From 309358df5cbebcb73c888d568b36d15df349b8fe Mon Sep 17 00:00:00 2001
From: ts <thomashaw@localhost.localdomain>
Date: Thu, 9 Aug 2018 09:01:27 +0100
Subject: [PATCH] WiP: Math challenge

---
 .../math_challenge/manifests/.no_puppet       |  0
 .../math_challenge/math_challenge.pp          |  0
 .../math_challenge/secgen_local/challenge.rb  | 37 +++++++++++
 .../math_challenge/secgen_local/local.rb      | 17 +++++
 .../math_challenge/secgen_metadata.xml        | 20 ++++++
 .../math_challenge/manifests/install.pp       | 17 +++++
 .../math_challenge/math_challenge.pp          |  1 +
 .../math_challenge/secgen_metadata.xml        | 66 +++++++++++++++++++
 8 files changed, 158 insertions(+)
 create mode 100644 modules/generators/challenges/misc/programming/math_challenge/manifests/.no_puppet
 create mode 100644 modules/generators/challenges/misc/programming/math_challenge/math_challenge.pp
 create mode 100644 modules/generators/challenges/misc/programming/math_challenge/secgen_local/challenge.rb
 create mode 100644 modules/generators/challenges/misc/programming/math_challenge/secgen_local/local.rb
 create mode 100644 modules/generators/challenges/misc/programming/math_challenge/secgen_metadata.xml
 create mode 100644 modules/vulnerabilities/unix/ctf/programming/math_challenge/manifests/install.pp
 create mode 100644 modules/vulnerabilities/unix/ctf/programming/math_challenge/math_challenge.pp
 create mode 100644 modules/vulnerabilities/unix/ctf/programming/math_challenge/secgen_metadata.xml

diff --git a/modules/generators/challenges/misc/programming/math_challenge/manifests/.no_puppet b/modules/generators/challenges/misc/programming/math_challenge/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/math_challenge/math_challenge.pp b/modules/generators/challenges/misc/programming/math_challenge/math_challenge.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/challenges/misc/programming/math_challenge/secgen_local/challenge.rb b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/challenge.rb
new file mode 100644
index 000000000..435026d43
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/challenge.rb
@@ -0,0 +1,37 @@
+#!/usr/bin/ruby
+require 'random'
+require 'timeout'
+
+# Valid operations
+operations = {'add' => '+', 'subtract' => '-'}
+
+# Types - pick a type first + store that, then select random from type
+odd_even = ['odd', 'even']
+begins_with = "begins with #{range(0..9)}"
+ends_with = "ends with #{range(0..9)}"
+
+type = odd_even # +
+
+
+
+puts 'This is an arithmetic test. Time for some quick maths.'
+sleep(0.5)
+puts "Unfortunately our test is not quite as simple as 2 plus 2 that's 4, minus 1 that's 3."
+sleep(0.5)
+puts "This time you need to #{operation} every number that: #{type}."
+sleep (0.5)
+puts 'Here we go....'
+sleep(0.5)
+
+# Calculate
+
+begin
+  Timeout::timeout 5 do
+    answer = gets.chomp
+  end
+rescue Timeout::Error
+  puts 'Too slow!'
+  exit
+end
+
+puts File.read(flag_path)
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/math_challenge/secgen_local/local.rb b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/local.rb
new file mode 100644
index 000000000..e4a9d92f8
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/math_challenge/secgen_local/local.rb
@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+
+require_relative '../../../../../../../lib/objects/local_ruby_challenge_generator.rb'
+class MathChallenge < RubyChallengeGenerator
+
+  def initialize
+    super
+    self.module_name = 'Ruby Example Script Generator'
+  end
+
+  def challenge_content
+    "puts File.read(flag_path)"
+  end
+
+end
+
+MathChallenge.new.run
\ No newline at end of file
diff --git a/modules/generators/challenges/misc/programming/math_challenge/secgen_metadata.xml b/modules/generators/challenges/misc/programming/math_challenge/secgen_metadata.xml
new file mode 100644
index 000000000..abb6477fb
--- /dev/null
+++ b/modules/generators/challenges/misc/programming/math_challenge/secgen_metadata.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+
+<generator xmlns="http://www.github/cliffe/SecGen/generator"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xsi:schemaLocation="http://www.github/cliffe/SecGen/generator">
+  <name>Ruby Math Challenge Generator</name>
+  <author>Thomas Shaw</author>
+  <module_license>MIT</module_license>
+  <description>TODO</description>
+
+  <type>ruby_script_challenge</type>
+  <type>programming_challenge</type>
+  <type>ctf_challenge</type>
+
+  <platform>linux</platform>
+  <platform>windows</platform>
+
+  <output_type>script</output_type>
+
+</generator>
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/ctf/programming/math_challenge/manifests/install.pp b/modules/vulnerabilities/unix/ctf/programming/math_challenge/manifests/install.pp
new file mode 100644
index 000000000..173d133c3
--- /dev/null
+++ b/modules/vulnerabilities/unix/ctf/programming/math_challenge/manifests/install.pp
@@ -0,0 +1,17 @@
+class math_challenge::install {
+  $secgen_params = secgen_functions::get_parameters($::base64_inputs_file)
+  $challenge_name = $secgen_params['challenge_name'][0]
+
+  ::secgen_functions::install_setgid_script { $challenge_name:
+    source_module_name => $module_name,
+    challenge_name     => $challenge_name,
+    script_name        => "$challenge_name  .rb",
+    script_data        => $secgen_params['script_data'],
+    group              => $secgen_params['group'],
+    account            => $secgen_params['account'],
+    flag               => $secgen_params['flag'],
+    port               => $secgen_params['port'],
+    storage_directory  => $secgen_params['storage_directory'],
+    strings_to_leak    => $secgen_params['strings_to_leak'],
+  }
+}
diff --git a/modules/vulnerabilities/unix/ctf/programming/math_challenge/math_challenge.pp b/modules/vulnerabilities/unix/ctf/programming/math_challenge/math_challenge.pp
new file mode 100644
index 000000000..7bf010122
--- /dev/null
+++ b/modules/vulnerabilities/unix/ctf/programming/math_challenge/math_challenge.pp
@@ -0,0 +1 @@
+include ruby_challenge_example::install
diff --git a/modules/vulnerabilities/unix/ctf/programming/math_challenge/secgen_metadata.xml b/modules/vulnerabilities/unix/ctf/programming/math_challenge/secgen_metadata.xml
new file mode 100644
index 000000000..f1862bac2
--- /dev/null
+++ b/modules/vulnerabilities/unix/ctf/programming/math_challenge/secgen_metadata.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0"?>
+
+<vulnerability xmlns="http://www.github/cliffe/SecGen/vulnerability"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="http://www.github/cliffe/SecGen/vulnerability">
+  <name>Math Challenge</name>
+  <author>Thomas Shaw</author>
+  <module_license>MIT</module_license>
+  <description>Ruby challenge example</description>
+
+  <type>ctf_challenge</type>
+  <type>programming_challenge</type>
+  <type>script_challenge</type>
+  <privilege>none</privilege>
+  <access>local</access>
+  <platform>linux</platform>
+
+  <!-- script dropped in account's home directory by default with setuid configuration. -->
+  <read_fact>challenge_name</read_fact>
+  <read_fact>script_data</read_fact>
+  <read_fact>account</read_fact>
+  <read_fact>flag</read_fact>
+  <!-- group: Blank by default. Uses challenge name as group name unless explicitly provided. -->
+  <read_fact>group</read_fact>
+  <!-- storage_directory: Blank by default. If supplied, store the files here. e.g. NFS or SMB storage location -->
+  <read_fact>storage_directory</read_fact>
+  <!--  port: Blank by default. If supplied install script challenge as xinetd program running on given port -->
+  <read_fact>port</read_fact>
+
+  <default_input into="challenge_name">
+    <value>math_challenge</value>
+  </default_input>
+  <default_input into="script_data">
+    <generator module_path=".*math_challenge_generator"/>
+  </default_input>
+  <default_input into="account">
+    <generator type="account">
+      <input into="username">
+        <value>challenges</value>
+      </input>
+      <input into="password">
+        <value>password</value>
+      </input>
+    </generator>
+  </default_input>
+  <default_input into="flag">
+    <generator type="flag_generator"/>
+  </default_input>
+
+  <requires>
+    <module_path>utilities/unix/system/accounts</module_path>
+  </requires>
+
+  <requires>
+    <module_path>utilities/unix/system/binary_script_container</module_path>
+  </requires>
+
+  <requires>
+    <module_path>utilities/unix/languages/ruby</module_path>
+  </requires>
+
+  <requires>
+    <module_path>utilities/unix/system/xinetd</module_path>
+  </requires>
+
+</vulnerability>