# hacker_diary_interface by Gabriele Musco (GabMus)"""Copyright (C) 2017 Gab

1. # hacker_diary_interface by Gabriele Musco (GabMus)
2. """
3. Copyright (C) 2017 Gabriele Musco
4.  
5. This program is free software: you can redistribute it and/or modify
6. it under the terms of the GNU General Public License as published by
7. the Free Software Foundation, either version 3 of the License, or
8. (at your option) any later version.
9.  
10. This program is distributed in the hope that it will be useful,
11. but WITHOUT ANY WARRANTY; without even the implied warranty of
12. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13. GNU General Public License for more details.
14.  
15. You should have received a copy of the GNU General Public License
16. along with this program. If not, see <http://www.gnu.org/licenses/>.
17.  
18. """
19.  
20. from urllib import urlencode
21. import requests
22. import time
23. import hashlib
24. import string
25.  
26. from random import randint, choice
27.  
28. token=None
29. flags=dict()
30.  
31. def _makeRequest(server, uri, method, data, token):
32. addr='http://'+server+uri
33. if data and method=='POST':
34. if token:
35. r = requests.post(addr, data=data, headers={'Authorization': 'JWT '+token})
36. else:
37. r = requests.post(addr, data=data)
38. else:
39. if token:
40. r = requests.get(addr, headers={'Authorization': 'JWT '+token})
41. else:
42. r = requests.get(addr)
43. return r.json()
44.  
45. def _register(server, username, password, first_name=None, last_name=None, email=None):
46. data={'username':username, 'password':password}
47. if first_name:
48. data['first_name']=first_name
49. if last_name:
50. data['last_name']=last_name
51. if email:
52. data['email']=email
53. return _makeRequest(server, '/register/', 'POST', data, None)
54.  
55. def _login(server, username, password):
56. data={'username': username, 'password': password}
57. return _makeRequest(server, '/login/', 'POST', data, None)
58.  
59. def _getEntry(server, entryid, token):
60. return _makeRequest(server, '/entries/'+str(entryid), 'GET', None, token)
61.  
62. def _entriesPost(server, token, entry):
63. data={'entry': entry}
64. return _makeRequest(server, '/entries/', 'POST', data, token)
65.  
66. def set_flag(host, port, flag):
67. server=':'.join([host, port])
68. username=hashlib.sha1(''.join(choice(string.ascii_letters + string.digits) for _ in range(20)).encode()).hexdigest()[:10]
69. password=hashlib.sha1(''.join(choice(string.ascii_letters + string.digits) for _ in range(20)).encode()).hexdigest()[:10]
70. _register(server, username, password)
71. loginres=_login(server, username, password)
72. token = loginres['token']
73. entry = _entriesPost(server, token, flag)
74. #flags[entry['hash']]=flag
75. print('*************** setted flag: '+flag)
76. return {'flag_id': entry['id'], 'token': token}
77.  
78. def get_flag(host, port, flag_id, token):
79. server=':'.join([host, port])
80. #print('*************** gotten flag: '+flags[flag_id])
81. entry = _getEntry(server, flag_id, token)
82. return entry["entry"]