diff --git a/CTFd/api/v1/challenges.py b/CTFd/api/v1/challenges.py index e5594999c..c0deb0b02 100644 --- a/CTFd/api/v1/challenges.py +++ b/CTFd/api/v1/challenges.py @@ -473,8 +473,19 @@ def get(self, challenge_id): attempts = Submissions.query.filter_by( account_id=user.account_id, challenge_id=challenge_id ).count() + + is_tryit_challenge = len(Flags.query.filter_by( + challenge_id=chal.id, + type="TryIT").all()) > 0 + + user_id = user.id + + else: attempts = 0 + is_tryit_challenge = False + user_id = 0 + response["solves"] = solve_count response["solved_by_me"] = solved_by_user @@ -493,6 +504,8 @@ def get(self, challenge_id): max_attempts=chal.max_attempts, attempts=attempts, challenge=chal, + is_tryit_challenge=is_tryit_challenge, + user_id=user_id ) db.session.close() diff --git a/CTFd/plugins/daetsiinf_tryit_flag/__init__.py b/CTFd/plugins/daetsiinf_tryit_flag/__init__.py new file mode 100644 index 000000000..64fec91a1 --- /dev/null +++ b/CTFd/plugins/daetsiinf_tryit_flag/__init__.py @@ -0,0 +1,27 @@ +from CTFd.plugins import register_plugin_assets_directory +from CTFd.plugins.flags import FLAG_CLASSES, BaseFlag +from CTFd.utils.user import get_current_user +import hashlib + + +# Represents a flag about +class TryITFlag(BaseFlag): + name = "TryIT" + templates = { # Nunjucks templates used for key editing & viewing + "create": "/plugins/daetsiinf_tryit_flag/assets/create.html", + "update": "/plugins/daetsiinf_tryit_flag/assets/edit.html", + } + + + @staticmethod + def compare(chal_key_obj, provided): + saved = chal_key_obj.content + + expected_flag_content = "%d:%s" % (get_current_user().id, saved) + expected_input = "tryIT{%s}" % hashlib.md5(expected_flag_content.encode('utf-8')).hexdigest() + return expected_input == provided + + +def load(app): + FLAG_CLASSES["TryIT"] = TryITFlag + register_plugin_assets_directory(app, base_path="/plugins/daetsiinf_tryit_flag/assets/") diff --git a/CTFd/plugins/daetsiinf_tryit_flag/assets/create.html b/CTFd/plugins/daetsiinf_tryit_flag/assets/create.html new file mode 100644 index 000000000..d60957b5f --- /dev/null +++ b/CTFd/plugins/daetsiinf_tryit_flag/assets/create.html @@ -0,0 +1,9 @@ + +
+ +
+ diff --git a/CTFd/plugins/daetsiinf_tryit_flag/assets/edit.html b/CTFd/plugins/daetsiinf_tryit_flag/assets/edit.html new file mode 100644 index 000000000..24c727937 --- /dev/null +++ b/CTFd/plugins/daetsiinf_tryit_flag/assets/edit.html @@ -0,0 +1,14 @@ + +
+ +
+ + +
+
+ +
diff --git a/CTFd/themes/core/assets/js/pages/challenges.js b/CTFd/themes/core/assets/js/pages/challenges.js index 27014b6e8..5532a7dd2 100644 --- a/CTFd/themes/core/assets/js/pages/challenges.js +++ b/CTFd/themes/core/assets/js/pages/challenges.js @@ -106,7 +106,10 @@ const displayChal = chal => { }); $("#challenge-submit").click(function(event) { - event.preventDefault(); + if (!document.getElementById("challenge-form").checkValidity()) { + return; + } + $("#challenge-submit").addClass("disabled-button"); $("#challenge-submit").prop("disabled", true); CTFd._internal.challenge diff --git a/CTFd/themes/core/templates/challenge.html b/CTFd/themes/core/templates/challenge.html index d89e95212..459c2e65c 100644 --- a/CTFd/themes/core/templates/challenge.html +++ b/CTFd/themes/core/templates/challenge.html @@ -105,21 +105,34 @@

{% endif %} -
-
- {% block input %} + {% if is_tryit_challenge %} +
+
+ Remember to hash your answer with your user id ({{user_id}})! If you think the answer is emacs_is_awesome, then you have to type tryIT{md5({{user_id}}:emacs_is_awesome)}. More information.

+ Example: tryIT{39d85f9f34b1a4c512dd834925d329ae} +
+
+ {% endif %} + +
+
+
+ {% block input %} + {% if is_tryit_challenge %} + + {% else %} - {% endblock %} -
-
- {% block submit %} - - {% endblock %} + {% endif %} + {% endblock %} +
+
+ {% block submit %} + + {% endblock %} +
-
+