1 files changed, 114 insertions, 0 deletions

diff --git a/iv/orodja/napad/genconfig.sh b/iv/orodja/napad/genconfig.sh
new file mode 100755
index 0000000..825da18
--- /dev/null
+++ b/iv/orodja/napad/genconfig.sh
@@ -0,0 +1,114 @@
+#!/bin/bash
+set -xeuo pipefail
+statusresp=`curl --fail-with-body --no-progress-meter https://ad.ecsc2024.it/api/status`
+starttime=`jq --raw-output .start <<<"$statusresp"`
+roundtime=`jq --raw-output .roundTime <<<"$statusresp"`
+team_names=`jq --raw-output .teams.[].shortname <<<"$statusresp" | tr $'\n' ' '`
+team_numbers=`jq --raw-output .teams.[].id <<<"$statusresp" | tr $'\n' ' '`
+services=`jq --raw-output .services.[].shortname <<<"$statusresp" | tr $'\n' ' '`
+cat <<EOF
+# THIS CONFIG IS AUTOGENERATED BY genconfig.sh, edit config values there!
+# Common config for exploit.sh, submission.py and nadzor.py
+# It is to be sourced. It only sets environment variables.
+
+# ==========================
+# ========= COMMON =========
+
+export SUBMISSION_PORT=21502
+
+# ==========================
+# ======= EXPLOIT.SH =======
+
+# Additional help text
+export EXPLOIT_ADDITIONAL_HELP_TEXT="Services: $services"
+
+# This regex is used to grep -Eo flags from stdout of exploits before submitting them
+export FLAG_REGEX_SEARCH="[A-Za-z0-9]{31}="
+
+# Where can exploit.sh find submission.py. Port is a common setting.
+export SUBMISSION_HOST=localhost
+### export SUBMISSION_HOST=k.4a.si
+
+# Must be precise, not less than round duration. Used to calculate round id.
+export ROUND_DURATION=$roundtime
+
+# When does the game start (in UTC). Used to calculate current round id.
+export GAME_START=$starttime
+
+# Team numbers to attack
+export GAME_TEAMS="$team_numbers"
+###export GAME_TEAMS={0..10}
+EOF
+cat <<'EOF'
+# Flag IDs URL
+game_flag_ids_url()
+{
+	echo http://splet.4a.si/dir/flagids.txt
+	### echo "http://10.10.0.1:8081/flagIds?service=$1&team=$2&round=$3"
+}
+export -f game_flag_ids_url
+
+# Target IP from ID
+game_target_ip()
+{
+	echo 10.69.69.$1
+	### echo 10.60.$1.1
+}
+export -f game_target_ip
+
+# NOP TEAM ID
+export GAME_NOP_TEAM=0
+
+# For how many non-current rounds are flags valid at a time?
+# It doesn't make sense for this to be less than 0.
+# Setting to 0 means only the current round is valid.
+export GAME_VALID_ROUNDS=4
+
+# Function exploit.sh should call on errors.
+# Args:	service	team	pwd	usr@pc	message
+# 	1	2	3	4	5
+exploit_error_handler()
+{
+	notify-send --version > /dev/null && notify-send "exploit.sh ERROR" "$5" --urgency critical
+}
+export -f exploit_error_handler
+
+# Max exploit execution time
+export EXPLOIT_TIMEOUT=5
+
+# ==========================
+# ====== SUBMISSION.PY =====
+
+# This regex is used to verify flags before storing them
+# It can be .*, no problem, just make sure you're then not sending invalid flags
+# to submission TCP -- you shouldn't anyways, as submission expects flags neatly
+# line by line, it will not clean up random bullshit.
+# Don't just send exploit stdout to submission, use exploit.sh!
+export FLAG_REGEX_MATCH="^[A-Z0-9]{31}=$"
+
+# Where to store flags -- sqlite3 db
+export SUBMISSION_DB=flags.db
+
+# How much flags to send in one request.
+# With 2560, if it takes 37 bytes per flag, 2560*37=94720
+# Ostane nam torej še dobrih 5280 za headerje,
+# če je request limited na 100 kB
+export SUBMISSION_MAX_FLAGS=2560
+
+# PUT request, ECSC 2024 AD style
+export SUBMISSION_URL=http://z.4a.si/dir/submit.php
+### export SUBMISSION_URL=http://10.10.0.1:8080/flags
+
+# How many seconds to delay after a successful submission.
+# With 15, we send at most 4 requests per minute out of 15 allowed.
+export SUBMISSION_DELAY=15
+
+# This is sent in X-Team-Token in requests to SUBMISSION_URL
+export SUBMISSION_TEAM_TOKEN=e5152d70a4d18093cae8844f4e959cf1
+
+# Where to bind to. Use SUBMISSION_PORT in common settings for port.
+export SUBMISSION_BIND=::
+
+# ==========================
+# ======== NADZOR.PY =======
+EOF