ parser.add_argument("-a", "--address", type=str, default="localhost", help="The ip or address of the remote team to check")
+ parser.add_argument("-j", "--json", type=bool, default=False, help="Raw JSON output")
+ parser.add_argument("-T", "--team_id", type=int, default=1, help="The Team_id belonging to the specified Team")
+ parser.add_argument("-t", "--team_name", type=str, default="team1", help="The name of the target team to check")
+ parser.add_argument("-r", "--current_round_id", type=int, default=1, help="The round we are in right now")
+ parser.add_argument(
+ "-R",
+ "--related_round_id",
+ type=int,
+ default=1,
+ help="The round in which the flag or noise was stored when method is getflag/getnoise. Equal to current_round_id otherwise.",
+ )
+ parser.add_argument("-f", "--flag", type=str, default="ENOFLAGENOFLAG=", help="The flag for putflag/getflag or the flag to find in exploit mode")
+ parser.add_argument("-v", "--variant_id", type=int, default=0, help="The variantId for the method being called")
+ parser.add_argument(
+ "-x", "--timeout", type=int, default=30000, help="The maximum amount of time the script has to execute in milliseconds (default 30 000)"
+ )
+ parser.add_argument("-l", "--round_length", type=int, default=300000, help="The round length in milliseconds (default 300 000)")
+ parser.add_argument(
+ "-I",
+ "--task_chain_id",
+ type=str,
+ default=None,
+ help="A unique Id which must be identical for all related putflag/getflag calls and putnoise/getnoise calls",
+ )
+ parser.add_argument("--flag_regex", type=str, default=None, help="A regular expression matched by the flag, used only when running the exploit method")
+ parser.add_argument(
+ "--attack_info", type=str, default=None, help="The attack info returned by the corresponding putflag, used only when running the exploit method"
+ )
+
+
+def task_message_from_namespace(ns: argparse.Namespace) -> CheckerTaskMessage:
+ task_chain_id = ns.task_chain_id
+ method = CheckerMethod(ns.method)
+ if not task_chain_id:
+ option = None
+ if method in (CheckerMethod.PUTFLAG, CheckerMethod.GETFLAG):
+ option = "flag"
+ elif method in (CheckerMethod.PUTNOISE, CheckerMethod.GETNOISE):
+ option = "noise"
+ elif method == CheckerMethod.HAVOC:
+ option = "havoc"
+ elif method == CheckerMethod.EXPLOIT:
+ option = "exploit"
+ else:
+ raise ValueError(f"Unexpected CheckerMethod: {method}")
+ task_chain_id = f"{option}_s0_r{ns.related_round_id}_t{ns.team_id}_i{ns.variant_id}"
+
+ flag_hash = None
+ if method == CheckerMethod.EXPLOIT:
+ flag_hash = hashlib.sha256(ns.flag.encode()).hexdigest()
+
+ msg = CheckerTaskMessage(
+ task_id=ns.task_id,
+ method=method,
+ address=ns.address,
+ team_id=ns.team_id,
+ team_name=ns.team_name,
+ current_round_id=ns.current_round_id,
+ related_round_id=ns.related_round_id,
+ flag=ns.flag if method != CheckerMethod.EXPLOIT else None,
+ variant_id=ns.variant_id,
+ timeout=ns.timeout,
+ round_length=ns.round_length,
+ task_chain_id=task_chain_id,
+ flag_regex=ns.flag_regex,
+ flag_hash=flag_hash,
+ attack_info=ns.attack_info,
+ )
+
+ return msg
+
+
+def json_task_message_from_namespace(ns: argparse.Namespace) -> str:
+ return jsons.dumps(task_message_from_namespace(ns), use_enum_name=False, key_transformer=jsons.KEY_TRANSFORMER_CAMELCASE, strict=True)
+
+
+def main() -> None:
+ parser = argparse.ArgumentParser(description="Your friendly checker script")
+ _add_arguments(parser)
+ ns = parser.parse_args(sys.argv[1:])
+ msg = json_task_message_from_namespace(ns)
+
+ result = requests.post(ns.checker_address, data=msg,
+ headers={"content-type": "application/json"},)
+ if ns.json:
+ print(result.text)
+ else:
+ if result.ok:
+ result_msg = jsons.loads(result.content, CheckerResultMessage)
+ print(result_msg.result)
+ else:
+ print(result.status_code)
+ print(result.text)
+
+main()
diff --git a/checker/src/checker.py b/checker/src/checker.py
@@ -423,4 +423,4 @@ class STLDoctorChecker(BaseChecker):
app = STLDoctorChecker.service # This can be used for uswgi.
if __name__ == "__main__":
- run(STLDoctorChecker, debug=False)
+ run(STLDoctorChecker)
diff --git a/checker/test.sh b/checker/test.sh
@@ -6,27 +6,53 @@ SCRIPTPATH="$(dirname $(readlink -f "$0"))"
cd "$SCRIPTPATH"
export REVHASH_PATH="$SCRIPTPATH/src/revhash/revhash"
+nop() { :; }
+
+splitmsg() {
+ python3 -c "
+import json,sys
+
+try:
+ instr = sys.stdin.read().strip()
+ jres = json.loads(instr)
+ print(jres['result'])
+ print(jres['message'])
+except:
+ print('INVALID')
+ print('INVALID')
+ print('FAIL:', instr, file=sys.stderr)
+ " || nop
+}
+
try() {
cmd="$1"
+ tmpfile="/tmp/checker-log-$BASHPID"
+ [ -e "$tmpfile" ] && rm "$tmpfile"
if [ $# -lt 2 ]; then
variant=0
else
variant=$2
fi
- echo "Executing $cmd with variant $variant.."
- python3 src/checker.py -j run -v "$variant" -x 4000 \
- --flag ENOTESTFLAG123= --flag_regex 'ENO.*=' \
- ${@:3} "$cmd" | tee /tmp/checker-log
- [ -z "$(cat /tmp/checker-log | grep OK)" ] && exit 1
+ if [ ! -z "$REMOTE" ]; then
+ python3 enoreq.py -j True -A http://localhost:9091 -a $REMOTE \
+ --flag ENOTESTFLAG123= --flag_regex 'ENO.*=' \
+ -x 4000 ${@:3} "$cmd" > "$tmpfile"
+ else
+ python3 src/checker.py -j run -v "$variant" -x 4000 \
+ --flag ENOTESTFLAG123= --flag_regex 'ENO.*=' \
+ ${@:3} "$cmd" > "$tmpfile"
+ fi
+ res="$(cat $tmpfile | splitmsg | head -n1)"
+ if [ "$res" != "OK" ]; then
+ newfile="fails/err-$(ls fails | wc -l)"
+ (echo "METHOD $@"; cat "$tmpfile") > "$newfile"
+ echo "[ $(date '+%T %F') ] ERROR >>>> $newfile"
+ cat "$tmpfile"
+ fi
+ echo -ne "Executing $cmd with variant $variant.. $res\n"
}
-
-if [ $# -ge 2 ]; then
- try $@
-elif [ "$1" == "test-exploits" ]; then
- try exploit 0
- try exploit 1
-else
+try-all() {
try putflag 0
try getflag 0
@@ -46,6 +72,21 @@ else
try exploit 0
try exploit 1
+}
+
+if [ $# -ge 2 ]; then
+ try $@
+elif [ "$1" == "test-exploits" ]; then
+ try exploit 0
+ try exploit 1
+elif [ "$1" == "stress-test" ]; then
+ mkdir -p fails
+ while [ 1 ]; do
+ try-all &
+ sleep 2
+ done
+else
+ try-all
fi
exit 0
