-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathsubmit.py
More file actions
executable file
·75 lines (66 loc) · 2.6 KB
/
submit.py
File metadata and controls
executable file
·75 lines (66 loc) · 2.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/usr/bin/env python
###############################################################################
# Git-based CTF
###############################################################################
#
# Author: SeongIl Wi <seongil.wi@kaist.ac.kr>
# Jaeseung Choi <jschoi17@kaist.ac.kr>
# Sang Kil Cha <sangkilc@kaist.ac.kr>
#
# Copyright (c) 2018 SoftSec Lab. KAIST
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import sys
import json
from git import list_branches
from verify_exploit import verify_exploit
from crypto import encrypt_exploit
from issue import submit_issue
from utils import rmfile, load_config, prompt_checkout_warning
from github import Github
def submit(exploit_dir, service_dir, branch, target, config_file, token=None):
config = load_config(config_file)
timeout = config["exploit_timeout"]["exercise_phase"]
prompt_checkout_warning(service_dir)
verified_branch = None
result, _ = verify_exploit(exploit_dir, service_dir, branch, timeout, config)
if result:
verified_branch = branch
if verified_branch is None :
print("[*] Your exploit did not work against any of the branch")
sys.exit()
print("[*] Your exploit has been verified against branch '%s'"
% verified_branch)
# Not encrypt exploit
signer = config["player"]
encrypted_exploit = encrypt_exploit(exploit_dir, target, config, signer)
if encrypted_exploit is None:
print "[*] Failed to encrypt exploit"
sys.exit(0)
# Submit an issue with the encrypted exploit
issue_title = "exploit-%s" % verified_branch
github = Github(config["player"], token)
submit_issue(issue_title, encrypted_exploit, target, config, github)
# Clean up
rmfile(encrypted_exploit)
if __name__ == "__main__":
if len(sys.argv) != 5:
print("Usage: %s [exploit dir] [service dir] [branch] [team] [config]" %
sys.argv[0])
sys.exit()
exploit_dir = sys.argv[1]
service_dir = sys.argv[2]
branch = sys.argv[3]
target = sys.argv[4]
config = sys.argv[5]
submit(exploit_dir, service_dir, branch, target, config)