Created
August 19, 2024 18:21
-
-
Save ConnorNelson/b9eb167663f2ced756ded231315bcdf0 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| import hashlib | |
| import os | |
| from datetime import datetime | |
| from pathlib import Path | |
| from functools import wraps | |
| FLAG_SHA256_PATH = Path('/challenge/.flag.sha256') | |
| FLAG_PATH = Path('/flag') | |
| TIMER_PATH = Path('/run/dojo/flag.timer') | |
| INTERVAL = 5 # seconds | |
| def ratelimit(interval): | |
| def decorator(func): | |
| @wraps(func) | |
| def wrapper(*args, **kwargs): | |
| if os.geteuid() != 0: | |
| print("Error: permission denied") | |
| sys.exit(1) | |
| while True: | |
| if TIMER_PATH.exists() and TIMER_PATH.stat().st_uid != 0: | |
| TIMER_PATH.unlink() | |
| TIMER_PATH.touch() | |
| continue | |
| break | |
| if TIMER_PATH.exists(): | |
| last_run_time = TIMER_PATH.stat().st_mtime | |
| current_time = datetime.now().timestamp() | |
| if current_time - last_run_time < interval: | |
| next_run_time = last_run_time + interval | |
| wait_time = int(next_run_time - current_time) | |
| print(f"Error: you can only run flag every {interval}s, try again in {wait_time}s") | |
| sys.exit(1) | |
| result = func(*args, **kwargs) | |
| TIMER_PATH.touch() | |
| return result | |
| return wrapper | |
| return decorator | |
| @ratelimit(interval=5) | |
| def main(): | |
| if not FLAG_SHA256_PATH.exists(): | |
| print("Error: this challenge does not have a static flag") | |
| sys.exit(1) | |
| if sys.stdin.isatty(): | |
| sys.stdout.write("Flag: ") | |
| sys.stdout.flush() | |
| user_input = sys.stdin.read().strip() | |
| user_input_hash = hashlib.sha256(user_input.strip().encode()).hexdigest() | |
| expected_hash = FLAG_SHA256_PATH.read_text().strip() | |
| if user_input_hash == expected_hash: | |
| print(FLAG_PATH.read_text().strip()) | |
| else: | |
| print("Error: incorrect flag") | |
| sys.exit(1) | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment