Repository: CyberDiscovery/cyberdisc-bot Branch: master Commit: 4a6b6c1e92e9 Files: 41 Total size: 493.5 KB Directory structure: gitextract_cksaviai/ ├── .dockerignore ├── .github/ │ ├── CODEOWNERS │ ├── ISSUE_TEMPLATE/ │ │ ├── bug_report.md │ │ ├── emoji_request.md │ │ └── feature_request.md │ ├── dependabot.yml │ ├── labels.json │ ├── labels.yaml │ └── workflows/ │ ├── build.yml │ ├── codeql-analysis.yml │ ├── create-labels.yml │ ├── label-pull-requests.yml │ ├── lint.yml │ ├── stale.yml │ └── test-results.yml ├── .gitignore ├── .security.txt ├── CODE_OF_CONDUCT.md ├── Dockerfile ├── LICENSE ├── README.md ├── SECURITY.md ├── cdbot/ │ ├── __init__.py │ ├── __main__.py │ ├── bot.py │ ├── cogs/ │ │ ├── admin.py │ │ ├── cyber.py │ │ ├── fun.py │ │ ├── general.py │ │ ├── help.py │ │ └── maths.py │ ├── constants.py │ ├── data/ │ │ ├── assess.json │ │ ├── game.json │ │ ├── legacy/ │ │ │ ├── game.json │ │ │ └── headquarters2018.json │ │ └── readme.json │ └── log.py ├── docker-compose.yml ├── pyproject.toml └── tox.ini ================================================ FILE CONTENTS ================================================ ================================================ FILE: .dockerignore ================================================ .github .vscode azure-pipelines .gitignore .security.txt CODE_OF_CONDUCT.md deployment.yaml docker-compose.yml LICENSE README.md requirements-ci.txt SECURITY.md tox.ini ================================================ FILE: .github/CODEOWNERS ================================================ # To require the approval of the server staff as well as that of the technical community developer team * @CyberDiscovery/server-admin-team ================================================ FILE: .github/ISSUE_TEMPLATE/bug_report.md ================================================ --- name: Bug report about: Create a report to help us improve title: '' labels: bug assignees: '' --- **Describe the bug** A clear and concise description of what the bug is. **To Reproduce** Steps to reproduce the behavior: 1. Use command '...' 2. See error **Expected behavior** A clear and concise description of what you expected to happen. **Screenshots** If applicable, add screenshots to help explain your problem. **Additional context** Add any other context about the problem here. ================================================ FILE: .github/ISSUE_TEMPLATE/emoji_request.md ================================================ --- name: Emoji Reaction Request about: Request the addition of an automatic emoji reaction title: '' labels: enhancement assignees: '' --- **Reaction Trigger** What text should cause the reaction? **Reaction Emoji** What emojis should be reacted to the message? **Explanation** Why should we add this? What does this reaction reference? Do note that references only a couple of people understand may not be suitable. ================================================ FILE: .github/ISSUE_TEMPLATE/feature_request.md ================================================ --- name: Feature request about: Suggest an idea for this project title: '' labels: enhancement assignees: '' --- **Is your feature request related to a problem? Please describe.** A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] **Describe the solution you'd like** A clear and concise description of what you want to happen. **Describe alternatives you've considered** A clear and concise description of any alternative solutions or features you've considered. **Additional context** Add any other context or screenshots about the feature request here. ================================================ FILE: .github/dependabot.yml ================================================ version: 2 updates: - package-ecosystem: pip directory: "/" schedule: interval: daily open-pull-requests-limit: 10 reviewers: - thebeanogamer ================================================ FILE: .github/labels.json ================================================ [ { "name": "duplicate", "color": "26282a", "description": "This issue or pull request already exists" }, { "name": "enhancement", "color": "105a5b", "description": "New feature or request" }, { "name": "help wanted", "color": "008672", "description": "Extra attention is needed" }, { "name": "meta", "color": "07a45d", "description": "Related to this repo, rather than the bot" }, { "name": "question", "color": "66176f", "description": "Further information is requested" }, { "name": "admin", "color": "1e3a21", "description": "Changes to the admin cog" }, { "name": "actions", "color": "ff355e", "description": "Changes to GitHub Actions" }, { "name": "cyber", "color": "ff9933", "description": "Changes to the cyber cog" }, { "name": "fun", "color": "ffff66", "description": "Changes to the fun cog" }, { "name": "general", "color": "66ff66", "description": "Changes to the general cog" }, { "name": "module", "color": "50bfe6", "description": "Changes to the bot module" }, { "name": "labels", "color": "5946b2", "description": "Changes to GitHub labels" }, { "name": "issue", "color": "24601e", "description": "Problems with the server or infrastructure" }, { "name": "stale", "color": "ee34D2", "description": "Inactive topics" }, { "name": "dependencies", "color": "035fc7", "description": "Update or change dependencies" }, { "name": "maths", "color": "03aaaa", "description": "Changes to the maths cog" }, { "name": "bug", "color": "ff5d40", "description": "Errors in the source code" } ] ================================================ FILE: .github/labels.yaml ================================================ meta: - .github/* - .github/**/* - .gitignore - .security.txt - CODE_OF_CONDUCT.md - LICENSE - README.md - SECURITY.md actions: - .github/*.yml - .github/**/*.yml - azure-pipelines/* - azure-pipelines/**/* - Dockerfile - docker-compose.yml - deployment.yaml labels: - .github/labels.json admin: - cdbot/cogs/admin.py cyber: - cdbot/cogs/cyber.py maths: - cdbot/cogs/maths.py fun: - cdbot/cogs/fun.py general: - cdbot/cogs/general.py module: - cdbot/__init__.py - cdbot/__main__.py - cdbot/bot.py - cdbot/constants.py - cdbot/log.py - cdbot/data/* - cdbot/data/**/* - cdbot/resources/* - cdbot/resources/**/* - pyproject.toml - poetry.lock dependencies: - poetry.lock ================================================ FILE: .github/workflows/build.yml ================================================ name: Build Docker Container on: push jobs: build: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v2 - name: Build Docker Container run: docker build -t cyberdiscovery/cdbot:latest -t ghcr.io/cyberdiscovery/cdbot:latest . - name: Create Sentry release uses: getsentry/action-release@v1 if: github.ref == 'refs/heads/master' env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ secrets.SENTRY_ORG }} SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} - name: Login to Docker Hub run: docker login --username ${{ secrets.docker_username }} --password ${{ secrets.docker_password }} if: github.ref == 'refs/heads/master' - name: Login to Github Container Registry run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin if: github.ref == 'refs/heads/master' - name: Push to Docker Hub run: docker push cyberdiscovery/cdbot:latest if: github.ref == 'refs/heads/master' - name: Push to Github Container Registry run: docker push ghcr.io/cyberdiscovery/cdbot:latest if: github.ref == 'refs/heads/master' - name: Trigger restart run: curl -s ${{ secrets.release_url }} if: github.ref == 'refs/heads/master' ================================================ FILE: .github/workflows/codeql-analysis.yml ================================================ name: "Code scanning" on: push: branches: [ master ] pull_request: branches: [ master ] schedule: - cron: '43 5 * * 0' jobs: CodeQL-Build: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v2 with: fetch-depth: 2 - run: git checkout HEAD^2 if: ${{ github.event_name == 'pull_request' }} - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: languages: python - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1 ================================================ FILE: .github/workflows/create-labels.yml ================================================ on: issues name: Create Default Labels jobs: labels: name: DefaultLabelsActions runs-on: ubuntu-latest steps: - uses: actions/checkout@1.0.0 - uses: lannonbr/issue-label-manager-action@2.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ================================================ FILE: .github/workflows/label-pull-requests.yml ================================================ name: "Pull Request Labeler" on: schedule: - cron: "*/15 * * * *" jobs: execute: runs-on: ubuntu-latest steps: - uses: jpmcb/prow-github-actions@v1.0.0 with: jobs: 'pr-labeler' github-token: "${{ secrets.GITHUB_TOKEN }}" ================================================ FILE: .github/workflows/lint.yml ================================================ name: Lint on: push jobs: test: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v2 - uses: actions/setup-python@v2 with: python-version: '3.9' - name: Cache Python modules uses: actions/cache@v1 env: cache-name: cache-node-modules with: path: ~/.pip key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/poetry.lock') }} restore-keys: | ${{ runner.os }}-build-${{ env.cache-name }}- ${{ runner.os }}-build- ${{ runner.os }}- - name: Install Poetry run: curl -sSL https://install.python-poetry.org | python3 - - name: Disable Virtualenvs run: $HOME/.local/bin/poetry config virtualenvs.create false - name: Install Python Dependencies run: $HOME/.local/bin/poetry install --no-interaction --no-ansi env: PIP_CACHE_DIR: ~/.pip - name: Run flake8 run: python -m flake8 . | tee flake8.xml - name: Upload JUnit uses: actions/upload-artifact@v2 with: name: Event File path: flake8.xml ================================================ FILE: .github/workflows/stale.yml ================================================ name: "Close stale issues" on: schedule: - cron: "0 0 * * *" jobs: stale: runs-on: ubuntu-latest steps: - uses: actions/stale@v1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days' stale-pr-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days' days-before-stale: 30 days-before-close: 5 ================================================ FILE: .github/workflows/test-results.yml ================================================ name: Unit Test Results on: workflow_run: workflows: ["Lint"] types: - completed jobs: unit-test-results: name: Unit Test Results runs-on: ubuntu-latest if: github.event.workflow_run.conclusion != 'skipped' steps: - name: Download and Extract Artifacts env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} run: | mkdir -p artifacts && cd artifacts artifacts_url=${{ github.event.workflow_run.artifacts_url }} gh api "$artifacts_url" -q '.artifacts[] | [.name, .archive_download_url] | @tsv' | while read artifact do IFS=$'\t' read name url <<< "$artifact" gh api $url > "$name.zip" unzip -d "$name" "$name.zip" done - name: Publish Unit Test Results uses: EnricoMi/publish-unit-test-result-action@v1 with: commit: ${{ github.event.workflow_run.head_sha }} files: "artifacts/**/*.xml" ================================================ FILE: .gitignore ================================================ # Changes to the lockfile should be deliberate poetry.lock # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] *$py.class # C extensions *.so # Distribution / packaging .Python build/ develop-eggs/ dist/ downloads/ eggs/ .eggs/ lib/ lib64/ parts/ sdist/ var/ wheels/ *.egg-info/ .installed.cfg *.egg MANIFEST # PyInstaller # Usually these files are written by a python script from a template # before PyInstaller builds the exe, so as to inject date/other infos into it. *.manifest *.spec # Installer logs pip-log.txt pip-delete-this-directory.txt # Unit test / coverage reports htmlcov/ .tox/ .coverage .coverage.* .cache nosetests.xml coverage.xml *.cover .hypothesis/ .pytest_cache/ # Translations *.mo *.pot # Django stuff: *.log local_settings.py db.sqlite3 # Flask stuff: instance/ .webassets-cache # Scrapy stuff: .scrapy # Sphinx documentation docs/_build/ # PyBuilder target/ # Jupyter Notebook .ipynb_checkpoints # pyenv .python-version # celery beat schedule file celerybeat-schedule # SageMath parsed files *.sage.py # Environments .env .venv env/ venv/ ENV/ env.bak/ venv.bak/ # Spyder project settings .spyderproject .spyproject # Rope project settings .ropeproject # Sublime Text project settings *.sublime-project # mkdocs documentation /site # mypy .mypy_cache/ # Virtualenv .Python [Bb]in [Ii]nclude [Ll]ib [Ll]ib64 [Ll]ocal [Ss]cripts pyvenv.cfg .venv pip-selfcheck.json tcl share # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 # User-specific stuff .idea/**/workspace.xml .idea/**/tasks.xml .idea/**/usage.statistics.xml .idea/**/dictionaries .idea/**/shelf .idea # Sensitive or high-churn files .idea/**/dataSources/ .idea/**/dataSources.ids .idea/**/dataSources.local.xml .idea/**/sqlDataSources.xml .idea/**/dynamic.xml .idea/**/uiDesigner.xml .idea/**/dbnavigator.xml # Gradle .idea/**/gradle.xml .idea/**/libraries # Gradle and Maven with auto-import # When using Gradle or Maven with auto-import, you should exclude module files, # since they will be recreated, and may cause churn. Uncomment if using # auto-import. # .idea/modules.xml # .idea/*.iml # .idea/modules # CMake cmake-build-*/ # Mongo Explorer plugin .idea/**/mongoSettings.xml # File-based project format *.iws # IntelliJ out/ # mpeltonen/sbt-idea plugin .idea_modules/ # JIRA plugin atlassian-ide-plugin.xml # Cursive Clojure plugin .idea/replstate.xml # Crashlytics plugin (for Android Studio and IntelliJ) com_crashlytics_export_strings.xml crashlytics.properties crashlytics-build.properties fabric.properties # Editor-based Rest Client .idea/httpRequests # deploy ssh key id_rsa # Flake output flake8.xml # VS Code .vscode/* secret-creds.yaml ================================================ FILE: .security.txt ================================================ Contact: thebeanogamer@gmail.com Encryption: https://keybase.io/thebeanogamer/pgp_keys.asc Preferred-Languages: en Canonical: https://raw.githubusercontent.com/CyberDiscovery/cyberdisc-bot/master/.security.txt Policy: https://github.com/CyberDiscovery/cyberdisc-bot/blob/master/SECURITY.md ================================================ FILE: CODE_OF_CONDUCT.md ================================================ # Contributor Covenant Code of Conduct ## Our Pledge In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation. ## Our Standards Examples of behavior that contributes to creating a positive environment include: * Using welcoming and inclusive language * Being respectful of differing viewpoints and experiences * Gracefully accepting constructive criticism * Focusing on what is best for the community * Showing empathy towards other community members Examples of unacceptable behavior by participants include: * The use of sexualized language or imagery and unwelcome sexual attention or advances * Trolling, insulting/derogatory comments, and personal or political attacks * Public or private harassment * Publishing others' private information, such as a physical or electronic address, without explicit permission * Other conduct which could reasonably be considered inappropriate in a professional setting ## Our Responsibilities Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. ## Scope This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers. ## Enforcement Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at thebeanogamer@gmail.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. ## Attribution This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version] [homepage]: http://contributor-covenant.org [version]: http://contributor-covenant.org/version/1/4/ ================================================ FILE: Dockerfile ================================================ FROM python:3.9-buster WORKDIR /app RUN pip install poetry ADD pyproject.toml poetry.lock /app/ RUN poetry config virtualenvs.create false RUN poetry install --no-dev --no-interaction --no-ansi ADD . /app CMD python -m cdbot ================================================ FILE: LICENSE ================================================ MIT License Copyright (c) 2018-2020 Cyber Discovery Community Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: README.md ================================================ # Cyber Discovery Discord Bot [![Build Docker Container](https://github.com/CyberDiscovery/cyberdisc-bot/actions/workflows/build.yml/badge.svg)](https://github.com/CyberDiscovery/cyberdisc-bot/actions/workflows/build.yml) [![Discord](https://img.shields.io/discord/409851296116375565)](https://discord.cyberdiscoverycommunity.uk) [![Lint](https://github.com/CyberDiscovery/cyberdisc-bot/actions/workflows/lint.yml/badge.svg)](https://github.com/CyberDiscovery/cyberdisc-bot/actions/workflows/lint.yml) [![GitHub](https://img.shields.io/github/license/cyberdiscovery/cyberdisc-bot)](https://github.com/CyberDiscovery/cyberdisc-bot/blob/master/LICENSE) ![Python 3.9.x](https://img.shields.io/badge/python-3.9.x-yellow.svg) The bot for the Cyber Discovery [Community Discord Server](https://discord.cyberdiscoverycommunity.uk)! ## Installation ### Creating a Bot Token First, head over to [the Discord Developer Portal](https://discordapp.com/developers/applications/) and create an application. Set a name, then go to the bots tab (on the left) and add a new bot. For testing purposes, it is best to have the bot private, so untick the `Public Bot` option. You should then get the client ID of your bot and put it into this URL to join it to your Discord server: ```text https://discordapp.com/oauth2/authorize?&client_id=&scope=bot& ``` ### Docker Compose You can run Cyber Discovery Bot most easily with Docker Compose. Just set the following environment variables and run `docker-compose up -d`. * `BOT_TOKEN` * `QUOTES_BOT_ID` * `QUOTES_CHANNEL_ID` * `LOGGING_CHANNEL_ID` ### Bare Metal You can also locally install the bot on your system. First install the dependencies with [Poetry](https://python-poetry.org/): ```bash curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python poetry install ``` Or on Windows: ```powershell (Invoke-WebRequest -Uri https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py -UseBasicParsing).Content | python poetry install ``` If you don't already have the required Python version (currently 3.8+) installed, install [pyenv](https://github.com/pyenv/pyenv) before running the above commands. You will then need to set the bot token as an environment variable: ```bash export BOT_TOKEN="" ``` Or on Windows: ```powershell set BOT_TOKEN="" ``` Finally, run the command `poetry run cdbot` in the root of the repository to run the bot on your machine. To access admin commands of the bot, set the environment variable `ROOT_MEMBERS_ID` to the ID of your administrators group. ## Commands ### General Commands * **`:help`** - Displays information about the usage and syntax of all commands. ### Admin Commands * **`:readme [push | pull] [channel id] [interval]`** - `pull` will DM the user a copy of the JSON used for #readme. `push` will create the readme channel using the set JSON file. ### Cyber Discovery Commands * **`:assess [1-14]`** - Displays information about the corresponding level in CyberStart Assess. * **`:essentials`** - Displays the remaining time until the start of CyberStart Essentials. * **`:fieldmanual`** - Returns a link to the CyberStart Game field manual. * **`:flag [base] [level] [challenge]`** - Generate a very legitimate:tm: flag for CyberStart Game. * **`:game`** - Displays the remaining time until the start of CyberStart Game. * **`:level [base] [level] [challenge]`** - Display information about challenges from CyberStart Game. ### Fun Commands * **`:agentj [text]`** - Creates an image of Agent J with the specified text. * **`:agentq [text]`** - Creates an image of Agent Q with the specified text. * **`:angryj [text]`** - Creates an image of Angry Agent J with the specified text. * **`:angrylyne [text]`** - Creates an image of Angry James Lyne with the specified text. * **`:baldj [text]`** - Creates an image of Bald James Lyne with the specified text. * **`:jibhat [text]`** - Creates an image of Jibhat with the specified text. * **`:lmgtfy [-d][-ie] [search]`** - Returns a LMGTFY URL for the given question. Adding `-d` will delete the message that instigated the command and `-ie` will enable the internet explainer feature on lmgtfy. * **`:hundred`** - Returns the number of people who have completed all of CyberStart Game. * **`:quotes [@mention]`** - Will return a random quote from the #quotes channel. Adding an username/mention will result in a random quote from that user being selected. * **`:quoteboard [1]`** - Return a leaderboard of the number of entries in #quotes sorted by user. * **`:quotecount [@mention]`** - Returns the number of quotes in the DB. Adding a username/mention will return the number of quotes from that user. * **`:react [emoji]`** - Reacts to the previous message with the space seperated emojis in the requesting message. * **`:xkcd [? | 1810]`** - Fetches xkcd comics. If the argument is left blank the latest comic is shown. A random comic is shown if the argument is a `?`. Otherwise, a comic number can be used to fetch a specific comic. ### Maths Commands * **`:challenge [number]`** - Get a KCL maths challenge. If no number is specified, the most recent will be used, else the number will be how many after the most recent should be retrieved. * **`:latex [latex]`** - Renders LaTeX. Can also be invoked by wrapping a string in `$` or `$$`. ================================================ FILE: SECURITY.md ================================================ # Security Policies and Procedures This document outlines security procedures and general policies for the **cyberdisc-bot** project. * [Reporting a Bug](#reporting-a-bug) * [Disclosure Policy](#disclosure-policy) * [Comments on this Policy](#comments-on-this-policy) ## Reporting a Bug The Cyber Discovery team and community take all security bugs in **cyberdisc-bot** seriously. Thank you for improving the security of **cyberdisc-bot**. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions. Report security bugs by emailing an administrator at [daniel@cyberdiscoverycommunity.uk](mailto:daniel@cyberdiscoverycommunity.uk). ## Disclosure Policy When the community developer team receives a security bug report, they will take the following steps: * Confirm the problem and determine the cause. * Audit code to find any potential similar problems. * Prepare fixes for all affected code bases. These fixes will be released as fast as possible to production. ## Comments on this Policy If you have suggestions on how this process could be improved please submit a pull request, or add an appropriate issue to the repository in question. ================================================ FILE: cdbot/__init__.py ================================================ """Initialise cdbot as a package for poetry.""" import sentry_sdk from git import Repo from sentry_sdk.integrations.aiohttp import AioHttpIntegration from .bot import bot, load_extensions from .constants import BOT_TOKEN, SENTRY_URL async def main(): """Entry point for poetry script.""" sentry_sdk.init( SENTRY_URL, release=Repo().head.object.hexsha, integrations=[AioHttpIntegration()], ) await load_extensions() await bot.start(BOT_TOKEN) ================================================ FILE: cdbot/__main__.py ================================================ """Entry point for the 'python -m cdbot' command.""" from asyncio import run import cdbot if __name__ == "__main__": run(cdbot.main()) ================================================ FILE: cdbot/bot.py ================================================ """Main script to define bot methods, and start the bot.""" import logging from os import listdir from platform import release, system from discord import Game, Intents from discord.ext.commands import Bot, when_mentioned_or from sentry_sdk import configure_scope from cdbot.log import DiscordHandler logger = logging.getLogger(__name__) intents = Intents.default() intents.members = True intents.message_content = True bot = Bot(command_prefix=when_mentioned_or("...", ":"), activity=Game(name=":help"), intents=intents) logger.addHandler(DiscordHandler(bot)) logger.setLevel(logging.INFO) bot.muted = [] bot.banned_ids = [] bot.log = logger @bot.before_invoke async def register_metadata(ctx): """Attach additional data to sentry events.""" with configure_scope() as scope: scope.user = {"id": ctx.author.id, "username": str(ctx.author)} scope.set_context("client_os", {"name": system(), "version": release()}) scope.set_tag("command", ctx.message.content) scope.set_tag("channel", str(ctx.channel)) @bot.check async def block_banned_ids(ctx): """Check for if a user is banned.""" return ctx.author.id not in bot.banned_ids @bot.check async def block_muted(ctx): """Check for if a user is muted.""" return ctx.author.id not in bot.muted async def load_extensions(): for filename in listdir("./cdbot/cogs"): if filename.endswith(".py"): # cut off the .py from the file name await bot.load_extension(f"cdbot.cogs.{filename[:-3]}") ================================================ FILE: cdbot/cogs/admin.py ================================================ import re from discord import AuditLogAction, Colour, Embed, Member from discord.ext.commands import Bot, Cog, Context, command, has_any_role from cdbot.constants import ( ADMIN_MENTOR_ROLE_ID, ADMIN_ROLES, CD_BOT_ROLE_ID, LOGGING_CHANNEL_ID, NICKNAME_PATTERNS, PLACEHOLDER_NICKNAME, ROOT_ROLE_ID, STATIC_NICKNAME_ROLE_ID, SUDO_ROLE_ID ) def check_bad_name(nick): for i in NICKNAME_PATTERNS: if re.match(i, nick, re.IGNORECASE): return True return False class Admin(Cog): """ Admin functionality """ def __init__(self, bot: Bot): self.bot = bot @Cog.listener() # triggered on new/removed nickname async def on_member_update(self, member_before: Member, member_after: Member): # get corresponding audit log entry to find who initiated member change corresponding_audit_entry = None # get all audit log entries for Member Updated async for entry in self.bot.guilds[0].audit_logs( action=AuditLogAction.member_update ): # if this entry was to the user in question, and was this specific nickname change if entry.target == member_before and entry.after.nick == member_after.nick: corresponding_audit_entry = entry break if ( corresponding_audit_entry is not None ): # successfully found audit log entry before # user changed their own nickname; ignore if admin/bot changed it admin_role_check = ( corresponding_audit_entry.user.top_role.name in ADMIN_ROLES ) bot_role_check = ( corresponding_audit_entry.user.top_role.id == CD_BOT_ROLE_ID ) mentor_role_check = ( corresponding_audit_entry.user.top_role.id == ADMIN_MENTOR_ROLE_ID ) if not (admin_role_check or bot_role_check or mentor_role_check): for i in member_after.roles: if i.id == STATIC_NICKNAME_ROLE_ID: # user has Static Name role await member_after.edit( nick=member_before.display_name ) # revert nickname return else: # check for bad words new_nickname = member_after.display_name if check_bad_name(new_nickname): # bad display name if not check_bad_name( member_after.name ): # username is okay await member_after.edit(nick=None) # reset nickname else: # assign placeholder nickname await member_after.edit(nick=PLACEHOLDER_NICKNAME) @Cog.listener() # triggered on username change async def on_user_update(self, member_before: Member, member_after: Member): new_username = member_after.name if check_bad_name(new_username): # bad username # assign placeholder nickname await member_after.edit(nick=PLACEHOLDER_NICKNAME) @Cog.listener() async def on_member_join(self, member: Member): username = member.name if check_bad_name(username): # bad username # assign placeholder nickname await member.edit(nick=PLACEHOLDER_NICKNAME) @command() @has_any_role(ROOT_ROLE_ID, SUDO_ROLE_ID) async def raid( self, ctx: Context, operand: str = "" ): """ Allows an admin user to lock down the server in case of a raid. This command toggles invite link generation for @everyone and revokes all existing invite links. """ everyone = ctx.channel.guild.default_role perms = everyone.permissions enabled = not perms.create_instant_invite logs_channel = self.bot.get_channel(LOGGING_CHANNEL_ID) operand = operand.lower() boolonoff = ("OFF", "ON") action = True embed = None if not operand: # status query await ctx.send(f"Raid protection currently {boolonoff[enabled]}. Use `:raid [on/off]` to toggle.") action = False elif operand in ("on", "yes") and not enabled: # need to turn it on enabled = True perms.update(create_instant_invite=False) embed = Embed( color=Colour.blue(), title="Raid Protection ON.", description=("Raid protection now ON - All invite links were" " deleted and members may not create new ones") ) for invite in await ctx.channel.guild.invites(): # delete links await invite.delete() elif operand in ("off", "no") and enabled: enabled = False perms.update(create_instant_invite=True) embed = Embed( color=Colour.blue(), title="Raid Protection OFF.", description=("Raid protection now OFF - Members can now create" " new invite links") ) else: # no changes await ctx.send(f"Raid protection {boolonoff[enabled]}, nothing was changed.") action = False if action: # if we toggled it msg = f"{ctx.author.name} toggled raid protection {boolonoff[enabled]}." await everyone.edit(reason=msg, permissions=perms) # make the perm change await ctx.send(msg) # direct response to invocation embed.set_author(name=ctx.author.name, icon_url=ctx.author.avatar_url) await logs_channel.send(embed=embed) # log the event async def setup(bot): await bot.add_cog(Admin(bot)) ================================================ FILE: cdbot/cogs/cyber.py ================================================ import datetime import random import re import string import textwrap from asyncio import sleep from io import StringIO from json import load from aiohttp import ClientSession from dateutil.parser import parse from dateutil.relativedelta import relativedelta from discord import Colour, Embed, File, Message from discord.ext.commands import Bot, Cog, Context, command, has_role from cdbot.constants import ( BASE_ALIASES, CHEATING_VIDEO, CMA_LINKS, CYBERDISC_ICON_URL, ELITECOUNT_ENABLED, END_README_MESSAGE, HINTS_LIMIT, HUNDRED_PERCENT_ROLE_ID, README_RECV_ALIASES, README_SEND_ALIASES, ROOT_ROLE_ID, Roles, TRUE_HUNDRED_PERCENT_ROLE_ID, ) async def generatebase64(seed: int) -> str: random.seed(seed) letters = string.ascii_letters + string.digits + "+/" return "".join(random.choices(letters, k=20)) class Cyber(Cog): """ Cyber Discovery/Security related commands. """ match_strings = [ # Assess dates ( r"^.*\bassess\b.*\b(start|begin|open)\b.*$", "CyberStart Assess began on the 2nd June 2020.", ), ( r"^.*\bassess\b.*\b(end|finish|close)\b.*$", "CyberStart Assess ended on the 31st October 2020.", ), # Game dates ( r"^.*\bgame\b.*\b(start|begin|open)\b.*$", "CyberStart Game began on the 2nd June 2020.", ), ( r"^.*\bgame\b.*\b(end|finish|close)\b.*$", "CyberStart Game ended on the 30th June 2021.", ), # Essentials dates ( r"^.*\bessentials\b.*\b(start|begin|open)\b.*$", "CyberStart Essentials began on the 18th December 2020.", ), ( r"^.*\bessentials\b.*\b(end|finish|close)\b.*$", "CyberStart Essentials ended on the 30th June 2021.", ), # Elite questions ( r"^.*\bhow\b.*\bget\b.*\belite\b.*$", "**Quote from the @CyberDiscUK Twitter: **" "Selection for CyberStart Elite was based on a combination of Game and Essentials results.", ), ( r"^.*\belite\b.*\bstart\b.*$", "CyberStart Elite is kill .", ), # RACTF Questions ( r"^.*\bractf\b.*\b(start|begin|open)\b.*$", "RACTF 2021 begins on the 13th August 2021 at 19:00 GMT.", ), ( r"^.*\bractf\b.*\b(end|finish|close)\b.*$", "RACTF 2021 will end on the 16th August 2021 at 19:00 GMT.", ), ] def __init__(self, bot: Bot): self.bot = bot self.matches = [ (re.compile(i[0], re.IGNORECASE), i[1]) for i in self.match_strings ] @command(aliases=["Manual", "manual", "fm", "rtfm"]) async def fieldmanual(self, ctx: Context): """ Returns a link to the field manual """ await ctx.send("https://play.cyberstart.com/field-manual") @command(aliases=["l", "lc"]) async def level( self, ctx: Context, base: str, level_num: int, challenge_num: int = 0 ): """ Gets information about a specific CyberStart Game level and challenge. """ # Gather data from CyberStart Game. with open("cdbot/data/game.json") as f: game_docs = load(f) # Temporary change to allow old usage method if base.isnumeric(): challenge_num = level_num level_num = int(base) base = "hq" elif challenge_num == 0: await ctx.send("Invalid challenge number!") return # Find out which base the user is refering to. for area in BASE_ALIASES.keys(): if base.lower() in BASE_ALIASES[area]: base = area break else: await ctx.send("Unknown base.") return # Check to see if that many levels are present if not 0 < level_num <= len(game_docs[base]): await ctx.send("Invalid level number!") # Then, check to see if the requested challenge is present elif challenge_num not in range(len(game_docs[base][level_num - 1]) + 1): await ctx.send("Invalid challenge number!") else: # Select the needed challenge challenge_raw = game_docs[base][level_num - 1][challenge_num - 1] challenge_title = challenge_raw["title"] challenge_tip = challenge_raw["tips"] challenge_text = challenge_raw["description"] embed = Embed( title=( f"{base} - Level {level_num} Challenge {challenge_num} - {challenge_title}" ), description=challenge_text, colour=0x4262F4, ) embed.set_author(name="Cyber Discovery", icon_url=CYBERDISC_ICON_URL) embed.set_footer(text=" | ".join(challenge_tip)) await ctx.send(embed=embed) @command() async def flag( self, ctx: Context, base: str, level_num: int, challenge_num: int = 0 ): """Generate a flag for the specified base, level and challenge.""" if challenge_num == 0: challenge_num = level_num level_num = int(base) base = "Headquarters" if level_num == 13 and challenge_num == 1: content = "13.1 is a No Flag Zone™ 🙅⛔⚔️" else: # Generates random, but unique and identical per challenge, base 64 "flag" if random.randint(1, 5) == 5: return await ctx.send( "The flag is: " f"||{CHEATING_VIDEO}||" ) else: content = ( "The flag is:" f"||{await generatebase64(ord(base[0]) + level_num + challenge_num)}||" ) embed = Embed( title=(f"{base} - Level {level_num} Challenge {challenge_num}"), description=content, colour=0x4262F4, ) embed.set_author(name="Cyber Discovery", icon_url=CYBERDISC_ICON_URL) await ctx.send(embed=embed) @command() @has_role(ROOT_ROLE_ID) async def readme( self, ctx: Context, operand: str = "", channel_id: str = "", msg_send_interval: int = 0, ): """ Allows generating, sending and manipulation of JSON file containing the info needed to create and send the embeds for the #readme channel. Only ROOT_ROLE_ID users have the permissions need to use this command. """ operand = operand.lower() # The supplied operand is incorrect. if not (operand in README_SEND_ALIASES + README_RECV_ALIASES): incorrect_operand_embed = Embed( colour=0x673AB7, description=":shrug: **Invalid readme operand supplied.**", ) await ctx.message.delete() await ctx.send(embed=incorrect_operand_embed) # User missed out the channel_id for certain commands. elif channel_id == "" and operand in README_SEND_ALIASES: misssing_channel_embed = Embed( colour=0xFF5722, description=":facepalm: **Whoops, you missed out the channel ID! Try again.**", ) await ctx.message.delete() await ctx.send(embed=misssing_channel_embed) # Process the request. else: # Let's create a series of #readme-capable embeds. If something is uploaded, # It will attempt to use that file for the readme, if omitted, it will use # the default JSONifed readme file and send that into the channel instead. if operand in README_SEND_ALIASES: try: # Much pain was had fixing this. Please, get some help and install mypy type checking. channel_id: int = int( channel_id[2:-1] if channel_id[0] == "<" else channel_id ) usr_confirmation_embed = Embed( colour=0x4CAF50, description=":white_check_mark: **Creating readme using uploaded config file.**", ) # The user has uploaded a config. if ctx.message.attachments != []: json_file_location = [_.url for _ in ctx.message.attachments][0] # GETs the attachment data. async with ClientSession() as session: async with session.get(json_file_location) as response: if response.status == 200: resp_text = await response.text() json_config = load(StringIO(resp_text)) await ctx.send(embed=usr_confirmation_embed) # No config uploaded, just use default config file. else: with open("cdbot/data/readme.json", "rb") as default_json: json_config = load(default_json) usr_confirmation_embed.description = ( ":ballot_box_with_check: " "**Creating readme using default config file.**" ) await ctx.send(embed=usr_confirmation_embed) await ctx.message.delete() for section in json_config: # Initialise our message and embed variables each loop. # This is to prevent leftover data from being re-sent. msg_content, current_embed = None, None # The part which handles general messages. if "content" in json_config[section]: msg_content = json_config[section]["content"] # We have an embed. Call in the Seahawks. if "embed" in json_config[section]: current_embed = Embed() msg_embed = json_config[section]["embed"] if "title" in msg_embed: current_embed.title = msg_embed["title"] if "description" in msg_embed: current_embed.description = msg_embed["description"] if "color" in msg_embed: current_embed.colour = Colour( int(msg_embed["color"], 16) ) # Parse the fields, if there are any. if "fields" in msg_embed: for current_field in msg_embed["fields"]: # Add the fields to the current embed. current_embed.add_field( name=current_field["name"], value=current_field["value"], ) # Send the message. requested_channel = self.bot.get_channel(channel_id) if msg_content is not None and current_embed is None: await requested_channel.send(content=msg_content) elif current_embed is not None and msg_content is None: await requested_channel.send(embed=current_embed) else: await requested_channel.send( content=msg_content, embed=current_embed ) # User has requested a delay between each message being sent. if 0 < msg_send_interval < 901: await sleep(msg_send_interval) # Send the trailing embed message constant. await requested_channel.send(content=END_README_MESSAGE) except (Exception): parse_fail_embed = Embed( colour=0x673AB7, description=":x: **Error parsing JSON file, please ensure its valid!**", ) await ctx.message.delete() await ctx.send(embed=parse_fail_embed) # Pull the readme JSON constant files and slide it into the user's DMs. elif operand in README_RECV_ALIASES: # Slide it to the user's DMs. requesting_user = await self.bot.fetch_user(ctx.message.author.id) await requesting_user.send( content="Hey, here's your config file!", file=File(fp="cdbot/data/readme.json", filename="readme.json"), ) await ctx.message.delete() await ctx.send( embed=Embed( colour=0x009688, description=":airplane: **Flying in, check your DMs!**", ) ) @command(aliases=["a", "al"]) async def assess(self, ctx: Context, challenge_num: int): """ Gets information about a specific CyberStart Assess level and challenge. """ NO_HINTS_MSG = f"**:warning: Remember, other people can't give hints after challenge {HINTS_LIMIT}**" # Gather Assess data from JSON file. with open("cdbot/data/assess.json") as f: assess_docs = load(f) if not 0 < challenge_num <= len(assess_docs): await ctx.send("Invalid challenge number!") else: # Select the needed challenge challenge_raw = assess_docs[challenge_num - 1] challenge_title = challenge_raw["title"] challenge_difficulty = challenge_raw["difficulty"] challenge_text = challenge_raw["description"] if challenge_num > HINTS_LIMIT: challenge_text = NO_HINTS_MSG + "\n" + challenge_text embed = Embed( title=f"CyberStart Assess Challenge {challenge_num} - {challenge_title}", description=challenge_text, colour=0x4262F4, url=f"https://assess.joincyberdiscovery.com/challenge-{challenge_num:02d}", ) embed.set_author(name="Cyber Discovery", icon_url=CYBERDISC_ICON_URL) embed.set_footer(text=f"Difficulty: {challenge_difficulty}") await ctx.send(embed=embed) @command() async def game(self, ctx: Context): """ Gets the date of, and days and months until, CyberStart Game """ await self.countdown("2nd June 2020", "CyberStart Game", ctx) @command() async def essentials(self, ctx: Context): """ Gets the date of, and days and months until, CyberStart Essentials """ await self.countdown("15th September 2020", "CyberStart Essentials", ctx) @command() async def hundred(self, ctx: Context): """ Gets the number of 100% and true 100% users """ game_r = ctx.guild.get_role(HUNDRED_PERCENT_ROLE_ID) true_r = ctx.guild.get_role(TRUE_HUNDRED_PERCENT_ROLE_ID) await ctx.send( f"There are {len(game_r.members)} that have completed CyberStart Game. Out of them, " f"{len(true_r.members)} have also completed Essentials and Assess." ) @command() async def elitecount(self, ctx: Context): """ Gets the number of elite users """ if ELITECOUNT_ENABLED: preferences = { "2018": Roles.Elite.VET2018, "2019": Roles.Elite.VET2019, "2020": Roles.Elite.VET2020, "2021": Roles.Elite.VET2021, } description = textwrap.dedent( """ **Camp Statistics** """ ) embed = Embed( title=f"CyberStart Elite {datetime.datetime.utcnow().year}", description=description, colour=Colour(0xAE444A), ) # A nice red embed.set_thumbnail(url=CYBERDISC_ICON_URL) for location, role in preferences.items(): role = ctx.guild.get_role(role) embed.add_field(name=location, value=f"**Attendees**: {len(role.members)}", inline=True) await ctx.send(embed=embed) else: await ctx.send( ":no_entry_sign: This command is disabled because CyberStart Elite is done for this year" ) async def countdown(self, countdown_target_str: str, stage_name: str, ctx: Context): countdown_target = parse(countdown_target_str).date() # Get the current date today = datetime.date.today() time_until_target = relativedelta(countdown_target, today) # Given a number of items, determine whether it should be pluralised. # Then, return the suffix of 's' if it should be, and '' if it shouldn't. def suffix_from_number(num): return "" if num == 1 else "s" month_or_months = "month" + suffix_from_number(time_until_target.months) day_or_days = "day" + suffix_from_number(time_until_target.days) month_countdown = f"{time_until_target.months} {month_or_months}" day_countdown = f"{time_until_target.days} {day_or_days}" # Diable the months component of the countdown when there are no months left if time_until_target.months: month_and_day_countdown = f"{month_countdown} and {day_countdown}" else: month_and_day_countdown = day_countdown if today > countdown_target: await ctx.send(f"{stage_name} has begun!") return await ctx.send( f"{stage_name} begins on the {countdown_target_str}.\n" f"That's in {month_and_day_countdown}!" ) @command() async def support(self, ctx: Context): """ Returns the support email """ await ctx.send("support@joincyberdiscovery.com") @command() async def meta(self, ctx: Context): """ Returns the meta link. """ await ctx.send("https://github.com/CyberDiscovery/meta") @command() async def cdtos(self, ctx: Context): """ Returns the Cyber Discovery terms of service. """ await ctx.send("https://www.joincyberdiscovery.com/terms") @command() async def cma(self, ctx: Context, *, section: str = None): """ Returns a link to the Computer Misuse Act or a screenshot of one of the first three sections. """ if section is None: await ctx.send("https://www.legislation.gov.uk/ukpga/1990/18/contents") elif (CMA_URL := CMA_LINKS.get(section)) is not None: await ctx.send(CMA_URL) else: await ctx.send("That section is not in our database. The full Computer Misuse Act can be read at: " "https://www.legislation.gov.uk/ukpga/1990/18/contents") @Cog.listener() async def on_message(self, message: Message): # Check the current command context ctx = await self.bot.get_context(message) # If message is a command, ignore regex responses. if ctx.valid or message.author.bot: return # Check if the message matches any of the pre-baked regexes for regex, response in self.matches: if regex.match(message.content): await message.channel.send(f"{message.author.mention} | {response}") break async def setup(bot): await bot.add_cog(Cyber(bot)) ================================================ FILE: cdbot/cogs/fun.py ================================================ """ Set of bot commands designed for general leisure. """ import asyncio import re import textwrap from io import BytesIO from math import ceil from random import choice, randint from string import ascii_lowercase from typing import List from urllib.parse import urlencode import asyncpg from PIL import Image, ImageDraw, ImageFont from aiohttp import ClientSession from discord import ( Colour, Embed, File, HTTPException, Message, NotFound, RawReactionActionEvent, embeds, ) from discord.ext.commands import ( Bot, BucketType, Cog, Context, UserConverter, command, cooldown, ) from discord.utils import get from cdbot.constants import ( CYBERDISC_ICON_URL, EMOJI_LETTERS, FAKE_ROLE_ID, LOCAL_DEBUGGING, LOGGING_CHANNEL_ID, PostgreSQL, QUOTES_BOT_ID, QUOTES_CHANNEL_ID, QUOTES_DELETION_QUOTA, REACT_EMOTES, REACT_TRIGGERS, ROOT_ROLE_ID, STAFF_ROLE_ID, SUDO_ROLE_ID, WELCOME_BOT_ID, WORD_MATCH_RE, ) ascii_lowercase += " !?$()" def convert_emoji(message: str) -> List[str]: """Convert a string to a list of emojis.""" emoji_trans = list(map(iter, EMOJI_LETTERS)) # Enumerate characters in the message emojified = [] for character in message: index = ascii_lowercase.find(character) if index == -1: continue # Yield the next iteration of the letter try: emojified.append(next(emoji_trans[index])) except StopIteration: continue return emojified async def emojify(message: Message, string: str): """Convert a string to emojis, and add those emojis to a message.""" for emoji in convert_emoji(string.lower()): if emoji is not None: await message.add_reaction(emoji) class FormerUser(UserConverter): async def convert(self, ctx, argument): try: return await ctx.bot.fetch_user(argument) except (NotFound, HTTPException): return await super().convert(ctx, argument) class Fun(Cog): """ Commands for fun! """ # Embed sent when users try to ping staff ping_embed = ( Embed( colour=0xFF0000, description="⚠ **Please make sure you have taken the following into account:** ", ) .set_footer( text="To continue with the ping, react \N{THUMBS UP SIGN}, To delete this message and move on," " react \N{THUMBS DOWN SIGN}" ) .add_field( name="Cyber Discovery staff will not provide help for challenges.", value="If you're looking for help, feel free to ask questions in one of our topical channels.", ) .add_field( name="Make sure you have emailed support before pinging here.", value="`support@joincyberdiscovery.com` are available to answer any and all questions!", ) ) def __init__(self, bot: Bot): self.bot = bot self.staff_role = None self.quote_channel = None self.fake_staff_role = None async def migrate_quotes(self): """Create and initialise the `quotes` table with user quotes.""" async with self.bot.pool.acquire() as connection: await connection.execute( "CREATE TABLE IF NOT EXISTS quotes (quote_id bigint PRIMARY KEY, author_id bigint)" ) quote_channel = self.bot.get_channel(QUOTES_CHANNEL_ID) async for quote in quote_channel.history(limit=None): await self.add_quote_to_db(quote) print("Quotes successfully imported.") @Cog.listener() async def on_ready(self): guild = self.bot.guilds[0] if self.staff_role is None: self.staff_role = guild.get_role(STAFF_ROLE_ID) if self.fake_staff_role is None: self.fake_staff_role = guild.get_role(FAKE_ROLE_ID) if not LOCAL_DEBUGGING: self.bot.pool = await asyncpg.create_pool( host=PostgreSQL.PGHOST, port=PostgreSQL.PGPORT, user=PostgreSQL.PGUSER, password=PostgreSQL.PGPASSWORD, database=PostgreSQL.PGDATABASE, ) await self.migrate_quotes() @cooldown(1, 60, BucketType.user) @cooldown(4, 60, BucketType.channel) @cooldown(6, 3600, BucketType.guild) @Cog.listener() async def on_message(self, message: Message): # If a new quote is added, add it to the database. if message.channel.id == QUOTES_CHANNEL_ID and ( message.author.id == QUOTES_BOT_ID or message.mentions is not None ): await self.add_quote_to_db(message) print(f"Message #{message.id} added to database.") if self.fake_staff_role in message.role_mentions and not message.author.bot: # A user has requested to ping official staff sent = await message.channel.send(embed=self.ping_embed, delete_after=30) await sent.add_reaction("\N{THUMBS UP SIGN}") await sent.add_reaction("\N{THUMBS DOWN SIGN}") def check(reaction, user): """Check if the reaction was valid.""" user_is_staff = user.top_role.id in (ROOT_ROLE_ID, SUDO_ROLE_ID) return all( ( user == message.author or user_is_staff, str(reaction.emoji) in "\N{THUMBS UP SIGN}\N{THUMBS DOWN SIGN}", ) ) try: # Get the user's reaction reaction, _ = await self.bot.wait_for( "reaction_add", timeout=30, check=check ) except asyncio.TimeoutError: pass else: if str(reaction) == "\N{THUMBS UP SIGN}": # The user wants to continue with the ping await self.staff_role.edit(mentionable=True) staff_ping = Embed( title="This user has requested an official staff ping!", colour=0xFF0000, description=message.content, ).set_author( name=f"{message.author.name}#{message.author.discriminator}", icon_url=message.author.avatar_url, ) # Send the embed with the user's content await message.channel.send( self.staff_role.mention, embed=staff_ping ) await self.staff_role.edit(mentionable=False) # Delete the original message await message.delete() finally: await sent.delete() ctx = await self.bot.get_context(message) if ctx.valid or message.author.bot: # Don't react to valid commands or messages from bots. return # Check if the message contains a trigger for trigger in REACT_TRIGGERS: reg = WORD_MATCH_RE.format(trigger) if re.search(reg, message.content, re.IGNORECASE): to_react = REACT_TRIGGERS[trigger] if to_react in REACT_EMOTES: for emote in to_react.split(): if len(emote) > 1: # We have a string to react with await emojify(message, emote) else: await message.add_reaction(emote) elif "{mention}" in to_react: to_react = to_react.replace("{mention}", message.author.mention) await ctx.send(to_react) else: await ctx.send(to_react) return # Only one auto-reaction per message # Adds waving emoji when a new user joins. if all( ( "Welcome to the Cyber Discovery" in message.content, message.author.id == WELCOME_BOT_ID, ) ): await message.add_reaction("\N{WAVING HAND SIGN}") @Cog.listener() async def on_raw_reaction_add(self, raw_reaction: RawReactionActionEvent): thumbs_down = "\N{THUMBS DOWN SIGN}" if all( ( str(raw_reaction.emoji) == thumbs_down, raw_reaction.channel_id == QUOTES_CHANNEL_ID, ) ): quotes_channel = self.bot.get_channel(QUOTES_CHANNEL_ID) logs_channel = self.bot.get_channel(LOGGING_CHANNEL_ID) message = await quotes_channel.fetch_message(raw_reaction.message_id) reaction = [ react for react in message.reactions if str(react.emoji) == thumbs_down ][0] if reaction.count >= QUOTES_DELETION_QUOTA: if not LOCAL_DEBUGGING: async with self.bot.pool.acquire() as connection: await connection.execute( "DELETE FROM quotes WHERE quote_id = $1", reaction.message.id ) mentions = ", ".join([user.mention async for user in reaction.users()]) embed = Embed( color=Colour.blue(), title="Quote Deleted" ) if reaction.message.embeds: quote_embed = reaction.message.embeds[-1] # Using last item has same effect as for loop embed.description = quote_embed.description embed.set_author(name=quote_embed.author.name, icon_url=quote_embed.author.icon_url) else: # message doesn't have an embed, MUST be from a user embed.description = message.content embed.set_author(name=message.author.name, icon_url=message.author.avatar_url) embed.add_field(name="Deleted By", value=mentions) await reaction.message.delete() await logs_channel.send(embed=embed) @command() async def lmgtfy(self, ctx: Context, *args: str): """ Returns a LMGTFY URL for a given user argument. """ # Creates a lmgtfy.com url for the given query. request_data = { "q": " ".join(arg for arg in args if not arg.startswith("-")), "ie": int("-ie" in args), } url = "https://lmgtfy.com/?" + urlencode(request_data) await ctx.send(url) if "-d" in args: await ctx.message.delete() # Ratelimit to one use per user every minute and 4 usages per minute per channel @command(aliases=["emojify"]) @cooldown(1, 60, BucketType.user) @cooldown(4, 60, BucketType.channel) async def react(self, ctx, *, message: str): """ Emojifies a given string, and reacts to a previous message with those emojis. """ if ctx.channel.id == QUOTES_CHANNEL_ID: await ctx.send("This command is disabled in this channel!", delete_after=10) return limit, _, output = message.partition(" ") if limit.isdigit(): limit = int(limit) else: output = message limit = 2 async for target in ctx.channel.history(limit=limit): pass await emojify(target, output) @command() async def xkcd(self, ctx: Context, number: str = None): """ Fetches xkcd comics. If number is left blank, automatically fetches the latest comic. If number is set to '?', a random comic is fetched. """ # Creates endpoint URI if number is None or number == "?": endpoint = "https://xkcd.com/info.0.json" else: endpoint = f"https://xkcd.com/{number}/info.0.json" # Fetches JSON data from endpoint async with ClientSession() as session: async with session.get(endpoint) as response: data = await response.json() # Updates comic number if number == "?": number = randint(1, int(data["num"])) # noqa: B311 endpoint = f"https://xkcd.com/{number}/info.0.json" async with ClientSession() as session: async with session.get(endpoint) as response: data = await response.json() else: number = data["num"] # Creates date object (Sorry, but I'm too tired to use datetime.) date = f"{data['day']}/{data['month']}/{data['year']}" # Creates Rich Embed, populates it with JSON data and sends it. comic = Embed() comic.title = data["safe_title"] comic.set_footer(text=data["alt"]) comic.set_image(url=data["img"]) comic.url = f"https://xkcd.com/{number}" comic.set_author( name="xkcd", url="https://xkcd.com/", icon_url="https://xkcd.com/s/0b7742.png", ) comic.add_field(name="Number:", value=number) comic.add_field(name="Date:", value=date) comic.add_field(name="Explanation:", value=f"https://explainxkcd.com/{number}") await ctx.send(embed=comic) @command() async def quotes(self, ctx: Context, member: FormerUser = None): """ Returns a random quotation from the #quotes channel. A user can be specified to return a random quotation from that user. """ quote_channel = self.bot.get_channel(QUOTES_CHANNEL_ID) async with self.bot.pool.acquire() as connection: if member is None: # fetchval() returns the first result of a query. message_id = await connection.fetchval( "SELECT quote_id FROM quotes ORDER BY random() LIMIT 1" ) else: message_id = await connection.fetchval( "SELECT quote_id FROM quotes WHERE author_id=$1 ORDER BY random() LIMIT 1", member.id, ) if message_id is None: return await ctx.send("No quotes found.") message = await quote_channel.fetch_message(message_id) embed = None content = message.clean_content attachment_urls = [attachment.url for attachment in message.attachments] if message.embeds: embed = message.embeds[0] elif len(attachment_urls) == 1: image_url = attachment_urls.pop(0) embed = Embed() embed.set_image(url=image_url) for url in attachment_urls: content += "\n" + url await ctx.send(content, embed=embed) @command() async def quotecount(self, ctx: Context, member: FormerUser = None): """ Returns the number of quotes in the #quotes channel. A user can be specified to return the number of quotes from that user. """ async with self.bot.pool.acquire() as connection: total_quotes = await connection.fetchval("SELECT count(*) FROM quotes") if member is None: await ctx.send(f"There are {total_quotes} quotes in the database") else: user_quotes = await connection.fetchval( "SELECT count(*) FROM quotes WHERE author_id=$1", member.id ) await ctx.send( f"There are {user_quotes} quotes from {member} in the database " f"({user_quotes / total_quotes:.2%})" ) @command() async def quoteboard(self, ctx: Context, page: int = 1): """Show a leaderboard of users with the most quotes.""" users = "" current = 1 start_from = (page - 1) * 10 async with self.bot.pool.acquire() as connection: page_count = ceil( await connection.fetchval( "SELECT count(DISTINCT author_id) FROM quotes" ) / 10 ) if 1 > page > page_count: return await ctx.send(":no_entry_sign: Invalid page number") for result in await connection.fetch( "SELECT author_id, COUNT(author_id) as quote_count FROM quotes " "GROUP BY author_id ORDER BY quote_count DESC LIMIT 10 OFFSET $1", start_from, ): author, quotes = result.values() users += f"{start_from + current}. <@{author}> - {quotes}\n" current += 1 embed = Embed(colour=Colour(0xAE444A)) embed.add_field(name=f"Page {page}/{page_count}", value=users) embed.set_author(name="Quotes Leaderboard", icon_url=CYBERDISC_ICON_URL) await ctx.send(embed=embed) async def add_quote_to_db(self, quote: Message): """ Adds a quote message ID to the database, and attempts to identify the author of the quote. """ author_id = None if quote.author.id == QUOTES_BOT_ID: if not quote.embeds: return embed = quote.embeds[0] icon_url = embed.author.icon_url if type(icon_url) == embeds._EmptyEmbed or "twimg" in icon_url: author_id = QUOTES_BOT_ID elif "avatars" in icon_url: try: author_id = int(icon_url.split("/")[-2]) except ValueError: author_id = 0 else: author_info = embed.author.name.split("#") if len(author_info) == 1: author_info.append("0000") author = get( quote.guild.members, name=author_info[0], discriminator=author_info[1], ) author_id = author.id if author is not None else None else: author_id = quote.mentions[0].id if quote.mentions else None if not LOCAL_DEBUGGING: async with self.bot.pool.acquire() as connection: if author_id is not None: await connection.execute( "INSERT INTO quotes(quote_id, author_id) VALUES($1, $2) ON CONFLICT DO NOTHING", quote.id, author_id, ) else: await connection.execute( "INSERT INTO quotes(quote_id) VALUES($1) ON CONFLICT DO NOTHING", quote.id, ) print(f"Quote ID: {quote.id} has been added to the database.") async def create_text_image(self, ctx: Context, person: str, text: str): """ Creates an image of a given person with the specified text. """ if len(text) > 100: return await ctx.send( ":no_entry_sign: Your text must be shorter than 100 characters." ) drawing_text = textwrap.fill(text, 20) font = ImageFont.truetype("cdbot/resources/Dosis-SemiBold.ttf", 150) text_layer = Image.new("RGBA", (1920, 1080), (0, 0, 0, 0)) text_layer_drawing = ImageDraw.Draw(text_layer) text_layer_drawing.text( (0, 0), drawing_text, fill=(0, 0, 0), align="center", font=font ) cropped_text_layer = text_layer.crop(text_layer.getbbox()) cropped_text_layer.thumbnail((170, 110)) image = Image.open(f"cdbot/resources/{person}SaysBlank.png") x = int((image.width / 5 + 20) - (cropped_text_layer.width / 2)) y = int((image.height / 5 + 50 / 2) - (cropped_text_layer.height / 2)) image.paste(cropped_text_layer, (x, y), cropped_text_layer) image_bytes = BytesIO() image.save(image_bytes, format="PNG") image_bytes.seek(0) await ctx.send(file=File(image_bytes, filename=f"{person}.png")) @command() async def agentj(self, ctx: Context, *, text: str): """ Creates an image of Agent J with the specified text. """ await self.create_text_image(ctx, "AgentJ", text) @command() async def jibhat(self, ctx: Context, *, text: str): """ Creates an image of Jibhat with the specified text. """ await self.create_text_image(ctx, "Jibhat", text) @command() async def agentq(self, ctx: Context, *, text: str): """ Creates an image of Agent Q with the specified text. """ await self.create_text_image(ctx, "AgentQ", text) @command() async def angryj(self, ctx: Context, *, text: str): """ Creates an image of Angry Agent J with the specified text. """ await self.create_text_image(ctx, "AngryJ", text) @command() async def angrylyne(self, ctx: Context, *, text: str): """ Creates an image of Angry James Lyne with the specified text. """ await self.create_text_image(ctx, "AngryLyne", text) @command() async def baldj(self, ctx: Context, *, text: str): """ Creates an image of Bald Agent J with the specified text. """ await self.create_text_image(ctx, "AgentJBadHairDay", text) @command() async def neveragoodtime(self, ctx: Context): """ Returns the "as always it's never a good time to pop in" quote. """ await ctx.send("https://cdn.discordapp.com/attachments/450107193820446722/546655387886157824/unknown.png") @command() async def tryharder(self, ctx: Context): """ Returns the "Try Harder" music video. """ await ctx.send("https://www.youtube.com/watch?v=t-bgRQfeW64") @command() async def hac(self, ctx: Context): """ Hacks the specified user. """ await ctx.send("Charging the Low Orbit Ion Canon, please stand by!") @command() async def dox(self, ctx: Context): """ Doxes the specified user. """ await ctx.send("OK, scraping their parent's public Facebook feed!") @command() async def theworstpunishmentwehave(self, ctx: Context): """ Punishes a user. """ await ctx.send("Ok, banning them from the Q&A server!") @command(hidden=True) async def beano(self, ctx: Context): await ctx.send("*grumbles*") @command() async def flowchart(self, ctx: Context): """ Sends the image of the challenge solving flowchart. """ await ctx.send("https://cdn.discordapp.com/attachments/411573884597436416/767122366521278474/trythis.png") @command() async def unacceptable(self, ctx: Context): """ Deem something as unacceptable. """ await ctx.send("https://media1.tenor.com/images/7a2aa50ab07e6e5d61ec7ef1a45bc64f/tenor.gif?itemid=16269937") @command() async def quotebait(self, ctx: Context): """ Trick someone into quoting your message. """ await ctx.send("haha boobs") @command(hidden=True) async def thot(self, ctx: Context): await ctx.send("https://cdn.discordapp.com/attachments/543766802174443531/777203751227621466/thot.jpg") @command(hidden=True) async def subtler(self, ctx: Context): await ctx.send("https://media.discordapp.net/attachments/463657120441696256/703333784073797632/unknown.png") @command(hidden=True) async def subtle(self, ctx: Context): await ctx.send("https://cdn.discordapp.com/attachments/463657120441696256/560247422912167949/unknown.png") @command() async def whoarethecyberists(self, ctx: Context): """ Returns a video explaining who the cyberists are. """ await ctx.send("https://cdn.discordapp.com/attachments/458769653481865227/687638009427787791" "/WhoAreTheCyberists_1.mp4") @command(aliases=['jibhatisnotinvolvedwiththat'], hidden=True) async def jibhatisnotinvolvedinthat(self, ctx: Context): """ It's time to stop. """ await ctx.send("https://imgur.com/CoWZ05t") @command() async def whynotboth(self, ctx: Context): """ Why not? """ await ctx.send("https://giphy.com/gifs/yosub-girl-taco-why-not-both-3o85xIO33l7RlmLR4I") @command() async def simples(self, ctx: Context): """ It's not that hard! """ await ctx.send("https://thumbs.gfycat.com/DigitalGrandBrocketdeer-small.gif") @command() async def window(self, ctx: Context): """ Returns the window gif. """ await ctx.send("https://media.giphy.com/media/c6DIpCp1922KQ/giphy.gif") @command(hidden=True, aliases=['boogie']) async def dance(self, ctx: Context): """ Dance Tom dance! """ await ctx.send("https://cdn.discordapp.com/attachments/450107193820446722/484757289476030465/ezgif.com-video" "-to-gif3.gif") @command() async def thisisfine(self, ctx: Context): """ There is nothing wrong here. """ await ctx.send("https://media.giphy.com/media/z9AUvhAEiXOqA/giphy.gif") @command() async def inout(self, ctx: Context): """ Returns the inout gif. """ await ctx.send("https://media.giphy.com/media/11gC4odpiRKuha/giphy.gif") @command(hidden=True) async def zucc(self, ctx: Context): await ctx.send("https://tenor.com/view/zuck-zuckerberg-drink-drinks-water-gif-11631267") @command(hidden=True) async def succ(self, ctx: Context): await ctx.send("https://tenor.com/view/alex-jones-crying-silly-info-wars-gif-7295428") @command(hidden=True) async def shhh(self, ctx: Context): await ctx.send("Just ordered this to help: http://webiconspng.com/wp-content/uploads/2017/09/Shovel-PNG-Image" "-95986.png") @command() async def suppressdissent(self, ctx: Context): """ Suppress someone. """ comments = ["It will be done my lord", "I guess we'll try the Trump approach this time", "I'll get the CIA on the phone then", "Give me a minute to reread 1984", "Let me call Theresa for ideas"] await ctx.send(choice(comments)) @command(hidden=True) async def murder(self, ctx: Context): await ctx.send("rm -rf / --no-preserve-root") async def setup(bot): """ Required boilerplate for adding functionality of cog to bot. """ await bot.add_cog(Fun(bot)) ================================================ FILE: cdbot/cogs/general.py ================================================ import os from discord.ext import commands from discord.ext.commands import Bot, Cog, Context, command from git import Repo from cdbot.constants import WELCOME_CHANNEL_ID, WELCOME_MESSAGE path = os.path.dirname(os.path.abspath(__file__)) path = "/".join(path.split("/")[:-2]) repo = Repo(path) latest = repo.commit() class General(Cog): """ General Purpose Commands """ def __init__(self, bot: Bot): self.bot = bot @Cog.listener() async def on_ready(self): print("Logged in as") print(self.bot.user.name) print(self.bot.user.id) print("------") message, *_ = latest.message.partition("\n") link = f"{next(repo.remote().urls)}/commit/{latest}" date = latest.authored_datetime.strftime("**%x** at **%X**") self.bot.log.info( "CyberDiscovery bot is now logged in.\n" f"Latest commit: **[{message}]({link})**" f"\nAuthor: **{latest.author}** on {date}" ) @Cog.listener() async def on_member_join(self, member): join_msg_channel = self.bot.get_channel(WELCOME_CHANNEL_ID) join_msg = await join_msg_channel.send(f"{member.mention}, {WELCOME_MESSAGE}") await join_msg.add_reaction('👋') @Cog.listener() async def on_member_remove(self, member): if member not in [ban.user for ban in await member.guild.bans()]: leave_msg_channel = self.bot.get_channel(WELCOME_CHANNEL_ID) await leave_msg_channel.send(f"**{member}** just left **Cyber Discovery**. Bye bye **{member}**...") @Cog.listener() async def on_member_ban(self, guild, user): ban_msg_channel = self.bot.get_channel(WELCOME_CHANNEL_ID) await ban_msg_channel.send(f"**{user}** was banned...") @Cog.listener() async def on_command_error(self, ctx, error): # Try provide some user feedback instead of logging all errors. if isinstance(error, commands.CommandNotFound): return # No need to log unfound commands anywhere or return feedback if isinstance(error, commands.MissingRequiredArgument): # Missing arguments are likely human error so do not need logging parameter_name = error.param.name return await ctx.send( f"\N{NO ENTRY SIGN} Required argument {parameter_name} was missing" ) elif isinstance(error, commands.CheckFailure): return await ctx.send( "\N{NO ENTRY SIGN} You do not have permission to use that command" ) elif isinstance(error, commands.CommandOnCooldown): retry_after = round(error.retry_after) return await ctx.send( f"\N{HOURGLASS} Command is on cooldown, try again after {retry_after} seconds" ) # All errors below this need reporting and so do not return if isinstance(error, commands.ArgumentParsingError): # Provide feedback & report error await ctx.send( "\N{NO ENTRY SIGN} An issue occurred while attempting to parse an argument" ) elif isinstance(error, commands.BadArgument): await ctx.send("\N{NO ENTRY SIGN} Conversion of an argument failed") else: await ctx.send( "\N{NO ENTRY SIGN} An error occured during execution, the error has been reported." ) extra_context = { "discord_info": { "Channel": ctx.channel.mention, "User": ctx.author.mention, "Command": ctx.message.content, } } if ctx.guild is not None: # We are NOT in a DM extra_context["discord_info"]["Message"] = ( f"[{ctx.message.id}](https://discordapp.com/channels/" f"{ctx.guild.id}/{ctx.channel.id}/{ctx.message.id})" ) else: extra_context["discord_info"]["Message"] = f"{ctx.message.id} (DM)" self.bot.log.exception(error, extra=extra_context) @command() async def bbcnews(self, ctx: Context): """ Returns a link to BBC News. """ await ctx.send("https://www.bbc.co.uk/iplayer/live/bbcnews") @command() async def skynews(self, ctx: Context): """ Returns a link to Sky News. """ await ctx.send("https://www.youtube.com/watch?v=9Auq9mYxFEE") @command() async def tos(self, ctx: Context): """ Returns a link to discord's terms of service. """ await ctx.send("https://www.discord.com/terms") async def setup(bot): await bot.add_cog(General(bot)) ================================================ FILE: cdbot/cogs/help.py ================================================ from discord import Colour, Embed from discord.ext import commands class EmbeddedHelpCommand(commands.HelpCommand): def __init__(self): super().__init__(command_attrs={'help': 'Gives detailed information about a command.'}) async def command_callback(self, ctx, *, command=None): if command is not None: for cog in ctx.bot.cogs: if str(command).casefold() == cog.casefold(): command = cog break return await super().command_callback(ctx, command=command) async def send_bot_help(self, mapping): ctx = self.context embed = Embed( color=Colour.blue(), description="Type ``:help [command]`` for more info on a command.\n" "You can also type " "``:help [category]`` for more info on a category." ) for cog in mapping.keys(): if cog is not None: if cog.get_commands(): embed.add_field(name=cog.qualified_name, value=f"``:help {cog.qualified_name.lower()}``") dm = await ctx.author.send(embed=embed) if ctx.guild is not None: embed = Embed( description=f"[**Jump to DM**]({dm.jump_url})" ) await ctx.send(f"{ctx.author.mention} help info sent to DMs", delete_after=10, embed=embed) await ctx.message.delete() async def send_cog_help(self, cog): ctx = self.context embed = Embed( color=Colour.blue(), title=cog.description, description="Type ``:help [command]`` for more info on a command.\n You can also type " "``:help [category]`` for more info on a different category." ) for command in cog.get_commands(): if command.hidden is not True: embed.add_field(name=f"``:{command.name}``", value=command.help) dm = await ctx.author.send(embed=embed) if ctx.guild is not None: embed = Embed( description=f"[**Jump to DM**]({dm.jump_url})" ) await ctx.send(f"{ctx.author.mention} help info sent to DMs", delete_after=10, embed=embed) await ctx.message.delete() async def send_command_help(self, command): ctx = self.context if command.hidden is not True: embed = Embed( color=Colour.blue(), title=f"``:{command.name}``", description=command.help ) embed.add_field(name="Usage", value=f"``:{command.name} {command.signature}``", inline=False) if command.aliases: embed.add_field(name="Aliases", value=", ".join(f'``:{alias}``' for alias in command.aliases), inline=False) await ctx.send(embed=embed) class Help(commands.Cog): def __init__(self, bot): self.bot = bot self.bot._original_help_command = bot.help_command bot.help_command = EmbeddedHelpCommand() bot.help_command.cog = self def cog_unload(self): self.bot.help_command = self.bot._original_help_command async def setup(bot): await bot.add_cog(Help(bot)) ================================================ FILE: cdbot/cogs/maths.py ================================================ """ Set of bot commands designed for Maths Challenges. """ import asyncio from io import BytesIO import aiohttp from PIL import Image from discord import Colour, Embed, File, Member, Message, Reaction from discord.ext.commands import Bot, Cog, Context, command from cdbot.constants import Maths as constants class Maths(Cog): """Maths-related commands.""" def __init__(self, bot: Bot): self.bot = bot @Cog.listener() async def on_message(self, message): """Check if the message contains inline LaTeX.""" if constants.LATEX_RE.findall(message.content): await self.latex_render( message.channel, message.channel.id, message, message.content ) @command() async def latex(self, ctx: Context, *, expression: str): """ Render a LaTeX expression with https://quicklatex.com/ """ await self.latex_render(ctx, ctx.channel.id, ctx.message, expression) async def latex_render( self, ctx: Context, channel: int, message: Message, expression: str ): if channel in constants.BLOCKED_CHANNELS: return await ctx.send( "\N{NO ENTRY SIGN} You cannot use this command in this channel!", delete_after=10, ) # Code and regexes taken from https://quicklatex.com/js/quicklatex.js # aiohttp seems to URL-encode things in a way quicklatex doesn't like if expression.startswith("...latex") or expression.startswith(":latex"): return formula = expression.replace("%", "%25").replace("&", "%26") preamble = constants.LATEX_PREAMBLE.replace("%", "%25").replace("&", "%26") body = "formula=" + formula body = body + "$$$$&fsize=50px" body = body + "&fcolor=ffffff" body = body + "&mode=0" body = body + "&out=1" body = body + "&errors=1" body = body + "&preamble=" + preamble border_width = 20 async with aiohttp.ClientSession() as session: async with session.post( "https://www.quicklatex.com/latex3.f", data=body ) as response: result = await response.text() m = constants.LATEX_RESPONSE_RE.match(result) if not m: return status, url, valign, imgw, imgh, errmsg = m.groups() if status == "0": async with session.get(url) as response: content = await response.content.read() img = Image.open(BytesIO(content)) alpha = img.convert("RGBA").split()[-1] image = Image.new( "RGB", (img.size[0] + 2 * border_width, img.size[1] + 2 * border_width), "#36393F", ) image.paste(img, (border_width, border_width), mask=alpha) image_bytes = BytesIO() image.save(image_bytes, format="PNG") image_bytes.seek(0) # send the resulting image and add a bin reaction rendered_message = await ctx.send( file=File(image_bytes, filename="result.png") ) await rendered_message.add_reaction("\N{WASTEBASKET}") # checks if the person who reacted was the original latex author and that they reacted with a bin def should_delete(reaction: Reaction, user: Member): return all( ( message.author == user, reaction.emoji == "\N{WASTEBASKET}", reaction.message.id == rendered_message.id, ) ) # if the latex author reacts with a bin within 30 secs of sending, delete the rendered image # otherwise delete the bin reaction try: await self.bot.wait_for( "reaction_add", check=should_delete, timeout=30 ) except asyncio.TimeoutError: await rendered_message.remove_reaction( "\N{WASTEBASKET}", self.bot.user ) else: await rendered_message.delete() else: embed = Embed( title="\N{WARNING SIGN} **LaTeX Compile Error** \N{WARNING SIGN}", colour=Colour(0xB33A3A), description=errmsg.replace("@", ""), ) return await ctx.send(embed=embed, delete_after=30) async def setup(bot): """ Required boilerplate for adding functionality of cog to bot. """ await bot.add_cog(Maths(bot)) ================================================ FILE: cdbot/constants.py ================================================ import base64 import re from os import environ DEPLOY = bool(environ.get("DEPLOY")) def getenv(name: str, fallback: str = "") -> str: """Return an (optionally base64-encoded) env var.""" variable = environ.get(name) if DEPLOY and variable is not None: variable = base64.b64decode(variable).decode() return variable or fallback class PostgreSQL: PGHOST = getenv("PGHOST") PGPORT = getenv("PGPORT") PGUSER = getenv("PGUSER") PGDATABASE = getenv("PGDATABASE") PGPASSWORD = getenv("PGPASSWORD") class Maths: LATEX_RE = re.compile(r"\${1,2}(.*?)\${1,2}", re.DOTALL) LATEX_RESPONSE_RE = re.compile(r"^([-]?\d+)\r?\n?(\S+)\s([-]?\d+)\s(\d+)\s(\d+)\r?\n?([\s\S]*)") LATEX_PREAMBLE = ( "\\usepackage{amsmath}\n" "\\usepackage{amssymb}\n" "\\usepackage{amsthm}\n" "\\usepackage{amsfonts}\n" "\\usepackage{mathtools}\n" "\\usepackage{stmaryrd}\n" "\\usepackage[utf8]{inputenc}\n" "\\usepackage{longtable}\n" "\n" "\\usepackage{graphicx}\n" "\\usepackage{subcaption}\n" "\\usepackage{caption}\n" "\n" "\\usepackage{booktabs}\n" "\\usepackage[separate-uncertainty]{siunitx}\n" "\\usepackage[version=4]{mhchem}\n" "\\usepackage{mathabx}\n" "\n" "\\newtheorem{theorem}{Theorem}[section]\n" "\\newtheorem{corollary}{Corollary}[theorem]\n" "\\newtheorem{procedure}{Procedure}[section]\n" "\\newtheorem{lemma}[theorem]{Lemma}\n" "\n" "\\theoremstyle{remark}\n" "\\newtheorem*{remark}{Remark}\n" "\n" "\\theoremstyle{definition}\n" "\\newtheorem{definition}{Definition}[section]") BLOCKED_CHANNELS = [411573884597436416] class Challenges: URL = "https://cms-kcl.cloud.contensis.com/api/delivery/projects/mathsSchool/entries/search?linkDepth=1" CHALLENGE_RE = re.compile(r"Challenge (\d+): .*") TOPIC = "Nerds, the lot of you | {0}" TOPIC_RE = re.compile(r"Challenge (\d+)") TOKEN = getenv("MATHS_TOKEN") CHANNEL = int(environ.get("MATHS_CHANNEL", "457923834893434881")) class Roles: class Elite: VET2018 = int(environ.get("2018_MEMBERS_ID", "453581429528461313")) VET2019 = int(environ.get("2019_MEMBERS_ID", "580387468336037888")) VET2020 = int(environ.get("2020_MEMBERS_ID", "715852962664153168")) VET2021 = int(environ.get("2021_MEMBERS_ID", "844211211553603654")) # Cyber Constants BOT_TOKEN = getenv("BOT_TOKEN") SENTRY_URL = getenv("SENTRY_URL") # Fun constants QUOTES_DELETION_QUOTA = int(environ.get("QUOTES_DELETION_QUOTA", "5")) QUOTES_CHANNEL_ID = int(environ.get("QUOTES_CHANNEL_ID", "463657120441696256")) QUOTES_BOT_ID = 292953664492929025 LOGGING_CHANNEL_ID = int(environ.get("LOGGING_CHANNEL_ID", "538494690601992212")) WELCOME_BOT_ID = 155149108183695360 CMA_LINKS = {"1": "https://cdn.discordapp.com/attachments/450107193820446722/492649412560945164/unknown.png", "2": "https://cdn.discordapp.com/attachments/450107193820446722/492649644623659014/unknown.png", "3": "https://cdn.discordapp.com/attachments/450107193820446722/492649912035573770/unknown.png", "3a": "https://cdn.discordapp.com/attachments/450107193820446722/492650366454857737/unknown.png", "3za": "https://cdn.discordapp.com/attachments/450107193820446722/492650170656489472/unknown.png", } REACT_EMOTES = ["\N{ONCOMING POLICE CAR}", "\N{DUCK}", "\U0001f645 \N{NO ENTRY} \N{CROSSED SWORDS}"] REACT_TRIGGERS = {"kali": REACT_EMOTES[0], "duck": REACT_EMOTES[1], "cybergame": "*CyberStart Game", "cyberstart access": "*CyberStart Assess", "cyberessentials": "*CyberStart Essentials", "cyberdiscovery game": "*CyberStart Game", "cyberdiscovery access": "*CyberStart Assess", "13.1": REACT_EMOTES[2], "bill gates": "Alan Turing?", "alan turing": "Bill Gates?", "sibelius": "https://i.imgur.com/PwgGWV8.png?1", "we are number one": "HEY!", "I can break these cuffs": "{mention}, you can't break those cuffs!", "ancestry.com": "https://i.imgur.com/DDqugBj.png"} WORD_MATCH_RE = r"^.*\b{}\b.*$" # General constants WELCOME_MESSAGE = ("Welcome to the Cyber Discovery discussion discord! Before you begin, please check the " "rules, roles and information in <#409853512185282561> to answer any questions.") WELCOME_CHANNEL_ID = int(environ.get("WELCOME_CHANNEL_ID", "411573884597436416")) # Misc roles HUNDRED_PERCENT_ROLE_ID = 640481360766697482 TRUE_HUNDRED_PERCENT_ROLE_ID = 640481628292120576 # Lists for administration STAFF_ROLE_ID = 450063890362138624 FAKE_ROLE_ID = 533826912712130580 STATIC_NICKNAME_ROLE_ID = 567259415393075210 CD_BOT_ROLE_ID = 543768819844251658 ADMIN_MENTOR_ROLE_ID = 502238208747110411 ROOT_ROLE_ID = int(environ.get("ROOT_MEMBERS_ID", "450113490590629888")) SUDO_ROLE_ID = int(environ.get("SUDO_MEMBERS_ID", "450113682542952451")) ADMIN_ROLES = ("Root", "Sudo") BANNED_DOMAINS = ["discord.gg", "discord.com"] HINTS_LIMIT = 8 CYBERDISC_ICON_URL = ( "https://pbs.twimg.com/profile_images/921313066515615745/fLEl2Gfa_400x400.jpg" ) ELITECOUNT_ENABLED = True LOCAL_DEBUGGING = bool(environ.get("LOCAL_DEBUGGING", False)) # Readme command constants README_SEND_ALIASES = ["create", "push", "generate", "send", "make", "build", "upload"] README_RECV_ALIASES = ["fetch", "get", "pull", "download", "retrieve", "dm", "dl"] END_README_MESSAGE = ( "**Can't see any of the above?**\nIf you can't see any of the rich embeds above, try the" " following: `Settings -> Text & Images -> Link Preview (Show website preview info from" " links pasted into that chat) -> ON`" ) BASE_ALIASES = { "Intern": ["intern", "i"], "Headquarters": ["headquarters", "main", "hq", "h"], "Moon": ["moonbase", "python", "moon", "m"], "Forensics": ["forensics", "f"], "Volcano": ["volcano", "v", "volc"], } # Admin Constants PLACEHOLDER_NICKNAME = "Valued server member" NICKNAME_PATTERNS = [ r"(discord\.gg/|discord\.com/invite/)", # invite links r"(nigg|ligma|fag|nazi|hitler|\bpaki\b)", # banned words r"(http(s)?:\/\/.)?(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)", # hyperlinks ] # Emoji Alphabet EMOJI_LETTERS = [ "\U0001f1e6\U0001f170\U0001F359", # A "\U0001f1e7\U0001f171", # B "\U0001f1e8\u262a\u00A9", # C "\U0001f1e9\u21a9", # D "\U0001f1ea\U0001f4e7", # E "\U0001f1eb", # F "\U0001f1ec\u26fd", # G "\U0001f1ed\u2653", # H "\U0001f1ee\u2139", # I "\U0001f1ef\u2614", # J "\U0001f1f0", # K "\U0001f1f1\U0001f552\U0001F462", # L "\U0001f1f2\u24c2\u24c2\u264f\u264d\u303d", # M "\U0001f1f3\U0001f4c8\U0001F3B5", # N "\U0001f1f4\U0001f17e\u2b55", # O "\U0001f1f5\U0001f17f", # P "\U0001f1f6", # Q "\U0001f1f7", # R "\U0001f1f8\U0001f4b0\u26a1\U0001F4B2", # S "\U0001f1f9\u271d\U0001F334", # T "\U0001f1fa\u26ce", # U "\U0001f1fb\u2648", # V "\U0001f1fc\u3030", # W "\U0001f1fd\u274e\u274c\u2716", # X "\U0001f1fe\U0001f331\u270C", # Y "\U0001f1ff\U0001f4a4", # Z "\u26ab\U0001f535\U0001f534\u26aa", # Whitespace alternatives "\u2755\u2757\u2763", # ! "\u2754\u2753", # ? "\U0001f4b2", # $ "\U000021aa", # ( "\U000021a9", # ) ] CHEATING_VIDEO = "https://cdn.discordapp.com/attachments/409860647170342919/922204571575660614/cheating_message.mp4" ================================================ FILE: cdbot/data/assess.json ================================================ [{ "title": "You spin me right round", "description": "One of our agents who has a love for vinyl has come across a rather unique record with a very odd looking album name. The band are known for their use of cryptic lyrics. Can you help figure out what decrypted album title is?", "difficulty": "Easy" }, { "title": "Movie time", "description": "Have you ever hidden something so well to only forget where you put it? One of our agents has done exactly this and can't remember where they have hidden the code needed to log in to their online streaming account. Help the agent find the code so they can start watching their playlist of movies.", "difficulty": "Easy" }, { "title": "On close inspection", "description": "The agency has been looking to purchase fidget spinners online for all of its employees. Whilst browsing around, we came across a website that sells the perfect spinner but we're curious to find out what all of the reviews say and not all of them are viewable. Can you help us uncover what the final reviewer is saying?", "difficulty": "Easy" }, { "title": "Bon voyage?", "description": "We've received intel that a lone hacker has somehow managed to sign into a staff portal at a major tour operator. The hacker seems to be helping themselves to staff discounts on flights all around the world. Can you help us find out how they are doing it before they book their next flight?", "difficulty": "Easy" }, { "title": "One smart cookie", "description": "One of our agents fancies themselves as a master baker and recently purchased a 3D printer to print a custom set of cookie cutters. The trouble is, the software used for the 3D printer seems to be malfunctioning and doesn't print out the shapes in their entirety. Can you find out what is going wrong so we can request a batch of cookies for the office?", "difficulty": "Medium" }, { "title": "Level up", "description": "One of the internets largest online retailers of retro games has asked for our help. It has come to light that a handful of users have been able to download games that are still on pre-release and should not yet be available for public download. We've gone ahead and purchased a few games, one of which is on pre-release. Can you figure out how we might download it so we can help fix this flaw? The flag is the filename of the download.", "difficulty": "Medium" }, { "title": "Night at the museum", "description": "The Museum of History has gotten in touch with the agency in regards to some odd-looking text discovered under a carving of Julius Caesar. Historians have told us that part of the text is written in ancient Latin but not all of it. Agent, can you help the museum decipher the text and uncover the mystery?", "difficulty": "Medium" }, { "title": "610enC0de'd Password", "description": "Our agents have found a server ran by black hat hackers they've been chasing for a while now. The hackers hide their illegal activities by encoding everything they do to cover their tracks ...we know we've got the username right but don't have the password and so can't login, can you help, agent?", "difficulty": "Medium" }, { "title": "Missing in action", "description": "We've got an emergency here agent! A hacker has gained access to a very old system of ours with some pretty poor code and made it even worse by breaking the output. Agents are securing the server but can you get it showing location data again? The hackers left some malware in place which only allows a single character change, else it resets. We need to see all agent locations ASAP, please help agent!", "difficulty": "Medium" }, { "title": "The thrill of the race", "description": "Three-time winner of the Go-Kart Grand Prix, Max Pitstop has been maliciously locked out of his changing room locker during a championship race by a rival driver! He's desperately in need of some lunch before the next session. We're lucky you are at the race, agent! Help Max get access to his locker before the next session begins!", "difficulty": "Hard" }, { "title": "LOL sandwich", "description": "A package containing ripped up pieces of paper with nothing but the letters 'L' and 'O' written on them has been received by the agency. A handful of recent graduates have tried to figure out what the code might mean but are having no luck in doing so. We need someone with a knowledge of older encryption methods to help, could this be you, agent?", "difficulty": "Hard" }, { "title": "Beep boop beep", "description": "Agent, we've located a factory in an abandoned industrial complex that has been taken over by robots! Intelligence suggests that they are using the factory to manufacture more robots to create an army and take over the world! We've got an agent at the scene trying to gain access to the factory floor via an entry panel but they're having no luck! We need you to assist them and crack the code before the robots take over!", "difficulty": "Hard" }, { "title": "Watt's up?", "description": "We've got an emergency on our hands! The National Power Network have called us in to help fix a problem affecting a group of power plants in the south east of the country. Their main dashboard of operations is not receiving the correct information for each of the power plants which could result in a huge black-out across the region! Agent, we need you to figure out what's going on and fix it quick!", "difficulty": "Extreme" }, { "title": "A test of intelligence", "description": "We've got some thrilling news to share with you, agent! Archaeologists in Egypt have uncovered what appears to be a gate capable of interstellar transportation! You can imagine how excited the archaeologists were to try it out only to find that there is a test needed to pass before they can step through it and visit new worlds. There are teams all over the world working on how to pass this 'test of intelligence' and are yet to figure it out. This is a tough one agent, and we're sending you, our best to crack this puzzle! We believe in you!", "difficulty": "Extreme" }] ================================================ FILE: cdbot/data/game.json ================================================ { "Intern": [ [ { "title": "Hello World", "description": "We've found a profile page of a known hacker that we need to get in contact with but most of the information visible on the page is useless to us. However, there is one secret real way to contact him that he's managed to inject on the page - a hidden email address. Intern, we need you to find his email address!", "tips": [ "Tip: The email address is the flag." ] }, { "title": "Mixed Up Messages", "description": "We've been informed that a group of hackers are communicating cryptically on a social media site.\n\nTheir messages have been getting increasingly cryptic; so much so that all of the posts now look jumbled up and don't seem to make any sense!\n\nWe've found one post that we believe contains an important secret, and we need you to find out what that secret is so we can be ready to stop a possible cyber attack!", "tips": [ "Tip: The secret is the flag." ] }, { "title": "Social Engineering", "description": "Permission has been granted to try and log into the Chirp social media account of a hacker who goes by the name of D4YDR3AM. Luckily for us. they've been clumsy with their personal information. We know their dog's name is Barkley and they were born in 1993. Can you use what we know about them to guess their password and get us into their account?", "tips": [ "Tip: Get the flag by guessing the correct password to sign into the account." ] }, { "title": "Lazy Locked Login", "description": "Our Dutch office recently bought a new Internet of Things (IoT) connected fridge. However, the temperature settings have been widely fluctuating as of late. All agents are currently out in the field and too busy to fix the problem.\n\nWe know there is a remotely accessible technician's page where fridge settings can be modified, and that the fridge's login page isn't very secure. It was easy enough to find the username and password, but the form still has some very lazy extra protection. Intern, can you see if the rumours are true, fix our fridge, and help us verify this reported security vulnerability?", "tips": [ "Tip: Successfully login to get the flag." ] } ], [ { "title": "610enC0de'd Password", "description": "Agents believe they have found a server belonging to a gang called the Yakoottees. If we can get access to it who knows what information we can gather on them! So far the Yakoottees have been very successful hiding their activities by encoding everything they do. We've found their server but don't have the password and so can't login. Can you help, intern?", "tips": [ "Tip: Login to the server to get the flag." ] }, { "title": "Spinlock", "description": "A large bank has refitted all of their vaults with the new SpinLock Extreme. As fancy as it sounds we believe it has a rather critical vulnerability, one we think the Yakoottees have been exploiting in a series of recent bank robberies.\n\nThe physical vault itself requires a special keycard to be inserted which, after checking the authenticity of the card, re-aligns the circular locking mechanism to unlock it and updates the interface to show it's unlocked. However, we believe that the organisation has been remote accessing the interface on the vault, and unlocking the vault by doing it in reverse: getting the interface to unlock, which unlocks the physical vault itself. If we can confirm the method, we'll be one step closer to understanding how this cyber gang operates!", "tips": [ "Tip: Unlock the vault to get the flag." ] }, { "title": "Traffic Jam", "description": "Can you believe it, we think the Yakoottees are now planning to disrupt the flow of traffic in a major city! We need to find the URL of a forum they're using to communicate with each other. Can you figure out what the URL is?", "tips": [ "Tip: Find the url of the forum to get the flag." ] }, { "title": "Start-Up Troubles", "description": "A successful new start-up that sells electric scooters has discovered a handful of their customers' accounts have been hacked! And guess who we believe might be behind it? Yep, you've guessed it, the Yakoottees. Having only just entered the market and keen to maintain their otherwise excellent reputation, this business needs our help to run a security audit of their login system. Can you spot any security holes?", "tips": [ "Tip: Successfully login to get the flag." ] } ], [ { "title": "Hextraordinary", "description": "Intern, the agency have been in contact with a rival hacker to a new, secretive gang of hackers who goes by the name \"ROXy\". She specializes in short, cryptic, hard to decipher secret codes.", "tips": [ "Tip: The flag is the secret code." ] }, { "title": "Maths at Light Speed", "description": "Intern, I hope you know how to use a calculator? Of course you do. So, in theory you should be able to bypass a security gateway to a warehouse we believe holds clues to the whereabouts of a gang we are in hot pursuit of. The thing is, the gateway was created by someone who loves doing everything super fast! That means you only get 0.1 seconds to answer the question asked by the gateway. Can you find a way around it?", "tips": [ "Tip: Bypass the calculator lock to get the flag." ] }, { "title": "Off Balance", "description": "We're hot on the heels of catching this cyber gang but the closer we get the more damage they try to inflict onto the Barcelona tourism industry! This time, they've hacked into a large international bank's mobile application. Customers of the bank are complaining they can't see their current balance. Intern, help customers retrieve their balances so they can continue to spend their money during their well-earned holidays!", "tips": [] }, { "title": "The Final Countdown", "description": "The main tourism website for Barcelona has been hacked. They've devised a program that changes the content of the website based on a timer. You can imagine the confusion this has been causing the sites visitors! Can you figure out how we can get the secret code to stop this program from running?", "tips": [ "Tip: The characters at the 5 URLs change quickly, but computers can be far quicker than humans, especially when getting data!" ] } ] ], "Headquarters": [ [ { "title": "Social Secret", "description": "Agent, we think we might have a way to log into a social media account of one of the gang using the site's password reset form. We have two key pieces of information: his username and his favourite color. We just need his age and we'll be able to log in - can you guess it from the information we already have?", "tips": [ "Tip: Get the age correct and submit the form to get the flag." ] }, { "title": "Broken Banks", "description": "Agent, it looks like the gang are trying to raise some money to fund their plans - and they're doing so by sending fake banking emails to the customers of their bike shop to try and defraud them. Take a look at this email we intercepted, it's seemingly from a well known bank, but can you spot anything suspicious with it?", "tips": [ "Tip: Click on the part of the suspicious email that makes you think it's fake and you'll get the flag." ] }, { "title": "Happy Customers", "description": "During our initial analysis of the gang we noticed something strange - they created lists of their customers and shared it between their bike shops, and each customer had a unique pattern of numbers after their name. One of our agents thinks the pattern of numbers might be encoded words. We also noticed the numbers never went above 26, that might be relevant. Can you work out what it means?", "tips": [ "Tip: Decode the message to get the flag." ] }, { "title": "Race To Where", "description": "Here's an interesting one for you agent - on the weekend the gang released what looks like a one page website advertising an upcoming bike race they're organising. Being cyber detectives we're naturally curious that things might not be as they seem. Have a look at the site - it looks like there are just two images on the page, a logo and the poster, can you find anything suspicious, maybe some text?", "tips": [ "Tip: Find the hidden clue and it'll lead you to the flag." ] }, { "title": "Mixed Messages", "description": "Our team have been monitoring some text message chatter between two of the senior gang members over the last week. There was nothing interesting of note until suddenly all their messages started coming through mixed up.\n\nAt first we thought it might be a technical problem, but then it occurred to us that they might be deliberately encoding the messages somehow.\n\nI've had one of the agents forward you one of the messages, see if you can decode it.", "tips": [ "Tip: Decode the message, we think it mentions two colors, combine them (e.g. redgreen) and that's the flag." ] }, { "title": "Executable", "description": "Agent, quick question for you. One of the team sent me a screenshot of his filesystem browser with a bunch of files she recovered from a memory stick one of the gang discarded. She's asking if any of them are executable files. Take a look and let me know.", "tips": [ "Tip: The name of the executable file (including the extension) is the flag." ] }, { "title": "Secret Caesar", "description": "Our agents have been reviewing some documents they recovered from one of The Slootmaekers bike shops and they came across an order form for a set of six bikes which looks a little odd.\n\nWe think the six bike reference numbers might be encrypted with a Caesar Cipher (which is where the letters are shifted along by a certain offset, e.g. if the letter is A and the offset is 2 it will become C), and we've got some intel that one of them contains a code that starts with the word \"BAR\". We've worked out that the offset for each code is determined by the order quantity. See if you can use that to break the encryption and find the hidden code.", "tips": [ "Tip: The decrypted reference number containing the word BAR is the flag." ] }, { "title": "Hidden Report", "description": "One of the ways we've been investigating the gang and their bike shop is by actually buying products from them online. We've spotted a piece of functionality that we think might be exploitable, allowing us to get more information on other customers (some of which we think might actually be helping them with their plans to steal the eBikes).\n\nHave a look at our account page on the site, it allows you to generate a report of your transactions. See if you can find a way to view a transaction report for the very first user of the site.", "tips": [ "Tip: Find the report for the first user of the site and you'll get the flag." ] }, { "title": "Bike Fan", "description": "Quick task for you agent, one of the gang, Lars De Vries, has a site where he posts pictures of bikes he likes. Recently we've noticed some of the images are broken and he hasn't fixed it. Seems odd. Take a look at this page and see if you can get the image to show, perhaps take a look at the source code of the page and see if anything doesn't look right.", "tips": [ "Tip: Find a way to get the image to show and you'll find the flag." ] }, { "title": "Horrible Hats", "description": "One of our agents has noticed something a little strange that she thought you might be able to look into. The Slootmaekers have a cycle hat creator tool on their website which allows you to select a combination of up to eight colors to go into a custom hat design. The tool itself didn't seem strange until we noticed the gang were sending each other links to hat color combinations they'd created on a regular basis that were a bit dull and had no other comment. It seems a little odd and we think they might be using it to hide secret messages.\n\nWe've managed to get hold of an example output page which we think contains a secret code word the gang are using in other communications. If we could figure out that word it would really help us discover what their bigger plans are.", "tips": [ "Tip: See if you can convert the color RGB numbers into letters using the included ASCII table to get the flag." ] }, { "title": "Tower of Wheels", "description": "So, this is strange - our undercover agent noticed that one of the gang has left a set of bike wheels set up in his workshop like a Tower of Hanoi puzzle. We think it's wired up to his computer and might reveal something if our agent can complete the puzzle.\n\nWe've mocked up the puzzle for you to try using JavaScript. You can move the wheels by entering the following command: move(, ), where the or values can be \"left\", \"mid\", or \"right\". For example, to move a wheel from the middle lane to the left lane you need to type: move(\"mid\", \"left\"). If you get stuck type \"reset\" to start again.", "tips": [ "Tip: Complete the puzzle to get the flag." ] }, { "title": "Binary Bike Lock", "description": "Well, this gang loves their technology and bikes so much that they've combined them to make a custom bike lock!\n\nWe're concerned they're going to use this lock technology as part of the bigger bike heist, so it's worth us taking the time to try and figure out how to crack them now.\n\nTake a look at this lock and see if you can unlock it.", "tips": [ "Tip: Unlock the bike lock to get the flag." ] } ], [ { "title": "Decryption Ring", "description": "Things are really starting to get busy - the Slootmaekers seem to be in the final stages of preparing the heist, we need to move quickly! We've just received a message back from one of our undercover agents with details of where they're planning to start their heist. It's encrypted with a Caesar Cipher, but we can't remember what he said he was going to use as the offset and can't seem to get hold of him again. We've put the message into our Caesar Cipher decryption tool, see if you can use it to decrypt the text and read the message.", "tips": [ "Tip: Decrypt the message by dragging the green slider, the flag is the name of the bike manufacturer." ] }, { "title": "Loopy Login", "description": "Quick piece of analysis for you to do agent. We think there is something suspicious about the login form on the Slootmaekers website. Can you see what it is?", "tips": [ "Tip: Click on the suspicious thing to get the flag." ] }, { "title": "Secret Pages", "description": "You're now well aware of the Slootmaekers supposedly legit business, the Bike Factory. Evidence is mounting up that the business, and especially its website, have quite a few things to hide. We've just had a tip-off that there's a secret page on the website with some interesting information about when the gang plan to attempt the eBike heist. Problem is, it seems to be restricted. Can you get access?", "tips": [ "Tip: Get access to the page to get the flag." ] }, { "title": "Too Much Text", "description": "Ok, this is really weird, one of the gang just emailed every other gang member a HUGE text file with loads of random Latin text in it. There must be a secret code hidden in it, right?", "tips": [ "Tip: Find the secret code, that's the flag." ] }, { "title": "More Broken Bicycles", "description": "Remember Lars cycling fan site from the last floor? Well, we thought we'd figured out what the issue was with the broken images on the site, but on this page that we've just come across all the images already have file extensions, but one is still broken. Can you see what's wrong?", "tips": [ "Tip: Get the image to show to get the flag." ] }, { "title": "Broken Click", "description": "Here's a weird one agent, there's now a link on the Slootmaekers login page for an admin login. We wanted to take a look but the link doesn't seem to work. Can you figure out how to get to it?", "tips": [ "Tip: Get to the admin login page to get the flag." ] }, { "title": "Hard Hash", "description": "Agent D from our cryptography department has just sent me this hash she intercepted from an exchange between two Slootmaeker gang members. She thought it might be a good task for a smart agent like yourself to figure out.", "tips": [ "Tip: Maybe someone has already figured out what this is a hash of. Sometimes the work of the CPA starts with an internet search." ] }, { "title": "Encrypted Message", "description": "We have an undercover agent in one of the Slootmaekers bike shops, posing as a bike mechanic. We need to send him an urgent message but the only phone he has is one the gang gave him and may be monitoring. We have a specific Substitution Cipher we can use - quickly encode the message and send it.", "tips": [ "Tip: Correctly encrypt the message and send it to get the flag." ] }, { "title": "Fingerprints", "description": "We've found a secret lock-up used by the gang, a big breakthrough! One small problem, it uses an electronic keypad and requires a four digit pin.\n\nWe've noticed four of the numbers have fingerprints on and we've discovered that the lock only allows you to use each number once (i.e. you can't do 7777). Can you use that information to guess the right code? There are still quite a few possible combinations so you'll need to be systematic about it.", "tips": [ "Tip: Get the right code to get the flag." ] }, { "title": "Useful Hack", "description": "Agent, we really need to log in to the Slootmaekers site as one of the gang - it looks like it has functionality for them to exchange messages about their heist plans. Time is running out and we need to know what they're saying.\n\nWe don't have a username and password combination for any of the gang members, but it just occurred to one of our agents that a big popular dutch social media site called Gellukkig was recently hacked and a bunch of username and password combinations posted online. There's a small chance one of those was one of the gang members and they've re-used the details for the login on the site.", "tips": [ "Tip: Login to the site as a gang member to get the flag." ] }, { "title": "Under Attack", "description": "It looks like part of the heist is underway, they're trying to hack the Amsterdam City Bike Initiative servers as we speak! We need to help them out, see if you can change the server configuration settings to make the server login rules more secure.", "tips": [ "Tip: Change the settings correctly to get the flag." ] }, { "title": "User Who", "description": "Urgent request - one of our agents is currently at a Slootmaeker hideout and we know the rest of the gang are on their way back there. He's found a computer they've been using and managed to gain access to their Linux server through the use of an exploit - but we don't know which user he's been able to log in as, and we need to know before he runs out of time. We've patched you in to his screen - see if you can find out.", "tips": [ "Tip: Get the username, that's the flag." ] } ], [ { "title": "A Secret Rendezvous", "description": "Yesterday we intercepted some code passed between two Chopper gang members - Ibert and Dante. We believe it mentions the location of a secret meeting to discuss plans to hack into their competitors' computers.\n\nFortunately, we know it uses the Columnar Transposition Cipher and have a CPA tool to help you crack it. We've loaded the code into the tool. Give it a try and see if you can decrypt the message.", "tips": [ "Tip: The flag is the city they will be meeting in." ] }, { "title": "Lucky Throw", "description": "Whilst taking a look around The Choppers' intranet site, one of our agents found a game that gang members like to play to pass a little time. We need you to find out how the game is won so we can better assess the capabilities of gang members problem solving skills.", "tips": [ "Tip: If you figure it out and you're persistent enough, you'll see the flag!" ] }, { "title": "Chopper Check-in", "description": "For this assignment we need your help keeping an eye on the gang. One of our agents wants to remotely access their computers but only when they are not around to see.\n\nWe've discovered that today is one of the gang member's birthday party but we don't know where it is. If we knew we could send an agent along to check they were all there.\n\nOne of the gang, Sannfred, uses a location check-in site called Circle. Perhaps you could take a look at his profile to see where the party is?", "tips": [ "Tip: The challenge flag is the number of the building." ] }, { "title": "Confused", "description": "Recruit, we've intercepted some chatter between Chopper gang members talking about one of their competitor's machines. They all have unique identifiers and we think one of those identifiers is hidden in some code we found. One of the other agents has emailed it to you. Take a look and see if you can find the identifier.", "tips": [ "Tip: The identifier is the flag you need." ] }, { "title": "Secret Source", "description": "It looks like the gang has a lot of information we might find useful on their intranet; probably details of how they intend to break into their competitors' computer systems to look for the plans to their better felling machine. It would be especially useful if we could log in as their main developer, Aksel.\n\nSometimes developers can be a little bit lazy and leave information in the source code of a page that might be revealing. Perhaps you could take a look and see if there's anything Aksel left that might help you log in.", "tips": [ "Tip: To get the challenge flag you need to successfully login." ] }, { "title": "Corrupted", "description": "An agent in the field managed to get access to an XML file that he believes belonged to one of The Chopper gang members. It looks corrupted so he's sent it to us for analysis.\n\nHave a look in the file and see if you can get it working.", "tips": [ "Tip: The flag to complete the challenge is on the last line of the file." ] }, { "title": "Route into the Router", "description": "Good news, we've managed to get access to the login page for one of the gang's home routers. Useful... if only we knew the username and password. I wonder if they've been lazy and left the router's default username and password active? The router is just a standard Nethub 5000.", "tips": [ "Tip: Find the correct username and password then login, to get the flag." ] }, { "title": "Password Postulation", "description": "One of our agents was recently able to get hold of a username and password that one of The Chopper gang uses to access their company intranet. However, before he was able to use it to log in they implemented a change in their password policy.\n\nThe old password is \"evergreen\", and we've heard the new password policy requires a capital letter and number. Perhaps you could guess what he changed it to and help us get access?", "tips": [ "Tip: To get the challenge flag you need to successfully login." ] }, { "title": "Snake Charmer", "description": "We've just intercepted an email from one of the gang members with a file attached called \"passgen.py\". It looks like a Python script.\n\nWe've heard that the gang is looking for a way to make their passwords more secure, perhaps using code like this to generate them. See if you can run the code so we know exactly what it does.", "tips": [ "Tip: The output from the code is the flag you need." ] }, { "title": "The Competitor Revealed", "description": "We've intercepted some encrypted text from one of the gang members, which we think might include the name of the competitor company that they intend to target.\n\nLuckily, we also know it uses a letter Substitution Cipher and CPA has our very own tool for breaking this kind of encryption. Use it to try and work out what the text says.", "tips": [ "Tip: The flag is the name of the competitor company." ] }, { "title": "Big Transfer", "description": "Agent, we've just intercepted a message between two of The Choppers talking about how they intend to steal money from the bank account of a different competitor to fund their plans.\n\nIt said they've found a weakness in the money transfer tool on the Global Bank website. We've just successfully put through a test transfer, can you prove it's vulnerable by transferring 1000 to a bank account called cpatestreceiver from cpatestsender.", "tips": [ "Tip: Sometimes URLs can be manipulated to bypass security." ] }, { "title": "Dante In Command?", "description": "We found a file in an intercepted email from one of The Chopper gang members, Dante, but it needs to be run from the command line in order to make it work.\n\nWe think it might be a program the gang are writing to gain access to their competitors' computers, so it's important we check it out.", "tips": [ "Tip: Run the program from the command line; the flag will be in the output." ] } ], [ { "title": "A Helping Hand", "description": "This morning I received a message from my counterpart in another agency. It seems they've been monitoring The Choppers too.\n\nHelpfully they've sent us over an extract from a report one of their agents wrote, which they thought might be of use to us. Unhelpfully it's a PDF and much of the sensitive information has been redacted. Maybe you could find a way to see what it says.", "tips": [ "Tip: We think it contains one of the gang's passwords - that's the flag." ] }, { "title": "Arnold Chopper?", "description": "A few days ago one of our field agents, who is now working undercover for The Choppers, found two pages of a book ripped out and left on a table.\n\nWe weren't sure if it meant anything, but then today we intercepted an email containing some cryptic code. It looks like the gang is getting smarter with its encrypted messages and is now using Arnold Ciphers.\n\nSee if you can use the intercepted code and the two pages of the book to discover what it means.", "tips": [ "Tip: We believe the message contains a code, that's the flag." ] }, { "title": "Photobomb", "description": "Our team have been monitoring The Choppers' web traffic and it seems they've been spending a lot of time on a photo-sharing site, especially one particular page. Did you know you can hide a message inside a file? Maybe this image contains a hidden message. Why don't you take a look and see if you can find out?", "tips": [ "Tip: The flag is in the image." ] }, { "title": "Upgrades? Paaa!", "description": "It looks like The Choppers know they need to improve their security set-up, as recently we've been unable to log in to their intranet and they've been making a few changes to their security.\nThey have rewritten their login form to use slightly improved JavaScript, but it doesn't seem to be much more secure. Maybe you could change some of the JavaScript on the login page to see if you can log us back in.\nTip: Log in successfully to get the flag.\n\nThey have rewritten their login form to use slightly improved JavaScript, but it doesn't seem to be much more secure. Maybe you could change some of the JavaScript on the login page to see if you can log us back in.\nTip: Log in successfully to get the flag.", "tips": [ "Tip: Log in successfully to get the flag.\n" ] }, { "title": "A Dangerous Contact", "description": "During our research into The Choppers, we noticed that their website has a contact page with a form for getting in touch. Our agents want to know whether it might be vulnerable to SQL injection.\n\nSee if you can put the SQL code in the right order. If you do, the data should appear in the console at the top of the page. This will contain the information we're looking for - a list of all previously submitted messages.", "tips": [ "Tip: The flag is the last name of the most recent person to send a message through the form." ] }, { "title": "Maggie's File", "description": "Our field agent has managed to get some login details from one of the gang, Magdalina. We believe she uses the details to SSH into a remote server to view a particular file that might be important.\n\nThese are the details we have:\n\nIP address: 192.162.132.199\nUsername: maggie\nPassword: ubersecurepw\n\nWhy don't you try it yourself using the secure terminal we've provided and see what you find.", "tips": [ "Tip: The terminal uses non-default implementation of OpenSSH and only accepts common formats. The flag is the name of the file." ] }, { "title": "Bendikke Loves Axes", "description": "Whilst doing some background research on one of the gang members, Bendikke, we discovered that she writes a blog all about axes. We suspect she might be using the backend of the blogging tool to store information about how they plan to attack their competitors and, more importantly, the specific machinery blueprints they are after. If we knew that, it would really help us foil the gang's plans.\n\nSee if you can find the login page on the blog and use some of the techniques you've learned already to break in.", "tips": [ "Tip: If you successfully log in you'll get the flag!" ] }, { "title": "Phishing For Flemming", "description": "In our background research on one of the gang members, Flemming, we discovered their profile page on Ansikt, a Norwegian social media site.\n\nLuckily he's written all the details in English. We thought we might use them to create a phishing email and send it to him to try and get some further information, like his home address.\n\nTake a look at the profile, then create the phishing email with the right details, hit \"Send email\", and see if he sends anything back.", "tips": [ "Tip: Get all the details right, otherwise you can't send the email. When you do, you'll get the flag." ] }, { "title": "Lockdown", "description": "It looks like The Choppers might know we're trying to get into their intranet.\n\nThey've currently got it locked down by disabling the login form. We still have a correct username and password - can you find a way to get in?\n\nTip: Log in successfully and you'll get the flag.", "tips": [ "Tip: Log in successfully and you'll get the flag." ] }, { "title": "Lost But Not Forgotten", "description": "We've recovered a bunch of .gif files from an old hard drive one of the gang members threw out. We thought they were innocent enough until we started wondering whether they were all actually GIF files.\n\nCheck your email, download the files and see if you can find out what's going on.", "tips": [ "Tip: The flag is in one of the files." ] }, { "title": "Cookie Jar", "description": "Now that we've gained access to The Choppers' intranet site it has dawned on us that they might have more than one level of user. If we could log in as an admin user it might allow us to see much more.\n\nSometimes you can change the session cookie to achieve that, and admins often have an ID of 0. Why don't you give it a try?", "tips": [ "Tip: Use the browser extension to help modify the cookie. If you're able to change your access to admin level the code will appear." ] }, { "title": "Bad Kitty", "description": "For weeks now The Chopper gang members have been passing animated gifs of kittens backwards and forwards in a chat room app called KittyLitter. We thought they were just messing around, until one of our agents noticed something interesting in one of the GIFs.\n\nTake a look at the gifs in this message thread and see if you can figure out what it is. Oh, by the way, one of the agents mentioned there are websites and online tools to help you investigate fast-moving GIF files.", "tips": [ "Tip: The flag is what you discover!" ] } ], [ { "title": "Perplexed By Pixels", "description": "The Yakoottees love their cars. And so you'd expect that they might send each other car photos, images and even art. But recently we intercepted something strange: a pixel drawing of a car. What's strange about it? One of the gang, Kanako, sent two copies of it to another gang member. After some initial analysis we noticed some slight variations in colour in a selection of pixels.\n\nOne of the team has already built a comparison tool but he's just been reassigned to another urgent project. Perhaps you could take a look at what he's built and finish the analysis.", "tips": [ "Tip: Calculate the differences, convert it with the ASCII table, and that's your flag." ] }, { "title": "Word On The Street", "description": "We've been monitoring the Yakoottees for a while now, ever since we first came across one of their team trying to hack into large car manufacturers. Two of the gang members have recently started sending each other emails containing what we thought were zip files. But here's the thing, the emails don't contain any words and we can't seem to open the files. Why don't you take a look?", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Shinji's Drone", "description": "Yesterday we spotted a Yakoottees gang member checking out the Superspin HQ, seemingly on a reconnaissance mission. He was seen flying a drone around the building with a video camera attached to it and we've since discovered that he put that video up on his personal site to share with other gang members. We know his username is \"shinji\" - if we could get in and take a look at the video, we might know better where they intend to target.\n\nCheck out the login page on his site and see if you can break in.", "tips": [ "Tip: Log in successfully to get the flag." ] }, { "title": "Out Of Sight", "description": "Well, that's a bit of luck. We've managed to get our hands on some details that allowed us to SSH into one of the Yakoottees private servers. They're a sophisticated gang, so they've probably hidden a few files in there. We've got you into their server, have a look and see if you can find anything.", "tips": [ "Tip: The flag is in a file somewhere on the server." ] }, { "title": "Zapped", "description": "The gang have been using a lesser-known chat app called ChatZap to communicate. We know one of the usernames (kanako) but not the password. If we could get access we might be able to see what they're saying.\n\nIt's not a great site and the security is average at best. Look at the login page - they do SHA1 hash their passwords but leave them in plain sight in the source code. See if you can use that to get in.", "tips": [ "Tip: Gain access to get the flag." ] }, { "title": "File Found", "description": "Whilst monitoring one of the gang, Ryosuke, we came across a file that he posted online. The problem is, the file doesn't seem to be opening. Take a look and see if you can work it out.", "tips": [ "Tip: The flag is in the file." ] }, { "title": "Shopping For Secrets", "description": "An agent on Level 05 has told us about another big hack he's working on. Apparently someone broke into a popular shopping site, stole all the usernames and passwords and was going to post them online. Luckily, we got to them first and recovered the details. Why is this important? Well, it seems one of the Yakoottees was a member of that site.\n\nHe typically uses one of these three usernames: kazuya, kaz_whizz, kazuya99. We've put the recovered data on one of our servers. We've given you access, so see if you can find him on there. If we knew the password he uses maybe we can use that later.", "tips": [ "Tip: The flag is his password." ] }, { "title": "Rattlesnake", "description": "Well, one thing is for sure, the Yakoottees' scripting language of choice is Python. We've intercepted a lot of Python files from all over the place. So many, in fact, that we need someone to look at them and see what they do. Can have a look at this one to find out what it does?", "tips": [ "Tip: The flag is in the file." ] }, { "title": "Yakoo Cars", "description": "The Yakoottees aren't just a criminal gang, they're also a group of talented car engineers. Their organisation has a front - a high-end car repair shop called Yakoo Cars.\n\nNaturally, we took a thorough look through their website to see if we could find anything interesting. One thing we found was a little strange: an empty page. Empty, apart from a message saying \"Error. Cookie `user` expected.\". Ordinarily we wouldn't think anything of it, but the page name is \"Secret\", so we should investigate.\n\nWe think only the boss Yaka Matsu should have access. Take a look and see if you can get around the cookie issue.", "tips": [ "Tip: Use the browser extension to help add a new cookie." ] }, { "title": "T-Shirt Trivia", "description": "The Yakoottees have a number of side businesses that they use to launder money. One of them is an online T-shirt business. We've been monitoring the site to look for unusual activity and yesterday a T-shirt went up for sale and then ten minutes later was taken down. Luckily we've been running a tool, which takes copies of all new pages before they get removed.\n\nThere's something odd about this page. The T-shirt for sale doesn't seem to be designed like the rest (which mostly feature cars); this one has what looks like a QR code on it. Take a look and see what you think.", "tips": [ "Tip: Read the code to get the flag." ] }, { "title": "Baffled By Browsers", "description": "Whilst monitoring the gang's web traffic, we noticed they've been visiting one particular page quite a lot. When we try we get rejected immediately without it even asking for a username or password.\n\nOur field agent, who is working for the Yakoottees undercover, thinks it might be something to do with a particular browser that the gang built themselves called \"Orion\". Time for you to investigate. Try looking for a developer tool in the browser to help you out.", "tips": [ "Tip: To get the flag, get access to the page!" ] }, { "title": "Dangerous Comment", "description": "One of the Yakoottees, Haruka, recently created a site where she posts photos of her favourite cars. We think it might be a front to store files containing their plans to break into the Superspin factory. Each page has a form on it where you can post comments. Try and use the form on this particular page to use command injection and find any files hidden in the same directory. Remember, to inject code you need to include two commands by including a semi-colon.", "tips": [ "Tip: One of the files has the flag in it." ] } ], [ { "title": "Rezapped", "description": "Remember ChatZap from a previous challenge? We need to get back in but it looks like they've changed their security. Take a look.", "tips": [ "Tip: Log back in to get the flag." ] }, { "title": "Truck Stop", "description": "Recruit, we're sending you into the field for the first time! We think you're ready, so don't let us down.\n\nHere's the situation. We know a group of the Yakoottees are heading to a nearby depot to steal a truck, which they are going to use to transport the supercar prototype without anyone seeing. We want to get in to the depot first and wait for them. However, we can't get hold of the depot's owners and the front gate uses a sophisticated locking system.\n\nWe know the Yakoottees have the code already, we need to crack it fast!", "tips": [ "Tip: Crack the code for the flag." ] }, { "title": "Meeting Momoko", "description": "Our field agents decided to make a move and pick up one of the Yakoottees, Momoko. We believe she was in charge of picking up some equipment that the gang needed to break in.\n\nUnfortunately, when they got there she'd gone. But they did find a post-it note with a cryptic code on it. On reviewing the surveillance tapes, it seems someone stuck it on her door a few minutes before she left. We think it might be a meet-up location. Can you crack the code for us?", "tips": [ "Tip: Crack the code, it's the flag!\n " ] }, { "title": "Lost Key", "description": "Our agent on the ground noticed a USB key discarded outside The Yakoottees' garage and he's just uploaded the files for analysis. It's probably nothing important; they just look like innocent jpg files. One looks corrupt, however. Can you take a look just to be sure we don't miss anything?", "tips": [ "Tip: The flag is in the file." ] }, { "title": "Running Man", "description": "The Yakoottees are preparing their break-in, so we're doing a full review of everything they have running. We found a service running on the server services.cyberprotection.agency, port 8203. Connect to the service and find what is on there to see if it's related.", "tips": [ "Tip: Connect and look at the banner for the flag." ] }, { "title": "Heroka's DB", "description": "In the previous level you may have been part of the investigation into Heroka. She recently created a site where she posts photos of her favourite cars. That investigation revealed that the site was vulnerable to injection and that she's been hiding details about their plans there.\n\nWe think that some results from a search of the site are also hidden unless you're logged in. We don't have any login details, so perhaps you could use SQL injection to get all the results. Think about which SQL query is run when you submit the search form.", "tips": [ "Tip: Get the full results and then you'll get the flag!" ] }, { "title": "Hush Fund", "description": "It looks like the Yakoottees are preparing for an attack and the senior members of the gang seem to be providing the funds. We've intercepted a message containing what we think are bank details, but they're encrypted. If you could decrypt them, we'd have a better idea of who is behind the plan.", "tips": [ "Tip: The decrypted bank account number is the flag." ] }, { "title": "Junya Who?", "description": "Recruit, I need a favour. We've just had some intel about one of the gang members. His first name is Junya, but we can't find his surname. We know we have it on record, but it could be in any one of a huge set of files. Perhaps you could SSH into our server and see if you can find his surname for me?", "tips": [ "Tip: Find \"Junya\" mentioned in the files and his surname will follow. That's the flag." ] }, { "title": "QR.gif", "description": "Remember the QR code that the Yakoottees printed on a T-shirt? You might have been assigned to investigate it on the previous level. Well, it looks like they're using QR codes again and they've gone one step further by embedding them in a GIF file. We think the combined output is important, so get straight on it recruit.", "tips": [ "Tip: Work out the QR codes and put them together for the flag." ] }, { "title": "Custom Plates", "description": "We've just had some new intel. The Yakoottees are planning to change the supercar's numberplates to British plates when they steal it. For some reason, rather than create their own, they've ordered some from a site online called CoolPlates. We want to see which plates they've ordered and where they're being sent.\n\nSee if you can get into the site so we can find out. We don't have a username and password but we think it uses some simple JavaScript security checks.", "tips": [ "Tip: Log in to get the flag." ] }, { "title": "Still Hiding", "description": "Were you involved in the previous level when we needed someone to SSH into one of the Yakoottees' servers and take a look around? Well, we need to do it again. It seems they're becoming a little smarter about hiding their files. Take a look and see what you can find.", "tips": [ "Tip: The flag is in a file somewhere on the server." ] }, { "title": "Brute Strength", "description": "Great news, recruit. Thanks to your work we've been able to recover a zip file from the Yakoottees' private server. We're looking for blueprints of the Superspin HQ and details of how they plan to get in. Hopefully, the zip contents will lead us to that.\n\nThe zip file is password protected, so we set one of our engineers on writing a script to brute force it. Unfortunately, he was called away onto a special project for a team on another level. Perhaps you could make the final few alterations to his script to get it working.", "tips": [ "Tip: Change the script and open up the zip file to get the flag. Oh, and don't forget you can use your local terminal to help." ] } ], [ { "title": "Dot Dot Dash", "description": "It's time to go old-school, recruit.\n\nWe think the Chiquitoos have an insider that works on the ships carrying the shipping containers full of Cola. Obviously they don't want to be found out while passing details to the gang members on the nearby reconnaissance boats, so they've resorted to using Morse code to communicate. We've tapped into the frequency they're using and funnelled the code into our Morse code tool. Decipher the message and see what they're saying.", "tips": [ "Tip: In the message they mention a ship name; that's the flag." ] }, { "title": "Hidden Boats", "description": "Those Chiquitoos are a busy gang and they run a number of legitimate and criminal operations. One of their legitimate businesses is a small boating company that transports workers to the offshore wind farm. Their website has a page, which lists all the scheduled trips out, but we think there might be more that they're not making public. Our inside informant tells us they're stored in a file called \"extra.txt\". Have a look at the site and see if you can get access to it.", "tips": [ "Tip: The flag is the boat number of the last one in the secret list." ] }, { "title": "Docking Port", "description": "We have come across a site, which we believe is run by one of the Chiquitoo gang members, that sends information out on the port 1337. We've got a terminal tool you can use that is restricted to do just what you need. See if you can use it to get the information so we can find out what the site is being used for.", "tips": [ "Tip: Get the information to get the flag." ] }, { "title": "Pedro's Password", "description": "Recruit, we've had access to a server used by one of the Chiquitoos' side businesses for a while and have an idea that one of the gang members, Pedro, might have moved his user account from an old version of Linux. SSH in and see if you can find his hashed password.", "tips": [ "Tip: The flag is in the same file as the password." ] }, { "title": "Quick Drop", "description": "Recruit, we need your help urgently.\n\nThere's a package drop between two gang members about to happen; we have agents following them both. The first gang member has dropped off a briefcase at a discreet location and has left. We have an agent following the other one and he's just 4 minutes away from the pick up point.\nOur first agent has intercepted the package, it's a briefcase with two four digit number combinations required to get in. We have no idea what the unlock number is but the case has a post-it stuck to it with an encrypted code written on it.\nCan you decipher it in time to get the number combination? We've patched you in to the instant chat with the field agent - tell him the code before the time elapses.\nYou only get one chance per day to complete this timed challenge. Reload the page to try again.\nTip: If you get the right code, the agent will give you the flag.\n\nThere's a package drop between two gang members about to happen; we have agents following them both. The first gang member has dropped off a briefcase at a discreet location and has left. We have an agent following the other one and he's just 4 minutes away from the pick up point.\n\nOur first agent has intercepted the package, it's a briefcase with two four digit number combinations required to get in. We have no idea what the unlock number is but the case has a post-it stuck to it with an encrypted code written on it.\n\nCan you decipher it in time to get the number combination? We've patched you in to the instant chat with the field agent - tell him the code before the time elapses.\n\nYou only get one chance per day to complete this timed challenge. Reload the page to try again.", "tips": [ "Tip: If you get the right code, the agent will give you the flag." ] }, { "title": "Miguel the Moneyman", "description": "Recruit, we think we know where the money for this Chiquitoo operation is coming from: one of their senior gang members, Miguel. And it's given us an idea.\n\nTo make the payments to gang members look normal, Miguel has asked them all to send him links to official looking PDF invoices, which we know he is opening on his computer and then paying. So our plan is to send him a malicious PDF disguised as an invoice from one of the gang members. But we need your help serving up the file to Miguel.\n\nCreate a web server with the terminal using Python, then finish off the email we've created by inserting the web server's location.", "tips": [ "Tip: Serve the file up correctly to get the flag. Make your web server listen on port 8000 to be sure to bypass the firewall." ] }, { "title": "Developer Disaster", "description": "Recruit, quick job for you. We've been using the shipping company website to keep an eye on which ships have been coming in and out of port. However, it looks like their developer pushed an update to the site, which has broken it and then he went home for the day!\n\nThere's an error message on the site. See if you can find a way around it to get us back in.", "tips": [ "Tip: Get back in to get the flag." ] }, { "title": "Breaking Bottles", "description": "Recruit, we think we now know how the Chiquitoos' plan to distribute the Cola they steal. One of the gang's supposedly legitimate businesses is actually a bottling plant... and one of the things they bottle is Cola. We think they might be planning to re-label the bottles they steal as another brand they already bottle, making a huge mark-up and meaning the stolen Cola will effectively just disappear! Clever.\n\nWe think we might have a way in. The bottling plant has a website and there is a form where you can request a price list for their bottling services. We think it might be vulnerable to command injection, and there's a text file we believe you could access with \"recipe\" in the file name, which actually includes details about their plan. But here's the issue - they've added a filter to the form, which prevents the use of semi-colons. See if you can find a way around it.", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Bash the Botnet", "description": "We have managed to gain access to a server used by one of The Chiquittoos' side businesses. We think the gang use it to connect to their botnet, which we want to take down. The botnet is of course password protected but, if you can find the password we can log in and disable it!\n\nLog into the server using these credentials and see if you can find the password.", "tips": [ "Tip: The password is the flag." ] }, { "title": "All Zipped Up", "description": "Recruit, we need your scripting skills again. One of our field agents has managed to turn one of the Chiquitoos' to act as an informant. He has obtained access to a zip file from one of the senior gang members but it's password protected and he doesn't know the password (although we're pretty sure it starts with \"Cola\"). We've got a Python script that might help us brute force it but we think it needs some modifications.", "tips": [ "Tip: Open the zip file to get the flag. And don't forget you can use your local terminal to help." ] }, { "title": "Secret Spreadsheet", "description": "Recruit, we've stumbled upon something. We think it might really help in getting us closer to the Chiquitoos' plan to steal the shipment of Cola. They've created a spreadsheet listing all the containers they intend to target. Luckily for us, they've posted it online for other gang members to see and update. But, of course, being the clever cyber criminals they are, they've put it behind a particularly clever password system.\n\nIf you visit the page where it exists the ciphered password is there but it changes every two seconds; too fast for us to decipher and use. One of our engineers has been working on a Python script to try and get around it. Have a look at the script and see if you can make some changes to get it working.", "tips": [ "Tip: Run the correct script to get the flag." ] }, { "title": "Password Pickle", "description": "Hmm, these Chiquitoos are clever. We've intercepted a program that takes a password in and generates some output. We found the correct password (it's \"password\") but it still won't let us in. The other agents are stumped. Can you take a look and see if you can figure out how to get the output?", "tips": [ "Tip: Get it right and you get the flag." ] } ], [ { "title": "Locked Doors", "description": "Recruit, another piece of field work for you.\n\nWe want to test the internal door locks on the ship - and how better than to let one of our most promising agents (you!) try and hack into it!\n\nTake a look at this lock. It has some binary numbers, can you figure out how to get in?", "tips": [ "Tip: Break through the lock to get the flag." ] }, { "title": "Port Service", "description": "Recruit, another interesting one for you.\n\nWe found a service running on one of The Chiquitoos servers at services.cyberprotection.agency on port 5737. We're not entirely sure what it does but we think we should check it out. We know that it somehow grants a code but it's hidden in so much text that we can't find it. Can you see if you can find it?", "tips": [ "Tip: Find the code, it's the flag!" ] }, { "title": "Boat Missing", "description": "Recruit, we've lost sight of one The Chiquitoo boats! We think it's heading out to intercept the ship they are targeting but we can't find it.\n\nWe know one of the gang members onboard, Arturo: he frequently posts photos from his phone to Picster, a social media site. Perhaps you can take a look at his latest photos and see if you can figure out where they are.", "tips": [ "Tip: The flag is the absolute latitude and longitude degrees added together!" ] }, { "title": "Barcode Bonanza", "description": "Intel just in!\n\nOn doing a routine review of all the boxes of Cola on one of the ships, we found four boxes with additional barcode stickers on them. Nobody can account for how they got there or what they mean. It must be The Chiquitoos on the inside sending each other messages about which boxes to target.\n\nSee if you can read the barcodes, decode the output and put them in the right order to get the message.", "tips": [ "Tip: The flag is in the decrypted message." ] }, { "title": "Encrypted", "description": "Quick extra project for you, recruit.\n\nWe have managed to gain access to a server, which is running The Chiquitoo gang's secure encryption service. We need the password they are using as the encryption key. Can you find out what it is for me?", "tips": [ "Tip: The flag is the password." ] }, { "title": "Wake Up Alarm", "description": "Recruit, it's time for you to get back in the field. We want to do a test run of one of the ship's onboard security systems. Take a look at the online control panel to the ship's security. Can you find a way to turn the alarms off? If you can, then maybe The Chiquitoos' can too!\n\nBy the way, our intel tells us that there used to actually be a button called \"Turn Off Alarms\", which the ship's security team removed to try and make it more secure. Maybe start with that.", "tips": [ "Tip: Turn off the alarms to get the flag." ] }, { "title": "Filtered Cola", "description": "Hey recruit, back on the previous level you might have been involved with the team that was looking into one of The Chiquitoos' side businesses: the bottling plant. We found their price list request form was vulnerable to command injection and we think the site must also be open to SQL injection.\n\nOn the site there's a page where you can search through a list of all the orders they are planning to fulfil over the next month and we've got you access to it. We think that some of the results are hidden and only available to the senior gang members. We need that extra list so we can see when they are planning to re-label the stolen Cola as a different brand.\n\nOne of our other agents has already tried but, unfortunately, it looks like there is a filter being applied to prevent certain phrases being used in the form. Can you bypass it?", "tips": [ "Tip: Get the full list and you'll also get the flag. The flag is the name of the handler on the last result marked \"secret\"." ] }, { "title": "Float to the Top", "description": "Recruit, we're close to foiling The Chiquitoos' plans, but to do so our guy on the inside needs access to the senior members of the gang. The only way he can do that is to pass one of their tests to see if he's got what it takes.\n\nThe good news is that we know what the test is. He needs to bypass the security check on a file called \"OverflowedBuffer\". We've got hold of the file and the test is tonight. Can you do it for him?", "tips": [ "Tip: Pass the security check to get the flag." ] }, { "title": "Secret Messages", "description": "Crikey, every time we think we're getting one step ahead of The Chiquitoos, they do something that proves how good they are.\n\nIt seems they now know we've been intercepting some of their messages, so they've started encoding them all. Our agents are looking at them now to try and figure it out. Why don't you take a look too and see if you can figure it out first. It probably won't harm your promotion prospects if you do!", "tips": [ "Tip: Decode the message to get the flag." ] }, { "title": "Shipping Lanes", "description": "Recruit, we've been monitoring the web traffic of one of the gang members and he's visited a page, which has made us very suspicious. Why? Two reasons: first, it's called \"shipping-lanes-target\" (so we think he's using it to monitor the ship) and second, we can't get access to it! Whatever we try, it just won't work.\n\nTake a look at the page, maybe have a dig around the source code and see if you can get us access to it.", "tips": [ "Tip: Get access to get the flag." ] }, { "title": "Corrupted Corruption", "description": "Recruit, there's another quick task I need your help with. One of the agents intercepted a zip file from The Chiquitoos, but it looks like it's corrupted. I know you've helped us with this kind of thing before. Can you take a look and see if you can get it working?", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Hidra", "description": "Well, this is interesting. We've finally been able to get access to a messaging app (called Hidra) that The Chiquitoo gang is using to communicate. Within an hour of looking at the messages, they've already given us some great intel.\n\nFor example, FTP login details to the gang's main server! One small issue: they mention the address and the username but not the password. See if you can find a way in.", "tips": [ "Tip: Find the password for the user account. The flag is in a file which you get from connecting to the FTP server via a PASV connection. If you are inside the VM, you can use ftp -p." ] } ], [ { "title": "Centrifuge Exposed", "description": "Agent, here's a test for you to show the rest of the team you deserve to be on this level.\n\nOne of the Spetzners associates, Alexei, runs a science equipment ecommerce site called Centrifuge. Our team knows that he's secretly been using it to sell the Spetzners mad scientists the equipment they need for their schemes, so we've been trying to get access for weeks, to no avail.\n\nWe've just had a bit of good news. When making an update to the site Alexei made a mistake which, for a few hours last night, left some of the sites PHP code exposed. We managed to grab the code when it was there. Take a look and see if you can use it to find a way in to the site.", "tips": [ "Tip: Get access to the site to get the flag." ] }, { "title": "Cold File", "description": "Agent, quick task for you if you have a few minutes to spare. We have an old program one of our previous agents used that we can't get into. Can you get into it for me?", "tips": [ "Tip: Run the program, find the password, input it into the program to get the flag." ] }, { "title": "Hidden Centrifuge", "description": "Agent, we've been looking through the Centrifuge ecommerce site, run by one of the Spetzners associates Alexei. It contains thousands of pages, so one of the ways we've been doing that is simply by using a search engine, which has indexed all the pages.\n\nThe team have been starting to wonder whether there are other pages that we've not seen. Can you see if you can find them.", "tips": [ "Tip: Find the hidden page to get the flag." ] }, { "title": "Bunsen Burners", "description": "Agent, we've been looking into the different ways the Spetzners have been communicating with each other about their plans, and one of them is a science forum called Bunsen Burners. We want to see if the site is vulnerable in such a way that would allow us to serve our own JavaScript to one of the gang when they view it.\n\nWe've created an account for you and made a test forum page called \"Hack Trick\". See if you can get an alert box to appear on the page saying \"Kaboom!\".", "tips": [ "Tip: Get the alert to show with the right text and you'll get the flag!" ] }, { "title": "Hayka", "description": "Remember we said the Spetzners were mad scientists? Well, one of the gang, Vladimir, is an actual scientist, and runs an official scientific paper submission site called Hayka. But here's the thing - the server he runs the site from is his own, and we think he's also using it to store the gang's secret plans.\n\nWe want you to take a look at the scientific paper upload page, we think it might be vulnerable. See if you can upload a PHP file which will output the code word \"b1n4ry\" to the screen when you visit the page.", "tips": [ "Tip: Upload the correct file and visit the file page to get the flag." ] }, { "title": "Mission Extension", "description": "Agent, those Spetzners are really trying to test our patience! We have someone on the inside that managed to quickly take a copy of one of the gang's hard drives. But just to make it really hard to figure out what they're doing they've removed all file extensions - from every file!\n\nWe know there's a Jpeg in there somewhere with an image of the particular EMP they're trying to steal, but it's taking the team forever to find it. Can you think of a quicker way?", "tips": [ "Tip: Find the Jpeg, it contains a serial number (SN), that's the flag!" ] }, { "title": "Grand Old Ruble", "description": "Ok, we need you to step into the shoes of the Spetzners best hackers for a while. We've received some intel that the gang have identified a vulnerability on the Grand Ruble Bank's website that allows them to perform actions only an admin should be able to.\n\nTake a look and see if you can do the same so we can help the bank fix their security.", "tips": [ "Tip: Transfer 1000 rubles to a user called cpa to get the flag." ] }, { "title": "Bogdan's Data", "description": "Agent, a possible breakthrough that we need your help with. We've found a server run by the gang, it's at services.cyberprotection.agency:3166 and it seems to be protecting some data. The gang member who we think administers it, Bogdan, is one of the key members behind the plans to steal the EMP. We think it might have even been his suggestion in the first place. In short, we need access to the data on that server.\n\nFortunately we've been able to recover some source code for it. Take a look at the source code and see if you can get access to the server.", "tips": [ "Tip: Get access to the server to get the flag." ] }, { "title": "File Hunt", "description": "Agent, we have SSH access to one of the gang's servers that contains lots of files and we need to find one in particular.\n\nOne of the gang, Stanislav, created the file on 22 Nov 2015 at 8.00pm (we know because we were monitoring him!). Can you find that particular file, we think it contains important information concerning the whereabouts of several gang members.", "tips": [ "Tip: Find the file, it contains the flag." ] }, { "title": "Code Attack", "description": "We need your programming skills agent, and from what you've demonstrated so far we think you're definitely up for the challenge.\n\nYou need to write a simple script from scratch to crack into another program that takes an argument (a 4 digit numerical pin code) and outputs a result.", "tips": [ "Tip: If you enter the right argument into the program you get the flag." ] }, { "title": "Tayga Bears", "description": "One of the Spetzners lives in Tayga, a heavily forested area with a lot of bears! So it's no surprise that he spends some of his spare time taking photographs of them and posting them to a nature site called \u043c\u0435\u0434\u0432\u0435\u0434\u044c \u0441\u043b\u0435\u0434\u0438\u0442\u044c (which is Russian for \"Bear Watch\"). We thought it was fairly innocent until one of the agents spotted something weird about one of the images.\n\nTake a look at them and see if you can spot what it is.", "tips": [ "Tip: There's a hidden file, open it to get the flag." ] }, { "title": "Recruit List", "description": "Agent, the Spetzners are trying to recruit someone on the inside of the hidden weapons facility to help them get the access they need to steal the EMP. We believe one of the gang members has made a list of names of the people they want to target, and placed it on his own private web server.\n\nWe've found the login page for it, see if you can get access.", "tips": [ "Tip: Bypass the login form to get the flag." ] } ], [ { "title": "Overflow Egor", "description": "Right, recruit, it's time we tested your skills against the Spetzners finest.\n\nOne of their gang, Egor, is a master scientist and skilled programmer. He's written a program which we think is vulnerable to buffer overflow. See if you can crack it.", "tips": [ "Tip: Overflow the buffer to get the flag." ] }, { "title": "Calling Yaroslav", "description": "Agent, we know the gang are attacking soon, so it's time to start bringing them in. This morning our agents picked up one of the gang's henchmen, Yaroslav, because we knew he had the time and date of the attack on his phone. The trouble is, we've looked at his phone and it contains a sophisticated eight-digit pin locking system. It's based on a math problem, and we want you to crack it.\n\nHere's what we know: when the phone was first started the pin code code to log in was 4096. Every time we enter the pin code, the number of times the pin code has been entered correctly in the past is added to the value of the pin code, to get the new pin. We know the system has been used 5520 times before. What will the pin code be this time?", "tips": [ "Tip: Get the right pin code to get the flag. All we know at the moment is that it's definitely eight digits long." ] }, { "title": "Text and Text", "description": "Recruit, yesterday one of our field agents was able to snoop on a meeting between several gang members planning out their attack on the weapons facility.\n\nOne of them mentioned to the other that he'd send over the lock code to one of the doors on the facility. If we knew the code, we'd know how they got it (because the codes are only given to certain people) and where exactly on the facility they planned to get access.\n\nWell, this morning we intercepted an email between the two expecting to see the code, but instead they just sent over two large text files. Weird. Can you find the code?", "tips": [ "Tip: Find the code, that's the flag." ] }, { "title": "Hidden Bear", "description": "It seems the Spetzners will find any way possible to keep their secrets from us. And we think they know we're on to them, so they're doubling down with strange new ways to hide their messages.\n\nHere's a good example: you may remember the Bear Watch site from the previous level? Well, we've been looking at one of the images from that site for days and can't seem to crack what it's hiding. Take a look and see if you can find it.", "tips": [ "Tip: Manipulate the image in some way to get the flag." ] }, { "title": "Matryoshka", "description": "Agent, know anything about man pages?\n\nLog into this SSH server using the details below. We've received word that the gang has been using this public server to pass messages through the use of man pages. We need to see if they've used a particular code word (matryoshka) which they're using to say when to start implementing their plan. See if you can find it.", "tips": [ "Tip: Find the code word to get the flag." ] }, { "title": "Chatz with Semyon", "description": "Agent, we need your urgent help.\n\nOne of the gang, Semyon, has been using a Skype equivalent called Chirp to make calls. We know he made a call this morning to an associate of the gang that's planning to help as a getaway driver when they steal the EMP. We want to pick him up before he can help, so we need to know his phone number (which will help give us his location).\n\nSee if you can crack into the Chirp site. If you do you'll see the calls Semyon made today, we're looking for the one to Yury. Oh, and luckily one of the other agents has managed to get the PHP source code to the page, that might help.", "tips": [ "Tip: The flag is Yury's phone number." ] }, { "title": "Kapa's Hidden Secrets", "description": "In what we thought was an unrelated piece of intel, one of our field agents monitoring the gang reported this morning that he noticed one of them looking at a site which sells pencils. Well, it seems they're using it for something else too - to hide files.\n\nLuckily for us, we think the site is vulnerable to command injection. See if you can use the comment form to get access and find a file, we think it has a list of the gang members involved in the planned robbery and their particular role in the attack, so it's vital we get our hands on it right away.", "tips": [ "Tip: Find the file, it contains the flag." ] }, { "title": "Odd File", "description": "Hmm, this is an interesting one for you, recruit. We have a file that the Spetzners have been sending back and forth between them for a while. We have no idea what it is or how to get access. We've tried running it and answering the question it asks but to no avail.\n\nWhy don't you give it a try and see if you can get access.", "tips": [ "Tip: Get access to the file to get the flag." ] }, { "title": "Junk Decryption", "description": "Agent, we've just received a bunch of files from one of our field agents taken from one of the senior gang members hard drives, and our team is having trouble putting it all together. Maybe you can help?\n\nHere's what we have: a decryption program which takes a string as an argument, but when we run it we just get junk back; some encrypted text, and; a weird image file of a calendar. A bizarre combination, take a look and see if you can figure it out.", "tips": [ "Tip: Run the correct string through the decryption program to get the flag." ] }, { "title": "Snakes in Motion", "description": "Agents have intercepted some vital information we'd like you to look at. We've sent you an email with some encrypted text, a dictionary file and a Python script to help you extract what we believe might be the password to a cloud storage solution the Spetzners use to store their criminal documents. One problem, unfortunately, the Python script is incomplete.\n\nCan you finish it off so that it runs each line in the dictionary against the encrypted text to decrypt it? Hurry agent, the Spetzners might know we are on to them and could transfer their documents elsewhere!", "tips": [ "Tip: Decrypt the text, that's the flag." ] }, { "title": "Perilous Pencils", "description": "Agent, we've just had an interesting piece of intel. It seems the gang know we're monitoring their own sites and servers, and have therefore started removing anything incriminating. But they still intend to implement their plans to steal the EMP and so need a new way of sharing information.\n\nYou may have already come across the pencil selling e-commerce site Kapa that the gang hacked into and have been using to exchange messages. The Spetzners, being geeky science types, do love their pencils, but we think it's a little more sinister than that - it seems they might have hacked the site and started adjusting the images on it to contain hidden messages! If we hadn't noticed them using the site, we would never have known. Clever.\n\nHave a look at this page in particular which the gang member was looking at. Anything strange about it?", "tips": [ "Tip: The flag is in one of the images! Oh, and for password protected files don't attempt to drag and drop them." ] }, { "title": "Dear John", "description": "Ok, a really important task for you, recruit. We need access to the main Spetzner database! We think it's the only way to not only bring the gang down, but also gather the amount of incriminating evidence we'll need to prosecute.\n\nWe have a word list and a binary. The binary takes in a word list and attempts to break the password on their database server. Unfortunately, the word list doesn't have the password on there, we think it may be a similar word though. Another agent mentioned a program called \"john\" which can alter word lists to make minor changes, can you look into that and see if you can use it to get access to the database?", "tips": [ "Tip: Get access to the database to get the flag!" ] } ], [ { "title": "Port of Call", "description": "Quick job for you Agent. We think the gang have a port running between 14000 and 15000 that might expose some interesting information about them, we've temporarily pointed our domain services.cyberprotection.agency to their server. Use that address to find the service and connect to it.", "tips": [ "Tip: Connect to the port to get the flag." ] }, { "title": "Nightclub Rendezvous", "description": "Agent, this one is urgent. Our team have just intercepted some chatter between two gang members and it's confirmed they are holding a meeting tonight at a nightclub somewhere in London. Unfortunately there are a lot of nightclubs in London and they didn't mention which one. Then, 10 minutes after the conversation ended, one of them posted up a cryptic piece of text on his social media account. We think it contains the time and exact location of the meeting. We have every agent on the ninth floor working to decode the text, can you get there first?\n\nHere's what we know about it so far: each character in the text was converted into a decimal number (according to the ASCII chart), then each number had the same number subtracted from it (a number between 1 and 10). Then each number was written to a new line of the text.", "tips": [ "Tip: The flag is the name of the nightclub." ] }, { "title": "The Insider", "description": "One of the other agents needs your help. He's been trying to open a file we intercepted which we believe might have special insider information about the bank the Bulldogs are targeting. The agent thought opening the file was going to be simple, but it's not working. Can you help?", "tips": [ "Tip: Get the password and open the file to get the flag." ] }, { "title": "Binary Battle", "description": "Agent, it looks like we might need your programming skills again. We've intercepted a binary that we want you to take a look at. It takes a password as an argument and produces a result if you get it correct. We think writing a script which uses strings might be the best way to crack it, but none of the other agents have been able to so far.\n\nThe file was taken from the hard drive of the gang member we think has been doing reconnaissance on the bank, so it could contain some extremely important information.", "tips": [ "Tip: Input the right password to get the flag." ] }, { "title": "Art Thief", "description": "Agent, we've been doing some research on Barry Brigley, one of the Bulldogs and a notorious art thief. We've managed to get access to a site he uses to post images of the art he's stolen which are for sale on the black market, but he's hiding the images somehow so we don't know what he's stolen. If we knew it would help us track his movements over the past few months (we think the art comes from a variety of galleries all over Europe).\n\nTake a look at the site and the images. You can download the images, they're in a common image format, see if you can recover them.", "tips": [ "Tip: The flag is in one of the images." ] }, { "title": "Benjamin the Brute", "description": "Agent, one of the gang, Benjamin Goldleaf, was yesterday overheard by our inside undercover agent talking about posting notices on a secret message board that the gang use to communicate meeting times.\n\nWith a bit of detective work we've managed to find the message board and get Bens user details. We want to post a fake message using the API to try and draw one of the more senior gang members out, but we can't get it to work. See if you can.", "tips": [ "Tip: Successfully post a notice on the board to get the flag." ] }, { "title": "Stepping Up", "description": "Finally, some good news! We've had an agent undercover with the Bulldogs for a while now, but the gang is quite large and it's very hard to get access to the elite group that are planning to rob the bank. However, we've just received word from our counterparts in Spain that they've arrested one of that elite group whilst he was on a trip there. He was their best hacker and now they need to replace him quickly otherwise their attack on the bank won't work.\n\nThe elite group have decided to select someone from the rest of the gang by issuing them with a hacking challenge. Whoever cracks it first gets to go with them on the robbery. If we could get our undercover agent into that group we'd almost certainly be able to disrupt their plans. The challenge is tough - there's a file and you need to overwrite the buffer to make the secret variable read: de4dc0de. Do you think you can be the first to break it?", "tips": [ "Tip: Overflow the buffer to get the flag." ] }, { "title": "Unsafe Deposit Box", "description": "Agent, we've been working with the bank to try and make their website more secure, which will hopefully prevent the Bulldogs getting access.\n\nAs part of our penetration testing we've found a page which might be vulnerable to XSS. It's the page you use to request further information about safety deposit boxes. You need to be logged in as a standard bank customer to get to that page, but we think you can use XSS to change the access level to admin. Give it a try.", "tips": [ "Tip: Get admin access to the site to get the flag." ] }, { "title": "Vicious Voicemail", "description": "Agent, once again we need you to step up and show us your skills. This time you need to stand in for Agent V, our resident audio expert, as he's been called up to help the team on the next level with a special mission.\n\nBefore he went he was able to get access to the private voicemail system the Bulldogs were using. He got access by logging in as one of the gang members, Terry Turner, and we can see there are a set of voicemails on there for him. Agent V didn't have chance to analyse them before he went, can you do it for him? We think there might be hidden messages in the audio files.", "tips": [ "Tip: Find the hidden message to get the flag." ] }, { "title": "Exposure", "description": "One of the Bulldogs, Lara Mindsay, is a surveillance expert and we think she's been using advanced drones to take high resolution photos of the bank from different angles.\n\nShe also runs a small legit side project, a photo site which allows anyone to create an account and upload photos. We think she's using it herself to store the bank surveillance photos and so we want to see if it's vulnerable. We've been penetration testing the site but have not had any success so far, then this morning one of the other agents sent me a tip - CVE-2012-2399. Take a look and see if you can use it to see if the site is vulnerable.", "tips": [ "Tip: Find the vulnerability to get the flag." ] }, { "title": "Cryptonite", "description": "Yesterday our uncover agent let us know about an encryption tool one of the gang built called Cryptonite. It runs on one of the Bulldogs private servers and we think it might be vulnerable.\n\nSee if you can use it to get access to the server and look for any files that might be worth investigating. We think the gang member who built it, Percy Pinkly, is involved in the gangs efforts to circumvent the banks main security alarms, so he might have been storing files on the server related to blueprints or the security system.", "tips": [ "Tip: There's a file on the server containing the flag." ] }, { "title": "Open Box", "description": "It looks like Billy Johnson, one of the gang's enforcers, is using a cloud storage service to keep his files secure. We know he has an account and we know his password, but we don't know his account name.\n\nOur team have created an account with the service and logged in. See if you can find a way to trick the site into giving you a list of accounts.", "tips": [ "Tip: Billy Johnson's account name is the flag." ] } ], [ { "title": "Spam Robot", "description": "Agent, because of your great work on the previous level the gang have struggled to find a way to get physical access to the bank. So it looks like they are testing ways to get a package containing a small robot into the building which they can use remotely.\n\nThey plan to send it to one of the senior management as a gift from a friend (who the manager is unaware belongs to the Bulldog gang). When the manager plugs it into his computer to charge up via USB, it will hijack the computer and access his email. With this access, the gang will send a specific spam email, which the robot will use as a trigger to start an attack on the banks servers from the inside!\n\nTo help narrow our investigative efforts, we need to know which gang member is behind this new idea of theirs. Agents have managed to recover a log file and a mail queue of pending outgoing email spam messages. See if you can match up the ESMTPA ID from the messages to the log file and get the login details of the gang member. We can then stop him sending the email.", "tips": [ "Tip: The flag is the username of the gang member sending the spam." ] }, { "title": "Nosey Robot", "description": "Agent, thanks to your efforts in finding the gang member leading the effort to send a robot to the bank, we've managed to recover some C code we think might be used by the robot to take photos, but we can't be sure because running it currently returns a segmentation fault. Another agent has rigged up the code to a camera interface. See if you can fix the code, get it to run and take a photo.", "tips": [ "Tip: Take the photo, the robots confirmation message will show the flag." ] }, { "title": "Account Roulette", "description": "Agent, remember the social media website from the previous level where Bulldog gang member Darren Greggs posted that cryptic message? Well we think the site might be vulnerable and if we could log in as Darren we could post messages as him and confuse other gang members. Unfortunately we don't have his login details, but we're sure you can find another way to log in as him using a possible cookie vulnerability we think exists.\n\nWe have logged in as another random test user that we created and have gone to an old message Darren posted. See if you can use that access to log in with various other cookie values, then test the response to see who you are logged in as. If you can do that to find Darren's account (his username is thedazman), change the cookie to log in as him.", "tips": [ "Tip: Log in as Darren to get the flag." ] }, { "title": "Change of Plan", "description": "Our Agent on the inside has just received an email from one of the senior gang members. We think it's regarding a date being set for when the robot should arrive at the banks address - it's our belief that they know we are into them and so they would like to speed up their efforts in sending the robot to the bank!\n\nWe really need to confirm the exact date they want to send it, but at the moment we can't because the email came in the form of some encrypted text. We've had an agent working on it, and he's created a dictionary file and an unfinished Python script to try and crack it. He seems to have hit a dead end, maybe you could pick it up and finish breaking the encryption.", "tips": [ "Tip: Crack the encryption to get the flag." ] }, { "title": "The Robot Speaks", "description": "Agent, we have more details about the Bulldogs trojan horse robot. The gang are planning to send the robot to a senior manager as a pretend birthday gift! On the face of it the robot doesn't do anything fancy, it moves around and has an LCD display for messages. But of course, being the Bulldogs they obviously have something more sinister in mind.\n\nWe think the LCD display might be used as a way to display secret messages and access codes to someone in the bank. We've managed to get hold of the program, written in Assembly code, that outputs the messages to the display. But it seems to have bad instruction and fails to run. See if you can patch it.", "tips": [ "Tip: Edit the code and run it, the robots confirmation message will show the flag." ] }, { "title": "Remote Unlock", "description": "Agent, it seems the robot the gang want to send to the bank will first need to undergo a series of tests which we are hoping will reveal more information about how they will activate the robot once it arrives at the bank.\n\nThey seem to be testing it with a server (which we've pointed services.cyberprotection.agency at, port 9999), which has a service running on it. When you connect it starts a timer and gives you three numbers. We think to unlock it you need to multiply the first two numbers together and then divide the result by the third number. But the integer result has to be sent to the server in under 1 second to gain access to the remote package. We haven't been able to find a way to do it. Can you?", "tips": [ "Tip: Send the right answer in time to get the flag." ] }, { "title": "Coffee Robot", "description": "An inside agent has told us Charlie Hampton, one of the gang's smartest engineers, has been making detailed notes, instructions and schematic drawings of the robot and keeping them on one of his servers. Getting access to those drawings would really help us understand how this robot will operate.\n\nThe problem is, we don't know which server he's keeping the plans on. All we do know is that Charlie owns a legit business, a coffee shop in East London, which he uses as a cover for his gang activities. It's a long shot but we do know they run a small server in the basement of the shop which controls their on-demand coffee ordering service. Go to the coffee ordering site, see if it's vulnerable. If it is see if you can find anything useful on the server.", "tips": [ "Tip: Find the drawings file to get the flag." ] }, { "title": "Fork in the Road", "description": "Agent, it's time we went on the offensive! We know the Bulldogs are putting their trojan horse robot plan into action, and whilst we're continuing to work specifically on stopping that we also want to disrupt as many of the Bulldogs operations as possible, to keep them distracted and slow them down.\n\nHere's one example we want your help with specifically. Remember the encryption tool Cryptonite that one of the Bulldogs created from the previous level? It uses server side commands to handle the encryption and we want you to use some kind of command injection to send the command for a fork bomb to DoS the website and take down the tool.", "tips": [ "Tip: Crash the website to get the flag!" ] }, { "title": "Open Port", "description": "Agent, it looks like we're having an effect on the morale of the Bulldogs with all the chaos we've been causing! Our inside agent has just picked up some chatter from a small group of the Bulldogs that are planning to splinter off and form their own gang! There's a possibility they might be planning to hijack the trojan horse idea and steal the gold bullion for themselves, so we need to find out what they're up to.\n\nWe believe they've set up a port running on an IP address that we've pointed services.cyberprotection.agency at, between ports 19000 and 20000. See if you can connect to it and help us find out what they're up to.", "tips": [ "Tip: Connect to the port to get the flag." ] }, { "title": "Catch and Throw", "description": "Agent, we've just stumbled on something we think could be very important. We know the gang have been working on getting their trojan horse robot into the bank, and we also know they're trying to communicate with it and use it to get access to the banks servers from the inside. But until now we didn't know if they had the codes they'd need once they'd made the connection. Well, it seems they might.\n\nWe've received an anonymous tip from one disgruntled gang member about two web pages, the second of which he claims, has a list of access codes the gang would need to get in. If we could see those codes we'd know whether the risk was real, but here's the thing - on the first web page there's just a number which keeps changing. On the second page, nothing, except for an error message. We think to open up access to the second page you need to pass the value from the first page to the cookie on the second page. Give it a try.", "tips": [ "Tip: Change the value of the cookie on the second page correctly to show the codes. The last code is the flag." ] }, { "title": "Stop and Search", "description": "Agent, with all of the knowledge we have gathered about the trojan robot and the gang's plans for it we have been working with the bank to improve their security. We're currently doing penetration tests on all their internal systems and we've identified a possible XSS flaw in their contact management system, in the \"search contact\" field to be specific.\n\nHere's a javascript payload, see if you can get it to work in the search field.\n\n\n\nOnce this flaw has been fixed we are confident that the trojan robot the gang have been planning to send will have no effect on the banks system therefor rendering it useless! Good luck!", "tips": [ "Tip: Submit the payload correctly to get the flag." ] }, { "title": "Multiple Boxes", "description": "Could this be the icing on the cake? Remember Filebox, the cloud storage site Bulldog gang member Billy Johnson was using to store his files? Well, it seems he's not the only gang member to store his secret files there.\n\nAs we know it's vulnerable we want to look at other ways to find the gang's files. We think the files can be exposed with directory traversal and there are some two levels up from the account page. See if you can get access to them.", "tips": [ "Tip: Find the file to get the flag." ] } ], [ { "title": "Spam For Dinner", "description": "Agent, we're trying to distract the gang whilst we try and gain access to their primary server and we think we've found a target for you.\n\nWe want to spam the booking form for their restaurants, if we can create at least 5 incorrect bookings that'll make a real mess to keep them distracted. The problem is the form is protected by a Captcha. You may be able to bypass the Captcha by tricking the form into using the same data every time you submit.", "tips": [ "Tip: How are strings sometimes generated?" ] }, { "title": "Bypass", "description": "Agent, we've found a TCP service the gang are using, but we can't seem to get access. It's services.cyberprotection.agency on port 13880 See if you can bypass the login screen.", "tips": [ "Tip: Good LUKS" ] }, { "title": "Run Server Run", "description": "Quick task for you, we've obtained details of another TCP server the gang are using (details are services.cyberprotection.agency on port 13777) - we just need you to connect to it. Should be easy, right?", "tips": [ "Tip: Files are made of data" ] }, { "title": "Server Strike", "description": "Breakthrough - we have gained access to the gang's primary server! We found out because we recently took\n down a hacker from a rival gang that has previously managed to gain access to the system.\n\nWe think he left an exploit on the server. SSH in and see if you can use it to exploit the server.", "tips": [ "Tip: weird.", "Warning: Make sure to back up any files you are about to modify. There\n are no second chances!" ] }, { "title": "Memories", "description": "Agent, we've intercepted a file sent between two gang members and it's confused our agents. When you execute the program it will give you a memory address for a function. See if you can exploit the binary to run the function.", "tips": [ "Tip: Use a cyclic pattern tool." ] }, { "title": "Binary Memories", "description": "Ok, this is annoying. Our undercover agent has just sent us a file he managed to take from the gang's primary server, so we think it's important, but when we run it nothing happens. We think it might be loading something into memory, any ideas?", "tips": [ "Tip: gdb unscramble" ] }, { "title": "Seashell", "description": "We've just made a big discovery agent, it seems the gang have more than one ship! We know because we've intercepted a message sent between them. Trouble is we can't figure out what the message is. Take a look.", "tips": [ "Tip: Code is just data." ] }, { "title": "Hash'em", "description": "Agent, we've managed to get physical access to a router the gang are using on their ship. We want you to use that access to get the username and password for SSH.", "tips": [ "Tip: RCE? You'll crack it! Then, send in format: username / password." ] }, { "title": "Encrypted", "description": "Good news agent, another intercepted file for you to analyse that we think contains the access code to a safe the gang have on their boat - our undercover agent thinks he can get physical access to it, so we need the code as soon as possible.\n\nWe've tried executing the file and it loads the encrypted access code into memory. That's as far as we've got, give it a try and see if you can decrypt the code.", "tips": [ "Tip: strings, gdb, try to catch a break." ] }, { "title": "Silver Service", "description": "Good news agent, we've found a TCP service used by the gang, it's services.cyberprotection.agency on port 13222. Take a look and see what you can find.", "tips": [ "Tip: Decrypt all the things! Are you sure the first line is fully decrypted?" ] }, { "title": "String Cruncher", "description": "We've discovered a web page used by the gang which seems to just generate some strings, but we're not sure why. They all seem to be random but we have a feeling, given the technical sophistication of this gang, that things might not be as they seem. Take a look.", "tips": [ "Tip: One of these is not like the others... when you find the odd one out, it will lead you to the flag." ] }, { "title": "Trial by File", "description": "Agent, we've got what we think might be your toughest test yet. We've intercepted a file which was sent to the gang's boss, so we know it's important, but none of our agents can exploit it. Time for you to show us what you're made of.", "tips": [ "Tip: Control @ n" ] } ] ], "Moon": [ [ { "title": "Programming 101", "description": "Good morning agent, welcome to your first day of training on the Moon Base. Our goal on this level is to teach you some programming basics. We use a programming language called Python at the CPA and today we're going to start with a simple task - teaching you a few simple things like code comments and using the print function.\n\nWe have an interactive code editor for you to learn on, the CPA MoonCoder. Simply change the code in the editor on the left side and click the green \"Submit code\" button to make it run. You'll then see the output of your code (along with a flag to submit if you get it correct) on the right side.\n\nAnd don't forget, if you get stuck you can click \"Use a hint\". Whilst you're in training you won't lose any points for doing so.", "tips": [] }, { "title": "Handy Variables", "description": "Next, let's take a look at something called variables, a really simple programming concept (it's just a box with a label that can hold something), but a thing you'll find very useful as you go on to do more advanced things.", "tips": [] }, { "title": "Converting for Fun", "description": "I hope you've been making notes agent as with this challenge you'll need to take what you've just learnt about variables and try converting the types of data they contain.\n\nOh, handy tip, if you make a bit of a mess with your code editor you can always click the reset button on the bottom right. It'll refresh the editor and put back the original text so you can start again.", "tips": [] }, { "title": "Maths in Code", "description": "Are you any good at maths agent? Well, computers certainly are, and you can use programming to do all kinds of clever things. Let's start you off with the basics, using programming to do some simple calculations.", "tips": [] }, { "title": "Super Strings", "description": "So you've already learnt about strings, but did you know there are some other really useful things you can do with them? Things like concatenation and using string specifiers. Take a look.", "tips": [] } ], [ { "title": "Flow with Conditionals", "description": "Now you know the basics it's time to teach you one of the most useful things in programming, conditionals. Using \"if statements\" you can get a program to be dynamic and flow the way you want it to based on the information it receives. If you're ready, let's go!", "tips": [] }, { "title": "Logical", "description": "So now you know all about conditionals it's time to supercharge them with logic! This is where we get to the very core of how a computer thinks, using simple binary, 1 and 0, True and False. Once you master this they'll be no holding you back!", "tips": [] }, { "title": "Let's Get Functional", "description": "You may be thinking by now that programming means typing and retyping lots of things all the time, but actually there's a handy way we can reuse some of the code you're writing so you don't have to do that. They're called functions and they're simply little blocks of code that we can call on again and again to do useful things.", "tips": [] }, { "title": "Hooray for Arrays", "description": "If you thought functions were useful just wait until you learn about arrays! They're simple things, just collections of data, but they're really handy for programming. In this lesson you'll learn how to create them, add and remove things and more.", "tips": [] }, { "title": "Going Loopy", "description": "Hello agent. I've just received a message from another agent letting me know something strange is going on - we may have intercepted an alien signal! It's time to accelerate your training and make sure you're ready for your role as an agent on the Moon Base. And what better way to do that than introduce you to loops!", "tips": [] } ], [ { "title": "Fun with Files", "description": "Did you know you can use programming to work with files? It's actually a very common task when doing programming and something you really need to know well. So let's get learning!", "tips": [] }, { "title": "Sockets and Servers", "description": "So agent, now the Moon Base is on high alert it's time to start teaching you some slightly more challenging topics. You'll need them to help the other CPA agents deal with whatever is sending us those strange signals!\n\nLet's start with sockets, a way of sending data over a network.", "tips": [] }, { "title": "Don't Forget HTTP", "description": "Sockets aren't the only way to make network connections you know, you can use Python to make HTTP requests easily as well. Time to have a go at that I think.", "tips": [] }, { "title": "ASCII Encoding", "description": "Now you know computers only think in numbers (they're binary remember), you might be wondering how all the text you type on the screen gets converted into something they can understand. Well, that's where encoding comes in, which means this is a great time to teach you about ASCII, the most common form of encoding.", "tips": [] }, { "title": "Ready for Regex", "description": "So, it looks like this might be your last lesson agent, the team on the next level have called an emergency meeting and the rumors are that we've been contacted by aliens and all agents need to get ready for whatever happens next! Just time to teach you about regular expressions, a very handy way to search text for a pattern.", "tips": [] } ], [ { "title": "Strange File", "description": "Ok, quick task for you agent - we've received a strange file from the first alien communication. It's at /tmp/alien-signal.txt, we need you to open and read the file.", "tips": [ "Tip: Write a python script to open and read the file to get the flag." ] }, { "title": "Agent Profiles", "description": "The operations team have asked that we start preparing a group of agents that could be sent on a mission to intercept the alien craft. We need to review the profiles of our agents, but the script we wrote to get them (they live in different places, e.g. /tmp/agent-1 and /tmp/agent-2) seems to be broken. Can you fix it?", "tips": [ "Tip: Fix and run the script to get the flag." ] }, { "title": "Broken Robot", "description": "We have a problem. Yesterday we sent out our remote tracking robot to collect some samples, but it's got a little lost and we need it back so we can send it back out to the alien landing site if they decide to land on the moon. Can you get it back to base?\n\nSome instructions to help you:\n\nGood luck agent!", "tips": [ "Tip: Navigate the robot back to base to get the flag." ] }, { "title": "Unlocking the Message", "description": "Agent, we're using a simple web API to listen for the alien signals, but we need to find a way to get past a numerical API key that's required to get a response. See if you can manage it.\n\nSome instructions:", "tips": [ "Tip: Write a script which runs each possible combination until you get a response to get the flag." ] }, { "title": "Alien Server", "description": "So, it seems the aliens are using what looks like human technology and we've identified they're running a server. We need you to try and connect to the server and see what's going on.\n\nInstructions:", "tips": [ "Tip: Get access to the server using the above instructions to get the flag." ] } ], [ { "title": "Listen Up", "description": "The aliens seem to be trying to make direct contact, so it's time for us to properly listen. We need you to write a server that accepts incoming connections and monitors the commands sent to it.\n\nSome instructions for you:", "tips": [ "Tip: Listen correctly to get the flag." ] }, { "title": "Defence Data", "description": "The team on Earth are getting a little concerned, they want to know which countries we think would be vulnerable if the aliens decide to head down there and attack, based on what we know about them already. See if you can generate a valid xml file at /tmp/vulnerable-countries.xml that contains a list of country nodes that have name attributes. The third node should be Panama.", "tips": [ "Tip: Generate the valid xml file with Panama as the third country to get the flag." ] }, { "title": "Alien Zip", "description": "Wow, things are getting crazy, the aliens have flooded us with cryptic zip files and we've no idea what's inside them or, for that matter, how and why they seem to be using human technology in their communications with us.\n\nAnyway, we've started organising the files to try and make sense of them, but they're all locked with a numerical three-digit passcode. See if you can write a script to get into this example file alien-zip-2092.zip and read the text file inside which we think is named whatever the zip is (so in this case alien-zip-2092.txt). Oh, by the way, files should be extracted to the /tmp/ directory.", "tips": [ "Tip: Extract the file to the /tmp/ directory to get the flag. Make sure to break out of the loop when you hit the correct password, otherwise you will override the correct file with a blank one with the same name." ] }, { "title": "Passphrase Panic", "description": "So, things are moving quickly and one of our agents has just pointed out to me that we should probably get on the defensive and make sure all our files are locked and have secure passphrases. We need your help to generate those passphrases.\n\nWe've already created a script that generates 3 random numbers that correspond to the position of words that can be found in the /tmp/words.txt file. You will find those numbers in the wordNumbers array.\n\nInstructions:", "tips": [ "Tip: Generate a passphrase to get the flag." ] }, { "title": "Jovian Tweets", "description": "This is a bit weird, but looking at the files the aliens are sending would suggest they are trying to find a way to post messages on social media back on Earth. Maybe it's part of a co-ordinate attack to spread panic. We better figure out how they are doing it, and the best way is probably to try it yourself using the protocols they seem to be using.\n\nSome instructions:", "tips": [ "Tip: Read the response to get the flag." ] } ], [ { "title": "Foreign Filesystem", "description": "We're trying to make sense of a filesystem with a large number of empty directories that the aliens created. Can you write a script to browse the contents of /tmp/aliendir and see if you can actually find anything.", "tips": [ "Tip: The name of the file is the flag." ] }, { "title": "Watched by the Eye", "description": "The aliens have got on to our Moon Base network, we don't know how but we know they're watching what we're doing.\n\nWe need to keep communicating in a secret way. See if you can write a script to hide some text in an image file /tmp/image.gif by appending it to the end of the image. That way we can send random images back and forth to communicate without them knowing.", "tips": [ "Tip: Hide the text \"alieneye\" in the file to get the flag." ] }, { "title": "A Way Back In", "description": "Agent, we need to start fighting back, and we think we have a way in. See if you can write a script that will start a connection to the below IP address, which we think is what the alien probe ship is using, giving us the ability to run commands on their machine and see the results. Once in, read the files on the system in the /tmp directory.\n\nIP: 127.0.0.1 port 10000", "tips": [ "Tip: The flag will be sent when you send the correct command." ] }, { "title": "Tough Zip", "description": "So, remember those zip files from the previous level? Well, they're still sending them, thousands of them, and it looks like they've improved the password protection on them.\n\nSee if you can write a script to brute force one of the zip files, alien-sample-42.zip and read the extracted file alien-sample-42.txt.\n\nWe will provide a list of potential passwords:", "tips": [ "Tip: Extract the file to the /tmp/ directory to get the flag." ] }, { "title": "Server Key", "description": "Ok, the excellent team on the next level have identified another alien server on a second alien probe ship that's moved down to the moon, but it's protected in a more sophisticated way than the last one. We need you to write a python script which downloads a key, reverses it and then sends it back. Note that the key changes based on a timer.\n\nInstructions:", "tips": [ "Tip: Successfully send back the key in time to get the flag." ] } ], [ { "title": "Magic File", "description": "We've extracted one of the alien zip files, it's a bunch of PNG files, but we think only one of them is valid. Use magic byte to determine which it is.", "tips": [ "Tip: Find and read the correct file to get the flag." ] }, { "title": "Cookie Cutter", "description": "Remember on the last level you helped the team identify the aliens' web servers? Well now we want to attack the alien users who are logged in to that server. To do that we need to identify which are logged in.\n\nSee if you can write a script that can guess cookie values and send them to the url http://127.0.0.1:8082/cookiestore. The cookie to be sent is alien_id.", "tips": [ "Tip: Read the response to the right cookie value to get the flag." ] }, { "title": "Alien Transfer", "description": "We've noticed that the aliens are sending messages between their ships, we think they're using XOR to encrypt the messages, and we've intercepted a key.\n\nSet up a server listening on (\"localhost\", 10000) to intercept one of the alien messages. When you do perform a bitwise XOR on the message with the key \"attackthehumans\" and then respond with the encrypted data.", "tips": [ "Tip: Read the response to get the flag." ] }, { "title": "Hidden Messages", "description": "One of the agents has intercepted a file from the aliens that we're worried about - it's called destroymoonbase.gif, so we really need to see what it is! Unfortunately we're struggling to make any sense of. It could be because it contains lots of symbols.\n\nWrite a script that will read the file, it's at /tmp/destroymoonbase.gif, then strip out all the characters that are not letters or numbers.", "tips": [ "Tip: Strip out the file correctly to get the flag." ] }, { "title": "Alien Email", "description": "Breakthrough! We've discovered that the aliens have an insider back on Earth, and they've been contacting each other by... email?!\n\nWe've managed to get hold of an email between the insider and Zultron, who we think might be the alien leader, with details about attack timings. We want to send another email with something different to try and confuse them.\n\nWrite a script that will connect to an SMTP server to send an email. Use the SMTP server at \"127.0.0.1\", port 1025, with a from address of bob-roswell-1947@gmail.com and a to address of zultron@thebigeye.com.", "tips": [ "Tip: Send the email correctly to get the flag." ] } ], [ { "title": "New Line of Communication", "description": "When you were on the last level we discovered the aliens had been communicating with a human insider back on Earth, and by email of all things! Well, it seems that may have been a bit of a decoy as they're also exchanging secret encrypted messages from a server on one of the probe ships.\n\nWe need you to write a script which can connect over TCP to the following server (\"localhost\", 10000) and send GET to retrieve the encoded messages, then send them back split by \\n. We think you'll receive 3 sentences and they're encrypted with a caesar cipher that has a different random offset per sentence.", "tips": [ "Tip: Decrypt and send back the sentences to get the flag." ] }, { "title": "Vulnerable String", "description": "Agent, we're upping our attack on the probe ship servers. We've identified a server that holds a compressed string (which we think might be some kind of unlock code to the mothership's entry system).\n\nWrite a script which can connect to the server (\"localhost\", 10000) over TCP, and send GET_KEY to download the string. The string is compressed using what we think is a very common form of compression used by many websites on Earth, so you'll need to uncompress.", "tips": [ "Tip: Download, uncompress and print the string to get the flag." ] }, { "title": "Getting Access", "description": "Ok, now things are getting serious. We have agents onboard a probe and they've used a key we have to gain physical access to the mothership. Now inside they've been able to connect to a page on the motherships main server which controls all the human technology they've been using. We think it's vulnerable to directory traversal, and we want to use that vulnerability to gain root access.\n\nThe page is at http://127.0.0.1:8082/humantechconfig?file=human.conf, write a script which will attempt various levels of directory traversal to give you access to the root directory.", "tips": [ "Tip: Get to the root directory and the HTTP response will be the flag." ] }, { "title": "Unlocking the Mothership", "description": "Agent, it looks like the aliens' insider back on earth is someone with a good understanding of technology. The aliens have left him a very complicated backdoor into the ships control system, but we need your expertise to figure it out and break in. If we can do that we think we might be able to set the alien ship to self-destruct!\n\nWrite a script which connects to the server controlling the entry to the aliens' tech over TCP (\"localhost\", 10000) and send some random data. We've already tried it and it sends back a bunch of random word codes. There's also a file called backdoor.txt containing some random text. Use your script to encrypt a message using that text and the word codes. Each word is represented by (paragraph_number, line_number, word_number). We think sending the encrypted message back is what will unlock the server and give us access to the alien tech!\n\nThe server expects all the words in one transmission. The words should be stripped of punctuation and sent over separated by newline characters. (\\n)", "tips": [ "Tip: Send the encrypted message back to the server to get the flag." ] }, { "title": "Self Destruct", "description": "Ok agent, one more challenge for you to finally defeat these aliens. We now have access to the core part of the alien mothership and have figured out how to set the ship to self-destruct. The only way the aliens can turn off the self-destruct is to get a million miles away from earth, so if you can do this we think they'll be in a hurry to leave!\n\nYou need to write a script which makes HTTP requests to the server http://127.0.0.1:8082/selfdestruct. That site randomly generates two numbers with a small chance of the numbers matching. To turn on the self-destruct you need to make those two numbers match!", "tips": [ "Tip: Make the numbers match and read the response, that's the flag!" ] } ] ], "Forensics": [ [ { "title": "Suspicious Selfie", "description": "Our agents have gained access to the employees work phone and downloaded a bunch of photos they took to see if we can spot any signs of mischief. For example, we know they somehow gave a conspirator on the outside internal passwords to computers but haven't yet been able to figure out how. Can you see anything in this image that looks suspicious?", "tips": [ "Tip: Find the password, that's the flag." ] }, { "title": "Chirping Chorizo", "description": "As soon as our agents knew which of the employees might be suspects in the case we started recording and logging their phone conversations to see if we could find anything interesting. We know for example that the companies banking password somehow got out to a conspirator. Can you spot anything in this conversation which might give you an indication?", "tips": [ "Tip: Find the banking password, that's the flag." ] }, { "title": "Report - Part One", "description": "One of the things our agents did whilst in the field was to get a packet capture from the suspected employee's computer for us to analyse. Can you take a look and fill in page one of the forensics report we're preparing for the client.", "tips": [ "Tip: Analyse the packet capture to get the right information to put in the report." ] }, { "title": "Report - Part Two", "description": "One of our agents in the field has just put a packet capture from the suspected employee's computer on our internal drive for you to take a look at. Can you use it to help finish off the second part of the forensics report we're preparing for the client?", "tips": [ "Tip: Analyse the packet capture to get the right information to put in the report." ] }, { "title": "Recibo", "description": "Agent, we think the employee in question has been using the digital receipts from the restaurant to move information out to a conspirator. Can you figure out which of these has been tampered with?", "tips": [ "Tip: Find the receipt that's been tampered with, the flag will prove it has been changed." ] } ], [ { "title": "Photo Rapide", "description": "It looks like the photographer took a particular interest in what the employees of the business were doing whilst he was in their shop. We think he actually saw one of them enter the password to one of their internal systems and then hid it, in plain sight, in a photo he took. Our team gained access to the photo files he didn't share with the business. Can you look closely to see if he's using them to hide the passwords?", "tips": [ "Tip: Find the password he stole, it's the flag." ] }, { "title": "Picture in Picture", "description": "When our team gained access to the photographer's photos we found a folder with some photos in it, but the photos seem to be pretty uninteresting from a quick look. Have a look at them yourself and see if you can find anything interesting.", "tips": [ "Tip: The flag is in the image." ] }, { "title": "Trojan Horse", "description": "Whilst in the shop the photographer asked to use one of the staffs Windows PC's to show them previews of the photos. We think he may have done something bad whilst he was using it as now it appears to run an application we don't recognize on boot up.", "tips": [ "Tip: Find the malicious process to get the flag." ] }, { "title": "Remote Access", "description": "After we initially spoke to the owner of the small business as part of our team's initial recon he has been back in touch to let us know that some other strange things have been happening on one of the office PC's outside of normal business hours. We think sometime around the 1st of September the photographer logged onto the business network remotely. Take a look at the log files we have for login events and see what you can find.", "tips": [ "Tip: The name of the account the photographer used to log in is the flag." ] }, { "title": "Moving Mix-Up", "description": "Well, this is embarrassing. It seems the team over in Paris captured the running memory from a machine used by the photographer, but the documentation got all mixed up in transit. Can you see if you can at least confirm the Operating System Profile needed to analyse this image?", "tips": [ "Tip: The flag is the correct profile." ] } ], [ { "title": "Picture Imperfect", "description": "The team in New York have been reviewing some of the design work created by the suspects and some of the pieces look really strange. We're sure they must contain a secret of some kind. Have a look at this one for example on his \"About Page\" site, can you see anything that doesn't look right?", "tips": [ "Tip: There's a secret in the image, that's the flag." ] }, { "title": "Peculiar Portfolio", "description": "One of the graphic designers also works as a photographer and usually posts his images on his personal portfolio. But our team noticed he created a second portfolio with just one image on it, which we thought was strange. It made us think maybe it contained a secret message of some kind. Take a look and see what you think.", "tips": [ "Tip: The image contains a secret, that's the flag." ] }, { "title": "Unfamiliar Files", "description": "Here's a strange one for you, agent. Our team was able to recover a hard drive owned by one of the hackers and found all kinds of interesting things on it. Unfortunately, some of the files don't seem to work and we're not sure what they are. Can you take a look at this one and see if you can figure it out.", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Dubious Jobs", "description": "As part of our work helping the New York branch, we took on the task of monitoring some of the sites the hackers have been looking at - one of which was a job board for graphic designers. We managed to get a network capture of one of them viewing a job posting which we suspect has a secret message in it. See if you can confirm that by looking at this pcap (packet capture) file.", "tips": [ "Tip: The flag is in the file." ] }, { "title": "Volatile Memory", "description": "When our team in New York came across a couple of PC's they thought might have been compromised by the hackers they took some memory dumps to analyse. Take a look at this one with a tool called Volatility and see if you can identify the running processes and see if you can spot any that look suspicious.", "tips": [ "Tip: The suspicious process is the flag." ] } ], [ { "title": "Social Safari", "description": "One of the customers who had their laptop hacked was kind enough to let us take a look. We believe the hacker social engineered them into downloading a file from a website which turned out to be malware. That gave the hacker a backdoor to the system, from which they then laterally moved across the network. Can you figure out how they did it?", "tips": [ "Tip: The flag is the remote computer name.", "Note: The files for this challenge are the same as Level 4 Challenge 3 and only need downloading once." ] }, { "title": "Hidden Hyena", "description": "Our team in Kenya decided to take a page out of the hackers playbook and try sending an agent of their own along on one of the tours to follow a suspect they suspected might be one of the hackers. Our agent noticed them using a particular website which we believe had a secret message on it for him. Take a look at the network capture file and see if you can find anything interesting.", "tips": [ "Tip: The flag is in the pcap." ] }, { "title": "Hasty Action", "description": "Ok agent, slight change of plan with our investigation! Our team in Africa decided to swoop in and arrest one of the hackers when they saw him doing something they thought was especially suspicious whilst in a cafe in Nairobi. The only problem is he closed the file on his laptop before he was arrested. Can you help the team there figure out what file it was? They've sent the image file for you to take a look at.", "tips": [ "Tip: Find the recent files and find the flag.", "Note: The files for this challenge are the same as Level 4 Challenge 1 and only need downloading once." ] }, { "title": "Shutter Speed", "description": "We have a quick and urgent job for you, agent. One of our team in the field has managed to acquire the suspect's camera and download the images he had on it. They look innocent enough, just photo's of the tour, but we've received word that they've already been taken off the camera, a secret inserted into them, and put back, ready to be passed on to another gang member at the end of the tour. Can you take a look at this particular file and see what you can find.", "tips": [ "Tip: The flag is in the image." ] }, { "title": "Masai Mystery", "description": "We've just finished an interview with one of the customers who believed their equipment was hacked whilst on the safari. Intelligence tells us this group encrypt and encode all of their data, along with the encryption key string, before exfiltrating and deleting the files. We have got a copy of the HDD to examine. Can you find the encryption key?", "tips": [ "Tip: Intelligence tells us that historically the encryption key always starts with the string 'flag:'" ] } ], [ { "title": "Start Line Setback", "description": "Well, that wasn't a promising start. On our very first review, we found an image file on one of the company's servers which doesn't look quite right. We think whoever left it there has used a tool to add a passphrase to it and hide something inside. Take a look and see what you think.", "tips": [ "Tip: Open the file to find the flag." ] }, { "title": "New Racer", "description": "The plot thickens. It seems someone has indeed compromised the company's servers and even set up a new user account named \"sshd server\". Can you find out what the password is for the account so we can log in and unencrypt the data?", "tips": [ "Tip: The password is the flag." ] }, { "title": "Running Report", "description": "Ok agent, it's time to start putting together a draft of the report we'll send on to the client and there's some specific information we need that you can help with. We have found the first time and date the hacker attempted to connect to our client's networks, but we cannot determine what their first actions were. Take a look at the network traffic and then see if you can use it to fill out the forensics report form.", "tips": [ "Tip: Answer the questions to get the flag." ] }, { "title": "Dash Delete", "description": "So here's what we know so far \u2013 someone gained access to the company's servers, set up accounts and left suspicious files. We also think they may have deleted at least one important file called \u2018coms.txt\u2019, but fortunately not in a forensically sound way. Can you find anything important in this file?", "tips": [ "Tip: Find what they deleted to get the flag." ] }, { "title": "Uphill Section", "description": "We've hit a bit of a stumbling block in our investigation and need your urgent help - our client is planning to do their pitch to the marathon committee in the next few days so we need to get the report finished. Unfortunately, we've received an important pcap containing potentially malicious files from our field agents and it seems to be corrupt. We've been unable to open it. Can you help?", "tips": [ "Tip: Find a way to open the pcap to get the flag." ] } ], [ { "title": "Argentine Ambush", "description": "From a meeting she had in Argentina we were able to intercept an image file she sent to the person she met with shortly after they departed which we think has a secret within it. But it looks like she has used a tool that has the ability to use passphrases to hamper extracting hidden files. Some other tracking we put in place has also revealed she has been visiting websites about encoding messages. See if you can put these bits of information to good use.", "tips": [ "Tip: Get into the file to get the flag." ] }, { "title": "Missing Image", "description": "Here's another file we intercepted a while back. We know it contains a secret, and we're pretty sure it's an image file. But for some reason, it doesn't seem to be detected as one. She has probably made a change to it in some way and our analysts were never able to figure out what.", "tips": [ "Tip: Make the image work to get the flag." ] }, { "title": "Brazilian Blather", "description": "Another bit of evidence you can take a look into, agent - a packet capture containing an email conversation and attachments from some interactions the hacker had with a gang member in Brazil. Do some analysis and see what you come up with.", "tips": [ "Tip: Answer the question to get the flag." ] }, { "title": "Island Image", "description": "Here's a question for you, agent - one our team was never able to answer. We have a disk image file taken from the hacker which we know ran a number of oddly named executable files on the target machine, but we don't know what it ran. Can you unravel the name of the program?", "tips": [ "Tip: The name of the program is the flag." ] }, { "title": "Urgent Escalation", "description": "Ok, urgent work for you, agent - this case just got escalated up through the ranks. As you've been looking into it again I decided to get a couple of other agents to take a look as well and they've noticed something of serious concern - we believe one of the servers in our Brazilian office which we were using to conduct the initial investigation has been compromised by exploiting a potential vulnerability. Can you identify it from the log files?", "tips": [ "Tip: Find the vulnerability to get the flag." ] } ], [ { "title": "Icy Admin", "description": "Ok agent, first up we need to recover the NTLM hash of the administrator account. We've had one of the research team send you a memory dump to take a look at.", "tips": [ "Tip: The hash is the flag." ] }, { "title": "Cool Recovery", "description": "Right, time to help the team with some data recovery. They've sent us an image file but it looks a bit odd. See if you can dig deep and recover the data.", "tips": [ "Tip: Recover the data and you'll find the flag." ] }, { "title": "Footprints in the Snow", "description": "It looks like the bad guys left a trail behind. For example, they left a suspicious PDF on the system, but it seems to be empty. Investigate and see if you can figure out what it is.", "tips": [ "Tip: Analyse the PDF to get the flag." ] }, { "title": "Chilly Command", "description": "We know the hackers gained access to a particular Windows box, but we're not sure exactly what they did. See if you can use the registry file to figure out what the last command was that they ran.", "tips": [ "Tip: Get the command to get the flag." ] }, { "title": "Listicle", "description": "As part of the final report we're producing for the team, they've asked us to make a list of all the user accounts and passwords that have been used on one of the compromised machines. We have a memory dump from that machine, take a look and see what you can find.", "tips": [ "Tip: Find the bad account and that will give you the flag." ] } ], [ { "title": "Athens Arrest", "description": "We're trying to piece together the communications that have been happening between the dealers and the hackers. Luckily for us, a hacker our Athens team recently apprehended was one of those involved. We have a recovered memory dump of his machine. See if you can dig through it to find some key information to go in our initial report.", "tips": [ "Tip: Fill in the report correctly to get the flag." ] }, { "title": "Ancient Attachment", "description": "As part of investigating the ongoing communications between the dealers and hackers, we've been able to recover a mailbox file, extracted from a memory image by one of our analysts. Based on other messages we've seen we think there might be an attachment here with something interesting in it. See what you can find.", "tips": [ "Tip: Open the attachment to get the flag." ] }, { "title": "Final Bid", "description": "We have a quick task for you. One of our agents was almost done completing a forensics report for the client but got called away, could you help her finish it? There are only two questions left.", "tips": [ "Tip: Finish the report to get the flag." ] }, { "title": "Dodgy Dealers", "description": "To help expand the investigation we've been permitted to do some analysis on the machines of other dealers that weren't under suspicion of being involved, and we've already found something interesting. Take a look at this network capture, an initial analysis has revealed that it might have some hidden messages in it, can you help us figure out what they are?", "tips": [ "Tip: The flag is in the message." ] }, { "title": "Malicious Memory", "description": "Breakthrough! We've identified the hacker we think is in control of the group and managed to get hold of a memory dump from his machine. Our analysts in Athens have taken an initial look and believe there are some malicious tools and files hidden in memory, but they're quite small and stored in the MFT. Can you help us retrieve the file?", "tips": [ "Tip: Find the file, the flag is inside." ] } ] ] } ================================================ FILE: cdbot/data/legacy/game.json ================================================ { "Headquarters": [ [ { "title": "Secret Caesar", "description": "Our agents have been reviewing some documents they recovered from one of The Slootmaekers bike shops and they came across an order form for a set of six bikes which looks a little odd.\n\nWe think the six bike reference numbers might be encrypted with a caesar cipher (which is where the letters are shifted along by a certain offset, e.g. if the letter is A and the offset is 2 it will become C), and we've got some intel that one of them contains a code that starts with the word \"BAR\". We've worked out that the offset for each code is determined by the order quantity. See if you can use that to break the encryption and find the hidden code.", "tips": [ "Tip: The decrypted reference number containing the word BAR is the flag." ] }, { "title": "Social Secret", "description": "Agent, we think we might have a way to log into a social media account of one of the gang using the site's password reset form. We have two key pieces of information: his username and his favourite color. We just need his age and we'll be able to log in - can you guess it from the information we already have?", "tips": [ "Tip: Get the age correct and submit the form to get the flag." ] }, { "title": "Broken Banks", "description": "Agent, it looks like the gang are trying to raise some money to fund their plans - and they're doing so by sending fake banking emails to the customers of their bike shop to try and defraud them. Take a look at these four emails we intercepted, all are seemingly from well known banks, but can you spot the one which is fake?", "tips": [ "Tip: Click on the part of the dodgy email that makes you think it's fake and you'll get the flag." ] }, { "title": "Happy Customers", "description": "During our initial analysis of the gang we noticed something strange - they created lists of their customers and shared it between their bike shops, and each customer had a unique pattern of numbers after their name. One of our agents thinks the pattern of numbers might be encoded words. We also noticed the numbers never went above 26, that might be relevant. Can you work out what it means?", "tips": [ "Tip: Decode the message to get the flag." ] }, { "title": "Race To Where", "description": "Here's an interesting one for you agent - at the weekend the gang released what looks like a one page website advertising an upcoming bike race they're organising. Being cyber detectives we're naturally curious that things might not be as they seem. Have a look at the site - it looks like there are just two images on the page, a logo and the poster, can you find anything suspicious, maybe some text?", "tips": [ "Tip: Find the hidden clue and it'll lead you to the flag." ] }, { "title": "Tower of Wheels", "description": "So, this is strange - our undercover agent noticed that one of the gang has left a set of bike wheels set up in his workshop like a Tower of Hanoi puzzle. We think it's wired up to his computer and might reveal something if our agent can complete the puzzle.\n\nWe've mocked up the puzzle for you to try using javascript. You can move the wheels by entering the following command: move(, ), where the src or dst values can be \"left\", \"mid\", or \"right\". For example, to move a wheel from the middle lane to the left lane you need to type: move(\"mid\", \"left\"). If you get stuck type \"reset \"to start again.", "tips": [ "Tip: Complete the puzzle to get the flag." ] }, { "title": "Horrible Hats", "description": "One of our agents has noticed something a little strange that she thought you might be able to look into. The Slootmaekers have a cycle hat creator tool on their website which allows you to select a combination of up to eight colors to go into a custom hat design. The tool itself didn't seem strange until we noticed the gang were sending each other links to hat color combinations they'd created on a regular basis that were a bit dull and had no other comment. It seems a little odd and we think they might be using it to hide secret messages.\n\nWe've managed to get hold of an example output page which we think contains a secret code word the gang are using in other communications. If we could figure out that word it would really help us discover what their bigger plans are.", "tips": [ "Tip: See if you can convert the color RGB numbers into letters using the included ASCII table to get the flag." ] }, { "title": "Mixed Messages", "description": "Our team have been monitoring some text message chatter between two of the senior gang members over the last week. There was nothing interesting of note until suddenly all their messages started coming through mixed up.\n\nAt first we thought it might be a technical problem, but then it occured to us that they might be deliberately encoding the messages somehow.\n\nI've had one of the agents forward you one of the messages, see if you can decode it.", "tips": [ "Tip: Decode the message, we think it mentions two colors, combine them (e.g. redgreen) and that's the flag." ] }, { "title": "Bike Fan", "description": "Quick task for you agent, one of the gang, Lars De Vries, has a site where he posts pictures of bikes he likes. Recently we've noticed some of the images are broken and he hasn't fixed it. Seems odd. Take a look at this page and see if you can get the image to show, perhaps take a look at the source code of the page and see if anything doesn't look right.", "tips": [ "Tip: Find a way to get the image to show and you'll find the flag." ] }, { "title": "Executable", "description": "Agent, quick question for you. One of the team sent me a screenshot of his filesystem browser with a bunch of files she recovered from a memory stick one of the gang discarded. She's asking if any of them are executable files. Take a look and let me know.", "tips": [ "Tip: The name of the executable file (including the extension) is the flag." ] }, { "title": "Hidden Report", "description": "One of the ways we've been investigating the gang and their bike shop is by actually buying products from them online. We've spotted a piece of functionality that we think might be exploitable, allowing us to get more information on other customers (some of which we think might actually be helping them with their plans to steal the eBikes).\n\nHave a look at our account page on the site, it allows you to generate a report of your transactions. See if you can find a way to view a transaction report for the very first user of the site.", "tips": [ "Tip: Find the report for the first user of the site and you'll get the flag." ] }, { "title": "Binary Bike Lock", "description": "Well, this gang love their technology and bikes so much that they've combined them to make a custom bike lock!\n\nWe're concerned they're going to use this lock technology as part of the bigger bike heist, so it's worth us taking the time to try and figure out how to crack them now.\n\nTake a look at this lock and see if you can unlock it.", "tips": [ "Tip: Unlock the bike lock to get the flag." ] } ], [ { "title": "User Who", "description": "Urgent request - one of our agents is currently at a Slootmaeker hideout and we know the rest of the gang are on their way back there. He's found a computer they've been using and managed to gain access to their linux server through the use of an exploit - but we don't know which user he's been able to log in as, and we need to know before he runs out of time. We've patched you in to his screen - see if you can find out.", "tips": [ "Tip: Get the username, that's the flag." ] }, { "title": "Secret Pages", "description": "You're now well aware of the Slootmaekers supposedly legit business, the Bike Factory. Evidence is mounting up that the business, and especially its website, have quite a few things to hide. We've just had a tip off that there's a secret page on the website with some interesting information about when the gang plan to attempt the eBike heist. Problem is, it seems to be restricted. Can you get access?", "tips": [ "Tip: Get access to the page to get the flag." ] }, { "title": "Encrypted Message", "description": "We have an undercover agent in one of the Slootmaekers bike shops, posing as a bike mechanic. We need to send him an urgent message but the only phone he has is one the gang gave him and may be monitoring. We have a specific substitution cipher we can use - quickly encode the message and send it.", "tips": [ "Tip: Correctly encrypt the message and send it to get the flag." ] }, { "title": "Decryption Ring", "description": "Things are really starting to get busy - the Slootmaekers seem to be in the final stages of preparing the heist, we need to move quickly! We've just received a message back from one of our undercover agents with details of where they're planning to attack first. It's encrypted with a caesar cipher, but we can't remember what he said he was going to use as the offset and can't seem to get hold of him again. We've put the message into our caesar cipher decryption tool, see if you can use it to decrypt the text and read the message.", "tips": [ "Tip: Decrypt the message, the flag is the name of the street." ] }, { "title": "Loopy Login", "description": "Quick piece of analysis for you to do agent. We think there is something suspicious about the login form on the Slootmaekers website. Can you see what it is?", "tips": [ "Tip: Click on the suspicious thing to get the flag." ] }, { "title": "Broken Click", "description": "Here's a weird one agent, there's a link on the Slootmaekers login page for an admin login. We wanted to take a look but the link doesn't seem to work. Can you figure out how to get to it?", "tips": [ "Tip: Get to the admin login page to get the flag." ] }, { "title": "Hard Hash", "description": "Agent D from our cryptography department has just sent me this hash she intercepted from an exchange between two Slootmaeker gang members. She thought it might be a good task for a smart agent like yourself to figure out.", "tips": [ "Tip: Unhash it to get the flag." ] }, { "title": "More Broken Bicycles", "description": "Remember Lars cycling fan site from the last floor? Well, we thought we'd figured out what the issue was with the broken images on the site, but on this page that we've just come across all the images already have file extensions, but one is still broken. Can you see what's wrong?", "tips": [ "Tip: Get the image to show to get the flag." ] }, { "title": "Fingerprints", "description": "We've found a secret lock-up used by the gang, a big breakthrough! One small problem, it uses an electronic keypad and requires a four digit pin.\n\nWe've noticed four of the numbers have fingerprints on and we've discovered that the lock only allows you to use each number once (i.e. you can't do 7777). Can you use that information to guess the right code? There are still quite a few possible combinations so you'll need to be systematic about it.", "tips": [ "Tip: Get the right code to get the flag." ] }, { "title": "Useful Hack", "description": "Agent, we really need to log in to the Slootmaekers site as one of the gang - it looks like it has functionality for them to exchange messages about their heist plans. Time is running out and we need to know what they're saying.\n\nWe don't have a username and password combination for any of the gang members, but it just occurred to one of our agents that a big popular dutch social media site called Gellukkig was recently hacked and a bunch of username and password combinations posted online. There's a small chance one of those was one of the gang members and they've re-used the details for the login on the site.", "tips": [ "Tip: Login to the site as a gang member to get the flag." ] }, { "title": "Too Much Text", "description": "Ok, this is really weird, one of the gang just emailed every other gang member a HUGE text file with loads of random latin text in it. There must be a secret code hidden in it, right?", "tips": [ "Tip: Find the secret code, that's the flag." ] }, { "title": "Under Attack", "description": "It looks like part of the heist is underway, they're hacking the Amsterdam City Bike Initiative servers as we speak! We need to help them out, see if you can change the server configuration settings to kick the hackers out of the server.", "tips": [ "Tip: Change the settings correctly to get the flag." ] } ], [ { "title": "Chopper Check-in", "description": "For this assignment we need your help keeping an eye on the gang. One of our agents wants to remotely access their computers but only when they are not around to see.\n\nWe've discovered that today is their Christmas party but we don't know where it is. If we knew we could send an agent along to check they were all there.\n\nOne of the gang, Sannfred, uses a location check-in site called Circle. Perhaps you could take a look at his profile to see where the party is?", "tips": [ "Tip: The challenge flag is the number of the building." ] }, { "title": "Password Postulation", "description": "One of our agents was recently able to get hold of a username and password that one of The Chopper gang uses to access their company intranet. However, before he was able to use it to log in they implemented a change in their password policy.\n\nThe old password is \"evergreen\", and we've heard the new password policy requires a capital letter and number. Perhaps you could guess what he changed it to and help us get access?", "tips": [ "Tip: To get the challenge flag you need to successfully login." ] }, { "title": "Secret Source", "description": "It looks like the gang has a lot of information we might find useful on their intranet; probably details of how they intend to break into their competitors' computer systems to look for the plans to their better felling machine. It would be especially useful if we could log in as their main developer, Aksel.\n\nSometimes developers can be a little bit lazy and leave information in the source code of a page that might be revealing. Perhaps you could take a look and see if there's anything Aksel left that might help you log in.", "tips": [ "Tip: To get the challenge flag you need to successfully login." ] }, { "title": "Snake Charmer", "description": "We've just intercepted an email from one of the gang members with a file attached called \"passgen.py\". It looks like a Python script.\n\nWe've heard that the gang is looking for a way to make their passwords more secure, perhaps using code like this to generate them. See if you can run the code so we know exactly what it does.", "tips": [ "Tip: The output from the code is the flag you need." ] }, { "title": "Corrupted", "description": "An agent in the field managed to get access to an XML file that he believes belonged to one of The Chopper gang members. It looks corrupted so he's sent it to us for analysis.\n\nHave a look at the file and see if you can get it working.", "tips": [ "Tip: The flag to complete the challenge is on the last line of the file." ] }, { "title": "The Competitor Revealed", "description": "We've intercepted some encrypted text from one of the gang members, which we think might include the name of the competitor company that they intend to target.\n\nLuckily, we also know it uses a letter substitution cipher and CPA has our very own tool for breaking this kind of encryption. Use it to try and work out what the text says.", "tips": [ "Tip: The flag is the name of the competitor company." ] }, { "title": "A Secret Rendezvous", "description": "Yesterday we intercepted some code passed between two Chopper gang members - Ibert and Dante. We believe it mentions the location of a secret meeting to discuss plans to hack into their competitors' computers.\n\nFortunately, we know it uses columnar transposition and have a CPA tool to help you crack it. We've loaded the code into the tool. Give it a try and see if you can decrypt the message.", "tips": [ "Tip: The flag is the city they will be meeting in." ] }, { "title": "Route into the Router", "description": "Good news, we've managed to get access to the login page for one of the gang's home routers. Useful... if only we knew the username and password. I wonder if they've been lazy and left the router's default username and password active? The router is just a standard Nethub 5000.", "tips": [ "Tip: Find the correct username and password to get the flag." ] }, { "title": "Big Transfer", "description": "Agent, we've just intercepted a message between two of The Choppers talking about how they intend to steal money from the bank account of a different competitor to fund their plans.\n\nIt said they've found a weakness in the money transfer tool on the Global Bank website. We've just successfully put through a test transfer, can you see any way to hack it?", "tips": [ "Tip: Transfer 1000 to a bank account called cpatestreceiver from cpatestsender to get the flag." ] }, { "title": "Dante In Command?", "description": "We found a file in an intercepted email from one of The Chopper gang members, Dante, but it needs to be run from the command line in order to make it work.\n\nWe think it might be a program the gang are writing to gain access to their competitors' computers, so it's important we check it out.", "tips": [ "Tip: Run the program from the command line; the flag will be in the output." ] }, { "title": "Wheel Spin", "description": "Whilst taking a look around The Choppers' intranet site, one of our agents found a rather odd page. It just has two numbers on it. Take a look and see if you can figure out what's going on.", "tips": [ "Tip: If you figure it out and you're persistent enough, you'll see the flag!" ] }, { "title": "Confused", "description": "Recruit, we've intercepted some chatter between Chopper gang members talking about one of their competitor's machines. They all have unique identifiers and we think one of those identifiers is hidden in some code we found. One of the other agents has emailed it to you. Take a look and see if you can find the identifier.", "tips": [ "Tip: The identifier is the flag you need." ] } ], [ { "title": "Arnold Chopper?", "description": "A few days ago one of our field agents, who is now working undercover for The Choppers, found two pages of a book ripped out and left on a table.\n\nWe weren't sure if it meant anything, but then today we intercepted an email containing some cryptic code. It looks like the gang is getting smarter with its encrypted messages and is now using Arnold ciphers.\n\nSee if you can use the intercepted code and the two pages of the book to discover what it means.", "tips": [ "Tip: We believe the message contains a code, that's the flag." ] }, { "title": "Maggie's File", "description": "Our field agent has managed to get some login details from one of the gang, Magdalina. We believe she uses the details to SSH into a remote server to view a particular file that might be important.\n\nThese are the details we have:\n\nIP address: 192.162.132.199\nUsername: maggie\nPassword: ubersecurepw\n\nWhy don't you try it yourself using the secure terminal we've provided and see what you find.", "tips": [ "Tip: The terminal uses non-default implementation of OpenSSH and only accepts common formats. The flag is the name of the file." ] }, { "title": "Cookie Jar", "description": "Now that we've gained access to The Choppers' intranet site it has dawned on us that they might have more than one level of user. If we could log in as an admin user it might allow us to see much more.\n\nSometimes you can change the session cookie to achieve that, and admins often have an ID of 0. Why don't you give it a try?", "tips": [ "Tip: If you're able to change your access to admin level the code will appear." ] }, { "title": "Photobomb", "description": "Our team have been monitoring The Choppers' web traffic and it seems they've been spending a lot of time on a photo-sharing site, especially one particular page. Have you ever heard of steganography? It's the practice of hiding a file or message in another file. Maybe one of the images on the photo-sharing site contains a hidden message. Why don't you take a look and see if you can find out?", "tips": [ "Tip: The flag is in the image." ] }, { "title": "Upgrades? Paaa!", "description": "It looks like The Choppers know they need to improve their security set-up, as recently we've been unable to log in to their intranet and they've been making a few changes to their security.\n\nThey have rewritten their login form to use slightly improved javascript, but it doesn't seem to be much more secure. Maybe you could change some of the javascript on the login page to see if you can log us back in.", "tips": [ "Tip: Log in successfully to get the flag." ] }, { "title": "A Helping Hand", "description": "This morning I received a message from my counterpart in another agency. It seems they've been monitoring The Choppers too.\n\nHelpfully they've sent us over an extract from a report one of their agents wrote, which they thought might be of use to us. Unhelpfully it's a PDF and much of the sensitive information has been redacted. Maybe you could find a way to see what it says.", "tips": [ "Tip: We think it contains one of the gang's passwords - that's the flag." ] }, { "title": "A Dangerous Contact", "description": "During our research into The Choppers, we noticed that their website has a contact page with a form for getting in touch. Our agents want to know whether it might be vulnerable to SQL injection.\n\nSee if you can put the SQL code in the right order. If you do, the data should appear in the console at the top of the page. This will contain the information we're looking for - a list of all previously submitted messages.", "tips": [ "Tip: The flag is the last name of the most recent person to send a message through the form." ] }, { "title": "Bad Kitty", "description": "For weeks now The Chopper gang members have been passing animated gifs of kittens backwards and forwards in a chat room app called KittyLitter. We thought they were just messing around, until one of our agents noticed something interesting in one of the gifs.\n\nTake a look at the gifs in this message thread and see if you can figure out what it is. Oh, by the way, one of the agents mentioned something about a browser plugin to help you with your investigation.", "tips": [ "Tip: The flag is what you discover!" ] }, { "title": "Bendikke Loves Axes", "description": "Whilst doing some background research on one of the gang members, Bendikke, we discovered that she writes a blog all about axes. We suspect she might be using the backend of the blogging tool to store information about how they plan to attack their competitors and, more importantly, the specific machinery blueprints they are after. If we knew that, it would really help us foil the gang's plans.\n\nSee if you can find the login page on the blog and use some of the techniques you've learned already to break in.", "tips": [ "Tip: If you successfully log in you'll get the flag!" ] }, { "title": "Phishing For Flemming", "description": "In our background research on one of the gang members, Flemming, we discovered their profile page on Ansikt, a Norwegian social media site.\n\nLuckily he's written all the details in English. We thought we might use them to create a phishing email and send it to him to try and get some further information, like his home address.\n\nTake a look at the profile, then create the phishing email with the right details, hit \"send\", and see if he sends anything back.", "tips": [ "Tip: Get all the details right, otherwise you can't send the email. When you do, you'll get the flag." ] }, { "title": "Lost But Not Forgotten", "description": "We've recovered a bunch of .gif files from an old hard drive one of the gang members threw out. We thought they were innocent enough until we started wondering whether they were all actually gif files.\n\nCheck your email, download the files and see if you can find out what's going on.", "tips": [ "Tip: The flag is in one of the files." ] }, { "title": "Lockdown", "description": "It looks like The Choppers might know we're trying to get in to their intranet.\n\nThey've currently got it locked down by disabling the login form. We still have a correct username and password - can you find a way to get in?", "tips": [ "Tip: Log in successfully and you'll get the flag." ] } ], [ { "title": "Word On The Street", "description": "We've been monitoring the Yakoottees for a while now, ever since we first came across one of their team trying to hack into large car manufacturers. Two of the gang members have recently started sending each other emails containing what we thought were Word documents. But here's the thing, the emails don't contain any words and we can't seem to open the files. Why don't you take you take a look?", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Dangerous Comment", "description": "One of the Yakoottees, Haruka, recently created a site where she posts photos of her favourite cars. We think it might be a front to store files containing their plans to break in to the Superspin factory. Each page has a form on it where you can post comments. Try and use the form on this particular page to use command injection and find any files hidden in the same directory. Remember, to inject code you need to include two commands by including a semi-colon.", "tips": [ "Tip: One of the files has the flag in it." ] }, { "title": "Out Of Sight", "description": "Well, that's a bit of luck. We've managed to get our hands on some details that allowed us to SSH into one of the Yakoottees private servers. They're a sophisticated gang, so they've probably hidden a few files in there. We've passed you the connection so have a look and see if you can find anything.", "tips": [ "Tip: The flag is in a file somewhere on the server." ] }, { "title": "Shopping For Secrets", "description": "An agent on Level 05 has told us about another big hack he's working on. Apparently someone broke into a popular shopping site, stole all the usernames and passwords and was going to post them online. Luckily, we got to them first and recovered the details. Why is this important? Well, it seems one of the Yakoottees was a member of that site.\n\nHe typically uses one of these three usernames: kazuya, kaz_whizz, kazuya99. We've put the recovered data on one of our servers. We've given you access, so see if you can find him on there. If we knew the password he uses maybe we can use that later.", "tips": [ "Tip: The flag is his password." ] }, { "title": "Shinji's Drone", "description": "Yesterday one of our field agents spotted Shinji, one of the Yakoottees low-level gang members, checking out the Superspin HQ, seemingly on a reconnaissance mission. He was seen flying a drone around the building with a video camera attached to it. We've since discovered that he put that video up on his personal site to share with other gang members. If we could get in and take a look at the video we might know better where they intend to target.\n\nCheck out the login page on his site and see if you can break in.", "tips": [ "Tip: Log in successfully to get the flag." ] }, { "title": "Zapped", "description": "The gang have been using a lesser-known chat app called Chatzap to communicate. We know one of the usernames (kanako) but not the password. If we could get access we might be able to see what they're saying.\n\nIt's not a great site and the security is average at best. Look at the login page - they do SHA1 hash their passwords but leave them in plain sight in the source code. See if you can use that to get in.", "tips": [ "Tip: Gain access to get the flag." ] }, { "title": "Yakoo Cars", "description": "The Yakoottees aren't just a criminal gang, they're also a group of talented car engineers. Their organisation has a front - a high-end car repair shop called Yakoo Cars.\n\nNaturally, we took a thorough look through their website to see if we could find anything interesting. One thing we found was a little strange: an empty page. Empty, apart from a message saying \"Error. Cookie user expected.\". Ordinarily we wouldn't think anything of it, but the page name is \"Secret\", so we should investigate.\n\nWe think only the boss Yaka Matsu should have access. Take a look and see if you can get around the cookie issue.", "tips": [ "Tip: Get past the issue to get the flag." ] }, { "title": "Perplexed By Pixels", "description": "The Yakoottees love their cars. And so you'd expect that they might send each other car photos, images and even art. But recently we intercepted something strange: a pixel drawing of a car. What's strange about it? One of the gang, Kanako, sent two copies of it to another gang member. After some initial analysis we noticed some slight variations in colour in a selection of pixels.\n\nOne of the team has already built a comparison tool but he's just been reassigned to another urgent project. Perhaps you could take a look at what he's built and finish the analysis.", "tips": [ "Tip: Calculate the differences, convert it with the ASCII table, and that's your flag." ] }, { "title": "Baffled By Browsers", "description": "Whilst monitoring the gang's web traffic, we noticed they've been visiting one particular page quite a lot. When we try we get rejected immediately without it even asking for a username or password.\n\nOur field agent, who is working for the The Yakoottees undercover, thinks it might be something to do with a particular browser that the gang built themselves called \"Orion\". Time for you to investigate. Maybe try looking for a browser plugin to help you out.", "tips": [ "Tip: To get the flag, get access to the page!" ] }, { "title": "Rattlesnake", "description": "Well, one thing is for sure, the Yakoottees' scripting language of choice is Python. We've intercepted a lot of Python files from all over the place. So many, in fact, that we need someone to look at them and see what they do. Can have a look at this one to find out what it does?", "tips": [ "Tip: The flag is in the file." ] }, { "title": "T-Shirt Trivia", "description": "The Yakoottees have a number of side businesses that they use to launder money. One of them is an online T-shirt business. We've been monitoring the site to look for unusual activity and yesterday a T-shirt went up for sale and then ten minutes later was taken down. Luckily we've been running a tool, which takes copies of all new pages before they get removed.\n\nThere's something odd about this page. The T-shirt for sale doesn't seem to be designed like the rest (which mostly feature cars); this one has what looks like a QR code on it. Take a look and see what you think.", "tips": [ "Tip: Read the code to get the flag." ] }, { "title": "File Found", "description": "Whilst monitoring one of the gang, Ryosuke, we came across a file that he posted online. The problem is, we can't seem to figure out what type of file it is. Take a look and see if you can work it out.", "tips": [ "Tip: The flag is in the file." ] } ], [ { "title": "Hush Fund", "description": "It looks like The Yakoottees are preparing for an attack and the senior members of the gang seem to be providing the funds. We've intercepted a message containing what we think are bank details, but they're encrypted. If you could decrypt them, we'd have a better idea of who is behind the plan.", "tips": [ "Tip: The decrypted bank account number is the flag." ] }, { "title": "Heroka's DB", "description": "In the previous level you may have been part of the investigation into Heroka. She recently created a site where she posts photos of her favourite cars. That investigation revealed that the site was vulnerable to injection and that she's been hiding details about their plans there.\n\nWe think that some results from a search of the site are also hidden unless you're logged in. We don't have any login details, so perhaps you could use SQL injection to get all the results. Think about which SQL query is run when you submit the search form.", "tips": [ "Tip: Get the full results and then you'll get the flag!" ] }, { "title": "Still Hiding", "description": "Were you involved in the previous level when we needed someone to SSH into one of The Yakoottees' servers and take a look around? Well, we need to do it again. It seems they're becoming a little smarter about hiding their files. Take a look and see what you can find.", "tips": [ "Tip: The flag is in a file somewhere on the server." ] }, { "title": "Brute Strength", "description": "Great news, recruit. Thanks to your work we've been able to recover a zip file from the Yakoottees' private server. We're pretty sure it contains blueprints of the Superspin HQ and details of how they plan to get in.\n\nThe zip file is password protected, so we set one of our engineers on writing a script to brute force it. Unfortunately, he was called away onto a special project for a team on another level. Perhaps you could make the final few alterations to his script to get it working.", "tips": [ "Tip: Change the script and open up the zip file to get the flag. Oh, and don't forget you can use your local terminal to help." ] }, { "title": "Running Man", "description": "The Yakoottees are preparing their break-in, so we're doing a full review of everything they have running. We found a service running on the server services.cyberprotection.agency, port 8203. Connect to the service and find what is on there to see if it's related.", "tips": [ "Tip: Connect and look at the banner for the flag." ] }, { "title": "Custom Plates", "description": "We've just had some new intel. The Yakoottees are planning to change the supercar's numberplates to British plates when they steal it. For some reason, rather than create their own, they've ordered some from a site online called CoolPlates. We want to see which plates they've ordered and where they're being sent.\n\nSee if you can get in to the site so we can find out. We don't have a username and password but we think it uses some simple javascript security checks.", "tips": [ "Tip: Log in to get the flag." ] }, { "title": "Junya Who?", "description": "Recruit, I need a favour. We've just had some intel about one of the gang members. His first name is Junya, but we can't find his surname. We know we have it on record but it could be in any one of a huge set of files. Perhaps you could SSH into our server and see if you can find his surname for me?", "tips": [ "Tip: Find \"Junya\" mentioned in the files and his surname will follow. That's the flag." ] }, { "title": "Rezapped", "description": "Remember ChatZap from a previous challenge? We need to get back in but it looks like they've changed their security. Take a look.", "tips": [ "Tip: Log back in to get the flag." ] }, { "title": "Meeting Momoko", "description": "Our field agents decided to make a move and pick up one of the Yakoottees, Momoko. We believe she was in charge of picking up some equipment that the gang needed to break in.\n\nUnfortunately, when they got there she'd gone. But they did find a post-it note with a cryptic code on it. On reviewing the surveillance tapes, it seems someone stuck it on her door a few minutes before she left. We think it might be a meet-up location. Can you crack the code for us?", "tips": [ "Tip: Crack the code, it's the flag! Note: The flag is in lowercase!" ] }, { "title": "QR.gif", "description": "Remember the QR code that the Yakoottees printed on a T-shirt? You might have been assigned to investigate it on the previous level. Well, it looks like they're using QR codes again and they've gone one step further by embedding them in a gif file. We think the combined output is important, so get straight on it recruit.", "tips": [ "Tip: Work out the QR codes and put them together for the flag." ] }, { "title": "Lost Key", "description": "Our agent on the ground noticed a USB key discarded outside The Yakoottees' garage and he's just uploaded the files for analysis. It's probably nothing important; they just look like innocent jpg files. One looks corrupt, however. Can you take a look just to be sure we don't miss anything?", "tips": [ "Tip: The flag is in the file." ] }, { "title": "Truck Stop", "description": "Recruit, we're sending you into the field for the first time! We think you're ready, so don't let us down.\n\nHere's the situation. We know a group of the Yakoottees are heading to a nearby depot to steal a truck, which they are going to use to transport the supercar prototype without anyone seeing. We want to get in to the depot first and wait for them. However, we can't get hold of the depot's owners and the front gate uses a sophisticated locking system.\n\nWe know the Yakoottees have the code already but we're going to need to crack it.", "tips": [ "Tip: Crack the code for the flag." ] } ], [ { "title": "All Zipped Up", "description": "Recruit, we need your scripting skills again. One of our field agents has managed to turn one of the Chiquitoos' to act as an informant. He has obtained access to a zip file from one of the senior gang members but it's password protected and he doesn't know the password (although we're pretty sure it starts with \"Cola\"). We've got a Python script that might help us brute force it but we think it needs some modifications.", "tips": [ "Tip: Open the zip file to get the flag. And don't forget you can use your local terminal to help." ] }, { "title": "Docking Port", "description": "We have come across a site, which we believe is run by one of the Chiquitoo gang members, that sends information out on the port 1337. We've got a terminal tool you can use that is restricted to do just what you need. See if you can use it to get the information so we can find out what the site is being used for.", "tips": [ "Tip: Get the information to get the flag." ] }, { "title": "Hidden Boats", "description": "Those Chiquitoos are a busy gang and they run a number of legitimate and criminal operations. One of their legitimate businesses is a small boating company that transports workers to the offshore wind farm. Their website has a page, which lists all the scheduled trips out, but we think there might be more that they're not making public. Our inside informant tells us they're stored in a file called \"extra.txt\". Have a look at the site and see if you can get access to it.", "tips": [ "Tip: The flag is the boat number of the last one in the secret list." ] }, { "title": "Pedro's Password", "description": "Recruit, we've had access to a server used by one of the Chiquitoos' side businesses for a while and have an idea that one of the gang members, Pedro, might have moved his user account from an old version of Linux. SSH in and see if you can find his hashed password.", "tips": [ "Tip: The flag is the hashed password." ] }, { "title": "Dot Dot Dash", "description": "It's time to go old-school, recruit.\n\nWe think the Chiquitoos have an insider that works on the ships carrying the shipping containers full of Cola. Obviously they don't want to be found out while passing details to the gang members on the nearby reconnaissance boats, so they've resorted to using Morse code to communicate. We've tapped into the frequency they're using and funnelled the code into our Morse code tool. Decipher the message and see what they're saying.", "tips": [ "Tip: In the message they mention a ship name; that's the flag." ] }, { "title": "Quick Drop", "description": "Recruit, we need your help urgently.\n\nThere's a package drop between two gang members about to happen; we have agents following them both. The first gang member has dropped off a briefcase at a discreet location and has left. We have an agent following the other one and he's just 4 minutes away from the pick up point.\n\nOur first agent has intercepted the package, it's a briefcase with two four digit number combinations required to get in. We have no idea what the unlock number is but the case has a post-it stuck to it with an encrypted code written on it.\n\nCan you decipher it in time to get the number combination? We've patched you in to the instant chat with the field agent - tell him the code before the time elapses.\n\nYou only get one chance per day to complete this timed challenge. Reload the page to try again.", "tips": [ "Tip: If you get the right code, the agent will give you the flag." ] }, { "title": "Secret Spreadsheet", "description": "Recruit, we've stumbled upon something. We think it might really help in getting us closer to the Chiquitoos' plan to steal the shipment of Cola. They've created a spreadsheet listing all the containers they intend to target. Luckily for us, they've posted it online for other gang members to see and update. But, of course, being the clever cyber criminals they are, they've put it behind a particularly clever password system.\n\nIf you visit the page where it exists the ciphered password is there but it changes every two seconds; too fast for us to decipher and use. One of our engineers has been working on a Python script to try and get around it. Have a look at the script and see if you can make some changes to get it working.", "tips": [ "Tip: Run the correct script to get the flag." ] }, { "title": "Miguel the Moneyman", "description": "Recruit, we think we know where the money for this Chiquitoo operation is coming from: one of their senior gang members, Miguel. And it's given us an idea.\n\nTo make the payments to gang members look normal, Miguel has asked them all to send him links to official looking PDF invoices, which we know he is opening on his computer and then paying. So our plan is to send him a malicious PDF disguised as an invoice from one of the gang members. But we need your help serving up the file to Miguel.\n\nCreate a web server with the terminal using Python, then finish off the email we've created by inserting the web server's location.", "tips": [ "Tip: Serve the file up correctly to get the flag. Make your web server listen on port 8000 to be sure to bypass the firewall." ] }, { "title": "Breaking Bottles", "description": "Recruit, we think we now know how the Chiquitoos' plan to distribute the Cola they steal. One of the gangs supposedly legitimate businesses is actually a bottling plant... and one of the things they bottle is Cola. We think they might be planning to re-label the bottles they steal as another brand they already bottle, making a huge mark-up and meaning the stolen Cola will effectively just disappear! Clever.\n\nWe think we might have a way in. The bottling plant has a website and there is a form where you can request a price list for their bottling services. We think it might be vulnerable to command injection, and there's a text file we believe you could access with \"recipe\" in the file name, which actually includes details about their plan. But here's the issue - they've added a filter to the form, which prevents the use of semi-colons. See if you can find a way around it.", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Bash the Botnet", "description": "We have managed to gain access to a server used by one of The Chiquittoos' side businesses. We think the gang use it to connect to their botnet, which we want to take down. The botnet is of course password protected but, if you can find the password we can log in and disable it!\n\nLog into the server using these credentials and see if you can find the password.", "tips": [ "Tip: The password is the flag." ] }, { "title": "Password Pickle", "description": "Hmm, these Chiquitoos are clever. We've intercepted a program that takes a password in and generates a one-time password. We found the correct password (it's \"password\") but it still won't let us in. The other agents are stumped. Can you take a look and see if you can figure out how to get the one-time password?", "tips": [ "Tip: Get it right and you get the flag." ] }, { "title": "Developer Disaster", "description": "Recruit, quick job for you. We've been using the shipping company website to keep an eye on which ships have been coming in and out of port. However, it looks like their developer pushed an update to the site, which has broken it and then he went home for the day!\n\nThere's an error message on the site. See if you can find a way around it to get us back in.", "tips": [ "Tip: Get back in to get the flag." ] } ], [ { "title": "Wake Up Alarm", "description": "Recruit, it's time for you to get back in the field. We want to do a test run of one of the ship's onboard security systems. Take a look at the online control panel to the ship's security. Can you find a way to turn the alarms off? If you can, then maybe The Chiquitoos' can too!\n\nBy the way, our intel tells us that there used to actually be a button called \"Turn Off Alarms\", which the ship's security team removed to try and make it more secure. Maybe start with that.", "tips": [ "Tip: Turn off the alarms to get the flag." ] }, { "title": "Locked Doors", "description": "Recruit, another piece of field work for you.\n\nWe want to test the internal door locks on the ship - and how better than to let one of our most promising agents (you!) try and hack into it!\n\nTake a look at this lock. It has some encrypted numbers which you need to decrypt to get in.", "tips": [ "Tip: Break through the lock to get the flag." ] }, { "title": "Port Service", "description": "Recruit, another interesting one for you.\n\nWe found a service running on one of The Chiquitoos servers at services.cyberprotection.agency on port 5737. We're not entirely sure what it does but we think we should check it out. We know that it somehow grants a code but it's hidden in so much text that we can't find it. Can you see if you can find it?", "tips": [ "Tip: Find the code, it's the flag!" ] }, { "title": "Barcode Bonanza", "description": "Intel just in!\n\nOn doing a routine review of all the boxes of Cola on one of the ships, we found four boxes with additional barcode stickers on them. Nobody can account for how they got there or what they mean. It must be The Chiquitoos on the inside sending each other messages about which boxes to target.\n\nSee if you can read the barcodes, decode the output and put them in the right order to get the message.", "tips": [ "Tip: The flag is in the decrypted message." ] }, { "title": "Filtered Cola", "description": "Hey recruit, back on the previous level you might have been involved with the team that was looking into one of The Chiquitoos' side businesses: the bottling plant. We found their price list request form was vulnerable to command injection and we think the site must also be open to SQL injection.\n\nOn the site there's a page where you can search through a list of all the orders they are planning to fulfil over the next month and we've got you access to it. We think that some of the results are hidden and only available to the senior gang members. We need that extra list so we can see when they are planning to re-label the stolen Cola as a different brand.\n\nOne of our other agents has already tried but, unfortunately, it looks like there is a filter being applied to prevent certain phrases being used in the form. Can you bypass it?", "tips": [ "Tip: Get the full list and you'll also get the flag. The flag is the name of the handler on the last result marked \"secret\"." ] }, { "title": "Boat Missing", "description": "Recruit, we've lost sight of one The Chiquitoo boats! We think it's heading out to intercept the ship they are targeting but we can't find it.\n\nWe know one of the gang members onboard, Arturo: he frequently posts photos from his phone to Picster, a social media site. Perhaps you can take a look at his latest photos and see if you can figure out where they are.", "tips": [ "Tip: The flag is the latitude and longitude degrees added together!" ] }, { "title": "Encrypted", "description": "Quick extra project for you, recruit.\n\nWe have managed to gain access to a server, which is running The Chiquitoo gang's secure encryption service. We need the password they are using as the encryption key. Can you find out what it is for me?", "tips": [ "Tip: The flag is the password." ] }, { "title": "Float to the Top", "description": "Recruit, we're close to foiling The Chiquitoos' plans, but to do so our guy on the inside needs access to the senior members of the gang. The only way he can do that is to pass one of their tests to see if he's got what it takes.\n\nThe good news is that we know what the test is. He needs to bypass the security check on a file called \"OverflowedBuffer\". We've got hold of the file and the test is tonight. Can you do it for him?", "tips": [ "Tip: Pass the security check to get the flag." ] }, { "title": "Shipping Lanes", "description": "Recruit, we've been monitoring the web traffic of one of the gang members and he's visited a page, which has made us very suspicious. Why? Two reasons: first, it's called \"shipping-lanes-target\" (so we think he's using it to monitor the ship) and second, we can't get access to it! Whatever we try, it just won't work.\n\nTake a look at the page, maybe have a dig around the source code and see if you can get us access to it.", "tips": [ "Tip: Get access to get the flag." ] }, { "title": "Corrupted Corruption", "description": "Recruit, there's another quick task I need your help with. One of the agents intercepted a zip file from The Chiquitoos, but it looks like it's corrupted. I know you've helped us with this kind of thing before. Can you take a look and see if you can get it working?", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Secret Messages", "description": "Crikey, every time we think we're getting one step ahead of The Chiquitoos, they do something that proves how good they are.\n\nIt seems they now know we've been intercepting some of their messages, so they've started encoding them all. Our agents are looking at them now to try and figure it out. Why don't you take a look too and see if you can figure it out first. It probably won't harm your promotion prospects if you do!", "tips": [ "Tip: Decrypt the message to get the flag." ] }, { "title": "Hidra", "description": "Well, this is interesting. We've finally been able to get access to a messaging app (called Hidra) that The Chiquitoo gang is using to communicate. Within an hour of looking at the messages, they've already given us some great intel.\n\nFor example, FTP login details to the gang's main server! One small issue: they mention the address and the username but not the password. See if you can find a way in.", "tips": [ "Tip: Find the password for the user account. The flag is in a file which you get from connecting to the FTP server via a PASV connection. If you are inside the VM, you can use ftp -p." ] } ], [ { "title": "Cold File", "description": "Agent, quick task for you if you have a few minutes to spare. We have an old program one of our previous agents used that we can't get into. Can you get into it for me?", "tips": [ "Tip: Run the program, find the password, input it into the program to get the flag." ] }, { "title": "Code Attack", "description": "We need your programming skills agent, and from what you've demonstrated so far we think you're definitely up for the challenge.\n\nYou need to write a simple script from scratch to crack into another program that takes an argument (a 4 digit numerical pin code) and outputs a result.", "tips": [ "Tip: If you enter the right argument into the program you get the flag." ] }, { "title": "Bunsen Burners", "description": "Agent, we've been looking into the different ways the Spetzners have been communicating with each other about their plans, and one of them is a science forum called Bunsen Burners. We want to see if the site is vulnerable in such a way that would allow us to serve our own JavaScript to one of the gang when they view it.\n\nWe've created an account for you and made a test forum page called \"Hack Trick\". See if you can get an alert box to appear on the page saying \"Kaboom!\".", "tips": [ "Tip: Get the alert to show with the right text and you'll get the flag!" ] }, { "title": "Centrifuge Exposed", "description": "Agent, here's a test for you to show the rest of the team you deserve to be on this level.\n\nOne of the Spetzners associates, Alexei, runs a science equipment ecommerce site called Centrifuge. Our team knows that he's secretly been using it to sell the Spetzners mad scientists the equipment they need for their schemes, so we've been trying to get access for weeks, to no avail.\n\nWe've just had a bit of good news. When making an update to the site Alexei made a mistake which, for a few hours last night, left some of the sites PHP code exposed. We managed to grab the code when it was there. Take a look and see if you can use it to find a way in to the site.", "tips": [ "Tip: Get access to the site to get the flag." ] }, { "title": "Mission Extension", "description": "Agent, those Spetzners are really trying to test our patience! We have someone on the inside that managed to quickly take a copy of one of the gangs hard drives. But just to make it really hard to figure out what they're doing they've removed all file extensions - from every file!\nWe know there's a jpg in there somewhere with an image of the particular EMP they're trying to steal, but it's taking the team forever to find it. Can you think of a quicker way?", "tips": [ "Tip: Find the jpg, it contains a serial number (SN), that's the flag!" ] }, { "title": "Hidden Centrifuge", "description": "Agent, we've been looking through the Centrifuge ecommerce site, run by one of the Spetzners associates Alexei. It contains thousands of pages, so one of the ways we've been doing that is simply by using a search engine, which has indexed all the pages.\n\nThe team have been starting to wonder whether there are other pages that we've not seen. Can you see if you can find them.", "tips": [ "Tip: Find the hidden page to get the flag." ] }, { "title": "Grand Old Ruble", "description": "Ok, we need you to step into the shoes of the Spetzners best hackers for a while. We've received some intel that the gang have identified a vulnerability on the Grand Ruble Bank's website that allows them to perform actions only an admin should be able to.\n\nTake a look and see if you can do the same so we can help the bank fix their security.", "tips": [ "Tip: Transfer 1000 rubles to a user called cpa to get the flag." ] }, { "title": "Hayka", "description": "Remember we said the Spetzners were mad scientists? Well, one of the gang, Vladimir, is an actual scientist, and runs an official scientific paper submission site called Hayka. But here's the thing - the server he runs the site from is his own, and we think he's also using it to store the gangs secret plans.\n\nWe want you to take a look at the scientific paper upload page, we think it might be vulnerable. See if you can upload a PHP file which will output the code word \"b1n4ry\" to the screen when you visit the page.", "tips": [ "Tip: Upload the correct file and visit the file page to get the flag." ] }, { "title": "Tayga Bears", "description": "One of the Spetzners lives in Tayga, a heavily forested area with a lot of bears! So it's no surprise that he spends some of his spare time taking photographs of them and posting them to a nature site called \u043c\u0435\u0434\u0432\u0435\u0434\u044c \u0441\u043b\u0435\u0434\u0438\u0442\u044c (which is Russian for Bear Watch). We thought it was fairly innocent until one of the agents spotted something weird about one of the images.\n\nTake a look at them and see if you can spot what it is.", "tips": [ "Tip: There's a hidden file, open it to get the flag." ] }, { "title": "Bogdan's Data", "description": "Agent, a possible breakthrough that we need your help with. We've found a server run by the gang, it's at services.cyberprotection.agency:3166 and it seems to be protecting some data. The gang member who we think administers it, Bogdan, is one of the key members behind the plans to steal the EMP. We think it might have even been his suggestion in the first place. In short, we need access to the the data on that server.\n\nFortunately we've been able to recover some source code for it. Take a look at the source code and see if you can get access to the server.", "tips": [ "Tip: Get access to the server to get the flag." ] }, { "title": "Recruit List", "description": "Agent, the Spetzners are trying to recruit someone on the inside of the hidden weapons facility to help them get the access they need to steal the EMP. We believe one of the gang members has made a list of names of the people they want to target, and placed it on his own private web server.\n\nWe've found the login page for it, see if you can get access.", "tips": [ "Tip: Bypass the login form to get the flag." ] }, { "title": "File Hunt", "description": "Agent, we have SSH access to one of the gangs servers that contains lots of files and we need to find one in particular.\nOne of the gang, Stanislav, created the file on 22 Nov 2015 at 8.00pm (we know because we were monitoring him!). Can you find that particular file, we think it contains important information concerning the whereabouts of several gang members.", "tips": [ "Tip: Find the file, it contains the flag." ] } ], [ { "title": "Odd File", "description": "Hmm, this is an interesting one for you recruit. We have a file that the Spetzners have been sending back and forth between them for a while. We have no idea what it is or how to get access. We've tried running it and answering the question it asks but to no avail.\n\nWhy don't you give it a try and see if you can get access.", "tips": [ "Tip: Get access to the file to get the flag." ] }, { "title": "Overflow Egor", "description": "Right recruit, it's time we tested your skills against the Spetzners finest.\n\nOne of their gang, Egor, is a master scientist and skilled programmer. He's written a program which we think is vulnerable to buffer overflow. See if you can crack it.", "tips": [ "Tip: Overflow the buffer to get the flag." ] }, { "title": "Hidden Bear", "description": "It seems the Spetzners will find any way possible to keep their secrets from us. And we think they know we're on to them, so they're doubling down with strange new ways to hide their messages.\n\nHere's a good example, you may remember the Bear Watch site from the previous level? Well we've been looking at one of the images from that site for days and can't seem to crack what it's hiding. Take a look and see if you can find it.", "tips": [ "Tip: Manipulate the image in some way to get the flag." ] }, { "title": "Text and Text", "description": "Recruit, yesterday one of our field agents was able to snoop on a meeting between several gang members planning out their attack on the weapons facility.\n\nOne of them mentioned to the other that he'd send over the lock code to one of the doors on the facility. If we knew the code we'd know how they got it (because the codes are only given to certain people) and where exactly on the facility they planned to get access.\n\nWell, this morning we intercepted an email between the two expecting to see the code, but instead they just sent over two large text files. Weird. Can you find the code?", "tips": [ "Tip: Find the code, that's the flag." ] }, { "title": "Perilous Pencils", "description": "Agent, we've just had an interesting piece of intel. It seems the gang know we're monitoring their own sites and servers, and have therefore started removing anything incriminating. But they still intend to implement their plans to steal the EMP and so need a new way of sharing information.\n\nIn what we thought was an unrelated piece of intel, one of our field agents monitoring the gang reported this morning that he noticed one of them looking at a site which sells pencils. The Spetzners, being geeky science types, do love their pencils, but we think it's a little more sinister than that - it seems they might have hacked the site and started adjusting the images on it to contain hidden messages! If we hadn't noticed them using the site we would never have known. Clever.\n\nHave a look at this page in particular which the gang member was looking at. Anything strange about it?", "tips": [ "Tip: The flag is in one of the images! Oh, and for password protected files don't attempt to drag and drop them." ] }, { "title": "Calling Yaroslav", "description": "Agent, we know the gang are attacking soon, so it's time to start bringing them in. This morning our agents picked up one of the gangs henchmen, Yaroslav, because we knew he had the time and date of the attack on his phone. The trouble is, we've looked at his phone and it contains a sophisticated eight digit pin locking system. It's based on a math problem, and we want you to crack it.\n\nHere's what we know: when the phone was first started the pin code code to log in was 4096. Every time we enter the pin code the number of times the pin code has been entered correctly in the past is added to the value of the pin code, to get the new pin. We know the system has been used 5520 times before. What will the pin code be this time?", "tips": [ "Tip: Get the right pin code to get the flag. All we know at the moment is that it's definitely eight digits long." ] }, { "title": "Chatz with Semyon", "description": "Agent, we need your urgent help.\n\nOne of the gang, Semyon, has been using a Skype equivalent called Chirp to make calls. We know he made a call this morning to an associate of the gang that's planning to help as a getaway driver when they steal the EMP. We want to pick him before he can help, so we need to know his phone number (which will help give us his location).\n\nSee if you can crack into the Chirp site. If you do you'll see the calls Semyon made today, we're looking for the one to Yury. Oh, and luckily one of the other agents has managed to get the PHP source code to the page, that might help.", "tips": [ "Tip: The flag is Yury's phone number." ] }, { "title": "Junk Decryption", "description": "Agent, we've just received a bunch of files from one of our field agents taken from one of senior gang members hard drives, and our team is having trouble putting it all together. Maybe you can help?\n\nHere's what we have: a decryption program which takes a string as an argument, but when we run it we just get junk back; some encrypted text, and; a weird image file of a calendar. A bizarre combination, take a look and see if you can figure it out.", "tips": [ "Tip: Run the correct string through the decryption program to get the flag." ] }, { "title": "Matryoshka", "description": "Agent, know anything about man pages?\n\nLog into this SSH server using the details below. We've received word that the gang has been using this public server to pass messages through the use of man pages. We need to see if they've used a particular code word (matryoshka) which they're using to say when to start implementing their plan. See if you can find it.", "tips": [ "Tip: Find the code word to get the flag." ] }, { "title": "Snakes in Motion", "description": "Ok, it looks like the gang are in motion. They're meeting at a particular street in an hour and we think we know how to get the street name. The only problem is the street name is encrypted.\n\nSo, we have the encrypted text, a dictionary file and a python script to help you. Unfortunately the python script is incomplete. Can you finish it off so that it runs each line in the dictionary against the encrypted text to decrypt it? You better hurry.", "tips": [ "Tip: Decrypt the text, that's the flag." ] }, { "title": "Kapa's Hidden Secrets", "description": "Agent, you may have already come across the pencil selling ecommerce site Kapa that the gang hacked into and have been using to exchange messages. Well, it seems they're using it for something else too - to hide files.\n\nLuckily for us we think the site is vulnerable to command injection. See if you can use the comment form to get access and find a file, we think it has a list of the gang members involved in the planned robbery and their particular role in the attack, so it's vital we get our hands on it right away.", "tips": [ "Tip: Find the file, it contains the flag." ] }, { "title": "Dear John", "description": "Ok, really important task for you recruit. We need access to the main Spetzner database! We think it's the only way to not only bring the gang down, but also gather the amount of incriminating evidence we'll need to prosecute.\n\nWe have a word list and a binary. The binary takes in a word list and attempts to break the password on their database server. Unfortunately the word list doesn't have the password on there, we think it may be a similar word though. Another agent mentioned a program called \"john\" which can alter word lists to make minor changes, can you look into that and see if you can use it to get access to the database?", "tips": [ "Tip: Get access to the database to get the flag!" ] } ], [ { "title": "Art Thief", "description": "Agent, we've been doing some research on Barry Brigley, one of the Bulldogs and a notorious art thief. We've managed to get access to a site he uses to post images of the art he's stolen which are for sale on the black market, but he's hiding the images somehow so we don't know what he's stolen. If we knew it would help us track his movements over the past few months (we think the art comes from a variety of galleries all over Europe).\n\nTake a look at the site and the images. You can download the images, they're in a common image format, see if you can recover them.", "tips": [ "Tip: The flag is in one of the images." ] }, { "title": "The Insider", "description": "One of the other agents needs your help. He's been trying to open a file we intercepted which we believe might have special insider information about the bank the Bulldogs are targeting. The agent thought opening the file was going to be simple, but it's not working. Can you help?", "tips": [ "Tip: Get the password and open the file to get the flag." ] }, { "title": "Nightclub Rendezvous", "description": "Agent, this one is urgent. Our team have just intercepted some chatter between two gang members and it's confirmed they are holding a meeting tonight at a nightclub somewhere in London. Unfortunately there are a lot of nightclubs in London and they didn't mention which one. Then, 10 minutes after the conversation ended, one of them posted up a cryptic piece of text on his social media account. We think it contains the time and exact location of the meeting. We have every agent on the ninth floor working to decode the text, can you get there first?\n\nHere's what we know about it so far: each character in the text was converted into a decimal number (according to the ASCII chart), then each number had the same number subtracted from it (a number between 1 and 10). Then each number was written to a new line of the text.", "tips": [ "Tip: The flag is the name of the nightclub." ] }, { "title": "Stepping Up", "description": "Finally, some good news! We've had an agent undercover with the Bulldogs for a while now, but the gang is quite large and it's very hard to get access to the elite group that are planning to rob the bank. However, we've just received word from our counterparts in Spain that they've arrested one of that elite group whilst he was on a trip there. He was their best hacker and now they need to replace him quickly otherwise their attack on the bank won't work.\n\nThe elite group have decided to select someone from the rest of the gang by issuing them with a hacking challenge. Whoever cracks it first gets to go with them on the robbery. If we could get our undercover agent into that group we'd almost certainly be able to disrupt their plans. The challenge is tough - there's a file and you need to overwrite the buffer to make the secret variable read: de4dc0de. Do you think you can be the first to break it?", "tips": [ "Tip: Overflow the buffer to get the flag." ] }, { "title": "Unsafe Deposit Box", "description": "Agent, we've been working with the bank to try and make their website more secure, which will hopefully prevent the Bulldogs getting access.\n\nAs part of our penetration testing we've found a page which might be vulnerable to XSS. It's the page you use to request further information about safety deposit boxes. You need to be logged in as a standard bank customer to get to that page, but we think you can use XSS to change the access level to admin. Give it a try.", "tips": [ "Tip: Get admin access to the site to get the flag." ] }, { "title": "Binary Battle", "description": "Agent, it looks like we might need your programming skills again. We've intercepted a binary that we want you to take a look at. It takes a password as an argument and produces a result if you get it correct. We think writing a script which uses strings might be the best way to crack it, but none of the other agents have been able to so far.\n\nThe file was taken from the hard drive of the gang member we think has been doing reconnaissance on the bank, so it could contain some extremely important information.", "tips": [ "Tip: Input the right password to get the flag." ] }, { "title": "Vicious Voicemail", "description": "Agent, once again we need you to step up and show us your skills. This time you need to stand in for Agent V, our resident audio expert, as he's been called up to help the team on the next level with a special mission.\n\nBefore he went he was able to get access to the private voicemail system the Bulldogs were using. He got access by logging in as one of the gang members, Terry Turner, and we can see there are a set of voicemails on there for him. Agent V didn't have chance to analyse them before he went, can you do it for him? We think there might be hidden messages in the audio files.", "tips": [ "Tip: Find the hidden message to get the flag." ] }, { "title": "Cryptonite", "description": "Yesterday our uncover agent let us know about an encryption tool one of the gang built called Cryptonite. It runs on one of the Bulldogs private servers and we think it might be vulnerable.\n\nSee if you can use it to get access to the server and look for any files that might be worth investigating. We think the gang member who built it, Percy Pinkly, is involved in the gangs efforts to circumvent the banks main security alarms, so he might have been storing files on the server related to blueprints or the security system.", "tips": [ "Tip: There's a file on the server containing the flag." ] }, { "title": "Open Box", "description": "It looks like Billy Johnson, one of the gangs enforcers, is using a cloud storage service to keep his files secure. We know he has an account and we know his password, but we don't know his account name.\n\nOur team have created an account with the service and logged in. See if you can find a way to trick the site into giving you a list of accounts.", "tips": [ "Tip: Billy Johnson's account name is the flag." ] }, { "title": "Benjamin the Brute", "description": "Agent, one of the gang, Benjamin Goldleaf, was yesterday overheard by our inside undercover agent talking about posting notices on a secret message board that the gang use to communicate meeting times.\n\nWith a bit of detective work we've managed to find the message board and get Bens user details. We want to post a fake message using the API to try and draw one of the more senior gang members out, but we can't get it to work. See if you can.", "tips": [ "Tip: Successfully post a notice on the board to get the flag." ] }, { "title": "Exposure", "description": "One of the Bulldogs, Lara Mindsay, is a surveillance expert and we think she's been using advanced drones to take high resolution photo's of the bank from different angles.\n\nShe also runs a small legit side project, a photo site which allows anyone to create an account and upload photo's. We think she's using it herself to store the bank surveillance photo's and so we want to see if it's vulnerable. We've been penetration testing the site but have not had any success so far, then this morning one of the other agents sent me a tip - CVE-2012-2399. Take a look and see if you can use it to see if the site is vulnerable.", "tips": [ "Tip: Find the vulnerability to get the flag." ] }, { "title": "Port of Call", "description": "Quick job for you Agent. We think the gang have a port running between 12000 and 15000 that might expose some interesting information about them, we've temporarily pointed our domain services.cyberprotection.agency to their server. Use that address to find the service and connect to it.", "tips": [ "Tip: Connect to the port to get the flag." ] } ], [ { "title": "Remote Unlock", "description": "Agent, because of your great work on the previous level the gang have struggled to find a way to get physical access to the bank. So it looks like they are testing ways to get a package containing a small robot into the building which they can unlock remotely.\n\nThey seem to be testing it with a server (which we've pointed services.cyberprotection.agency at, port 9999), which has a service running on it. When you connect it starts a timer and gives you three numbers. We think to unlock it you need to multiply the first two numbers together and then divide the result by the third number. But the result has to be sent to the server in under 0.1 seconds to gain access to the remote package. We haven't been able to find a way to do it. Can you?", "tips": [ "Tip: Send the right answer in time to get the flag." ] }, { "title": "Coffee Robot", "description": "It seems the gang are indeed building some kind of physical robotic trojan horse that they plan to sneak into the bank. Luckily our inside agent has told us Charlie Hampton, one of the gangs smartest engineers, has been making detailed notes, instructions and schematic drawings of the robot and keeping them on one of his servers. Getting access to those drawings would really help us know what we're looking for.\n\nThe problem is, we don't know which server he's keeping the plans on. All we do know is that Charlie owns a legit business, a coffee shop in East London, which he uses as a cover for his gang activities. It's a long shot but we do know they run a small server in the basement of the shop which controls their on-demand coffee ordering service. Go to the coffee ordering site, see if it's vulnerable. If it is see if you can find anything useful on the server.", "tips": [ "Tip: Find the drawings file to get the flag." ] }, { "title": "Change of Plan", "description": "Our Agent on the inside has just received an email from one of the senior gang members. It looks like it was an email to the whole gang and we think it's letting everyone know about the change of plans, from a physical robbery to the new plan to access the bank remotely with some kind of robotic trojan horse.\n\nWe really need to confirm that, but at the moment we can't because the email came in the form of some encrypted text. We've had an agent working on it, and he's created a dictionary file and an unfinished python script to try and crack it. He seems to have hit a dead end, maybe you could pick it up and finish breaking the encryption.", "tips": [ "Tip: Crack the encryption to get the flag." ] }, { "title": "Multiple Boxes", "description": "Remember Filebox, the cloud storage site Bulldog gang member Billy Johnson was using to store his files? Well, it seems he's not the only gang member to store his secret files there.\n\nAs we know it's vulnerable we want to look at other ways to find the gangs files. We think files can be exposed with directory traversal and there are some two levels up from the account page. See if you can get access to them.", "tips": [ "Tip: Find the file to get the flag." ] }, { "title": "The Robot Speaks", "description": "Agent, we have more details about the Bulldogs trojan horse robot. Apparently there's a gang member very high up in the organisation that is actually friends with one of the banks senior management. The gang are planning to send him the robot as a pretend birthday gift! On the face of it the robot doesn't do anything fancy, it moves around and has an LCD display for messages. But of course, being the Bulldogs they obviously have something more sinister in mind.\n\nWe think the LCD display might be used as a way to display secret messages and access codes to someone in the bank. We've managed to get hold of the program, written in assembly code, that outputs the messages to the display. But it seems to have bad instruction and fails to run. See if you can patch it.", "tips": [ "Tip: Edit the code and run it, the robots confirmation message will show the flag." ] }, { "title": "Fork in the Road", "description": "Agent, it's time we went on the offensive! We know the Bulldogs are putting their trojan horse robot plan into action, and whilst we're continuing to work specifically on stopping that we also want to disrupt as many of the Bulldogs operations as possible, to keep them distracted and slow them down.\n\nHere's one example we want your help with specifically. Remember the encryption tool Cryptonite that one of the Bulldogs created from the previous level? It uses server side commands to handle the encryption and we want you to use some kind of command injection to send the command for a fork bomb to DoS the website and take down the tool.", "tips": [ "Tip: Crash the website to get the flag!" ] }, { "title": "Account Roulette", "description": "Agent, remember the social media website from the previous level where Bulldog gang member Darren Greggs posted that cryptic message? Well we think the site might be vulnerable and if we could log in as Darren we could post messages as him and confuse other gang members. Unfortunately we don't have his login details, but we're sure you can find another way to log in as him using a possible cookie vulnerability we think exists.\n\nWe have logged in as another random test user that we created and have gone to an old message Darren posted. See if you can use that access to log in with various other cookie values, then test the response to see who you are logged in as. If you can do that to find Darren's account (his username is thedazman), change the cookie to log in as him.", "tips": [ "Tip: Log in as Darren to get the flag." ] }, { "title": "Open Port", "description": "Agent, it looks like we're having an effect on the morale of the Bulldogs with all the chaos we've been causing! Our inside agent has just picked up some chatter from a small group of the Bulldogs that are planning to splinter off and form their own gang! There's a possibility they might be planning to hijack the trojan horse idea and steal the gold bullion for themselves, so we need to find out what they're up to.\n\nWe believe they've set up a port running on an IP address that we've pointed services.cyberprotection.agency at, between ports 19000 and 20000. See if you can connect to it and help us find out what they're up to.", "tips": [ "Tip: Connect to the port to get the flag." ] }, { "title": "Nosey Robot", "description": "Agent, we've been doing some analysis of the trojan horse robot we think the gang are planning to plant in the bank, trying to figure out what it's there to do.\n\nWe've recovered some C code, and we think it might be used by the robot to take photos, but we can't be sure because running it currently returns a segmentation fault. Another agent has rigged up the code to a camera interface. See if you can fix the code, get it to run and take a photo.", "tips": [ "Tip: Take the photo, the robots confirmation message will show the flag." ] }, { "title": "Catch and Throw", "description": "Agent, we've just stumbled on something we think could be very important. We know the gang have been working on getting their trojan horse robot into the bank, and we also know they're trying to communicate with it and use it to get access to the banks servers from the inside. But until now we didn't know if they had the codes they'd need once they'd made the connection. Well, it seems they might.\n\nWe've received an anonymous tip from one disgruntled gang member about two web pages, the second of which he claims, has a list of access codes the gang would need to get in. If we could see those codes we'd know whether the risk was real, but here's the thing - on the first web page there's just a number which keeps changing. On the second page, nothing, except for an error message. We think to open up access to the second page you need to pass the value from the first page to the cookie on the second page. Give it a try.", "tips": [ "Tip: Change the value of the cookie on the second page correctly to show the codes. The last code is the flag." ] }, { "title": "Stop and Search", "description": "Agent, we've been continuing to work with the bank to improve their security. Now that we've identified there could be someone (or something, like the trojan horse robot!) on the inside they want us to penetration test all their internal systems. We've identified a possible XSS flaw in their contact management system, in the \"search contact\" field to be specific.\n\nHere's a javascript payload, see if you can get it to work in the search field.\n\n\n\nTip:Submit the payload correctly to get the flag.", "tips": [] }, { "title": "Spam Robot", "description": "It looks like we may know how the trojan horse robot is going to be used to steal the banks money! The gang are sending it to one of the senior management, who is a friend of a senior gang member (although the manager doesn't know he belongs to the Bulldog gang). Being a friend he doesn't suspect the robot is malicious, so when it needs charging up (which it does via USB) it will hijack the bank managers computer and access his email.\n\nWhen the gang are ready to attack and they have the relevant security details they are going to send the manager an email disguised as spam, which the robot will pick up and use to start an attack on the banks servers from the inside!\n\nOne way we're going to stop them, and get the gang member responsible in the process, is to find out who is going to be sending that email. We've recovered a log file and a mail queue of pending outgoing email spam messages. See if you can match up the ESMTPA ID from the messages to the log file and get the login details of the gang member. We can then stop him sending the email.", "tips": [ "Tip: The flag is the username of the gang member sending the spam." ] } ], [ { "title": "String Cruncher", "description": "We've discovered a web page used by the gang which seems to just generate some strings, but we're not sure why. They all seem to be random but we have a feeling, given the technical sophistication of this gang, that things might not be as they seem. Take a look.", "tips": [ "Tip: Find the right value, that's the flag." ] }, { "title": "Silver Service", "description": "Good news agent, we've found a TCP service used by the gang, it's services.cyberprotection.agency on port 13222. Take a look and see what you can find.", "tips": [ "Tip: You'll find the flag somewhere in the service." ] }, { "title": "Bypass", "description": "Agent, we've found a TCP service the gang are using, but we can't seem to get access. It's services.cyberprotection.agency on port 13880 See if you can bypass the login screen.", "tips": [ "Tip: Get in and find the flag." ] }, { "title": "Trial by File", "description": "Agent, we've got what we think might be your toughest test yet. We've intercepted a file which was sent to the gangs boss, so we know it's important, but none of our agents can exploit it. Time for you to show us what you're made of.", "tips": [ "Tip: The flag is in the file." ] }, { "title": "Memories", "description": "Agent, we've intercepted a file sent between two gang members and it's confused our agents. When you execute the program it will give you a memory address for a function. See if you can exploit the binary to run the function.", "tips": [ "Tip: Run the function to get the flag." ] }, { "title": "Server Strike", "description": "Breakthrough - we have gained access to the gangs primary server! We found out because we recently took down a hacker from a rival gang that has previously managed to gain access to the system.\n\nWe think he left an exploit on the server. SSH in and see if you can use it to exploit the server.", "tips": [ "Tip: Exploit the server to get the flag.", "Warning: Make sure to back up any files you are about to modify. There are no second chances!" ] }, { "title": "Run Server Run", "description": "Quick task for you, we've obtained details of another TCP server the gang are using (details are services.cyberprotection.agency on port 13777) - we just need you to connect to it. Should be easy, right?", "tips": [ "Tip: Connect to the server to get the flag." ] }, { "title": "Binary Memories", "description": "Ok, this is annoying. Our undercover agent has just sent us a file he managed to take from the gangs primary server, so we think it's important, but when we run it nothing happens. We think it might be loading something into memory, any ideas?", "tips": [ "Tip: Run the file and get the flag!" ] }, { "title": "Encrypted", "description": "Good news agent, another intercepted file for you to analyse that we think contains the access code to a safe the gang have on their boat - our undercover agent thinks he can get physical access to it, so we need the code as soon as possible.\n\nWe've tried executing the file and it loads the encrypted access code into memory. That's as far as we've got, give it a try and see if you can decrypt the code.", "tips": [ "Tip: The decrypted code is the flag." ] }, { "title": "Seashell", "description": "We've just made a big discovery agent, it seems the gang have more than one ship! We know because we've intercepted a message sent between them. Trouble is we can't figure out what the message is. Take a look.", "tips": [ "Tip: Figure out the message to get the flag." ] }, { "title": "Spam For Dinner", "description": "Agent, we're trying to distract the gang whilst we try and gain access to their primary server and we think we've found a target for you.\n\nWe want to spam the booking form for their restaurants, if we can create enough incorrect bookings that'll make a real mess to keep them distracted. The problem is the form is protected by a captcha.", "tips": [ "Tip: Find a way to bypass the captcha", "Tip: Prove you can bypass it by tricking the form into using the same captcha every time you submit the form.", "Tip: After submitting the form with the same captcha several times in a row, you will be given the flag." ] }, { "title": "Hash'em", "description": "Agent, we've managed to get physical access to a router the gang are using on their ship. We want you to use that access to get the username and password for SSH.", "tips": [ "Tip: Send the username and password to our undercover by text to get the flag. The message should be in the format: username / password." ] } ] ], "Moonbase": [ [ { "title": "Programming 101", "description": "Good morning agent, welcome to your first day of training on the Moon Base. Our goal on this level is to teach you some programming basics. We use a programming language called Python at the CPA and today we're going to start with a simple task - teaching you a few simple things like code comments and using the print function.\n\nWe have an interactive code editor for you to learn on, the CPA MoonCoder. Simply change the code in the editor on the left side and click the green \"Submit code\" button to make it run. You'll then see the output of your code (along with a flag to submit if you get it correct) on the right side.\n\nAnd don't forget, if you get stuck you can click \"Need a hint?. Whilst you're in training you won't lose any points for doing so.", "tips": [ ] }, { "title": "Handy Variables", "description": "Next, let's take a look at something called variables, a really simple programming concept (it's just a box with a label that can hold something), but a thing you'll find very useful as you go on to do more advanced things.", "tips": [ ] }, { "title": "Converting for Fun", "description": "I hope you've been making notes agent as with this challenge you'll need to take what you've just learnt about variables and try converting the types of data they contain.\n\nOh, handy tip, if you make a bit of a mess with your code editor you can always click the reset button on the bottom right. It'll refresh the editor and put back the original text so you can start again.", "tips": [ ] }, { "title": "Maths in Code", "description": "Are you any good at maths agent? Well, computers certainly are, and you can use programming to do all kinds of clever things. Let's start you off with the basics, using programming to do some simple calculations.", "tips": [ ] }, { "title": "Super Strings", "description": "So you've already learnt about strings, but did you know there are some other really useful things you can do with them? Things like concatenation and using string specifiers. Take a look.", "tips": [ ] } ], [ { "title": "Flow with Conditionals", "description": "Now you know the basics it's time to teach you one of the most useful things in programming, conditionals. Using \"if statements\" you can get a program to be dynamic and flow the way you want it to based on the information it receives. If you're ready, let's go!", "tips": [ ] }, { "title": "Logical", "description": "So now you know all about conditionals it's time to supercharge them with logic! This is where we get to the very core of how a computer thinks, using simple binary, 1 and 0, True and False. Once you master this they'll be no holding you back!", "tips": [ ] }, { "title": "Let's Get Functional", "description": "You may be thinking by now that programming means typing and retyping lots of things all the time, but actually there's a handy way we can reuse some of the code you're writing so you don't have to do that. They're called functions and they're simply little blocks of code that we can call on again and again to do useful things.", "tips": [ ] }, { "title": "Hooray for Arrays", "description": "If you thought functions were useful just wait until you learn about arrays! They're simple things, just collections of data, but they're really handy for programming. In this lesson you'll learn how to create them, add and remove things and more.", "tips": [ ] }, { "title": "Going Loopy", "description": "Hello agent. I've just received a message from another agent letting me know something strange is going on - we may have intercepted an alien signal! It's time to accelerate your training and make sure you're ready for your role as an agent on the Moon Base. And what better way to do that than introduce you to loops!", "tips": [ ] } ], [ { "title": "Fun with Files", "description": "Did you know you can use programming to work with files? It's actually a very common task when doing programming and something you really need to know well. So let's get learning!", "tips": [] }, { "title": "Sockets and Servers", "description": "So agent, now the Moon Base is on high alert it's time to start teaching you some slightly more challenging topics. You'll need them to help the other CPA agents deal with whatever is sending us those strange signals!\nLet's start with sockets, a way of sending data over a network.", "tips": [] }, { "title": "Don't Forget HTTP", "description": "Sockets aren't the only way to make network connections you know, you can use Python to make HTTP requests easily as well. Time to have a go at that I think.", "tips": [] }, { "title": "ASCII Encoding", "description": "Now you know computers only think in numbers (they're binary remember), you might be wondering how all the text you type on the screen gets converted into something they can understand. Well, that's where encoding comes in, which means this is a great time to teach you about ASCII, the most common form of encoding.", "tips": [] }, { "title": "Ready for Regex", "description": "So, it looks like this might be your last lesson agent, the team on the next level have called an emergency meeting and the rumors are that we've been contacted by aliens and all agents need to get ready for whatever happens next! Just time to teach you about regular expressions, a very handy way to search text for a pattern.", "tips": [] } ], [ { "title": "Strange File", "description": "Ok, quick task for you agent - we've received a strange file from the first alien communication. It's at /tmp/alien-signal.txt, we need you to open and read the file.", "tips": [ "Tip: Write a python script to open and read the file to get the flag." ] }, { "title": "Agent Profiles", "description": "The operations team have asked that we start preparing a group of agents that could be sent on a mission to intercept the alien craft. We need to review the profiles of our agents, but the script we wrote to get them (they live in different places, e.g. /tmp/agent-1 and /tmp/agent-2) seems to be broken. Can you fix it?", "tips": [ "Tip: Fix and run the script to get the flag." ] }, { "title": "Broken Robot", "description": "We have a problem. Yesterday we sent out our remote tracking robot to collect some samples, but it's got a little lost and we need it back so we can send it back out to the alien landing site if they decide to land on the moon. Can you get it back to base?\nSome instructions to help you:\nGood luck agent!", "tips": [ "Tip: Navigate the robot back to base to get the flag." ] }, { "title": "Unlocking the Message", "description": "Agent, we're using a simple web API to listen for the alien signals, but we need to find a way to get past a numerical API key that's required to get a response. See if you can manage it.", "tips": [ "Tip: Write a script which runs each possible combination until you get a response to get the flag." ] }, { "title": "Alien Server", "description": "So, it seems the aliens are using what looks like human technology and we've identified they're running a server. We need you to try and connect to the server and see what's going on.", "tips": [ "Tip: Get access to the server using the above instructions to get the flag." ] } ], [ { "title": "Listen Up", "description": "The aliens seem to be trying to make direct contact, so it's time for us to properly listen. We need you to write a server that accepts incoming connections and monitors the commands sent to it.", "tips": [ "Tip: Listen correctly to get the flag." ] }, { "title": "Defence Data", "description": "The team on Earth are getting a little concerned, they want to know which countries we think would be vulnerable if the aliens decide to head down there and attack, based on what we know about them already. See if you can generate a valid xml file at /tmp/vulnerable-countries.xml that contains a list of country nodes that have name attributes. The third node should be Panama.", "tips": [ "Tip: Generate the valid xml file with Panama as the third country to get the flag." ] }, { "title": "Alien Zip", "description": "Wow, things are getting crazy, the aliens have flooded us with cryptic zip files and we've no idea what's inside them or, for that matter, how and why they seem to be using human technology in their communications with us.\nAnyway, we've started organising the files to try and make sense of them, but they're all locked with a numerical three-digit passcode. See if you can write a script to get into this example file alien-zip-2092.zip and read the text file inside which we think is named whatever the zip is (so in this case alien-zip-2092.txt). Oh, by the way, files should be extracted to the /tmp/ directory.", "tips": [ "Tip: Extract the file to the /tmp/ directory to get the flag. Make sure to break out of the loop when you hit the correct password, otherwise you will override the correct file with a blank one with the same name." ] }, { "title": "Passphrase Panic", "description": "So, things are moving quickly and one of our agents has just pointed out to me that we should probably get on the defensive and make sure all our files are locked and have secure passphrases. We need your help to generate those passphrases.\nWe've already created a script that generates 3 random numbers that correspond to the position of words that can be found in the /tmp/words.txt file. You will find those numbers in the wordNumbers array.", "tips": [ "Tip: Generate a passphrase to get the flag." ] }, { "title": "Jovian Tweets", "description": "This is a bit weird, but looking at the files the aliens are sending would suggest they are trying to find a way to post messages on social media back on Earth. Maybe it's part of a co-ordinate attack to spread panic. We better figure out how they are doing it, and the best way is probably to try it yourself using the protocols they seem to be using.", "tips": [ "Tip: Read the response to get the flag." ] } ], [ { "title": "Foreign Filesystem", "description": "We're trying to make sense of a filesystem with a large number of empty directories that the aliens created. Can you write a script to browse the contents of /tmp/aliendir and see if you can actually find anything.", "tips": [ "Tip: The name of the file is the flag." ] }, { "title": "Watched by the Eye", "description": "The aliens have got on to our Moon Base network, we don't know how but we know they're watching what we're doing.\nWe need to keep communicating in a secret way. See if you can write a script to hide some text in an image file /tmp/image.gif by appending it to the end of the image. That way we can send random images back and forth to communicate without them knowing.", "tips": [ "Tip: Hide the text \"alieneye\" in the file to get the flag." ] }, { "title": "A Way Back In", "description": "Agent, we need to start fighting back, and we think we have a way in. See if you can write a script that will start a connection to the below IP address, which we think is what the alien probe ship is using, giving us the ability to run commands on their machine and see the results. Once in, read the files on the system in the /tmp directory.\nIP: 127.0.0.1 port 10000", "tips": [ "Tip: The flag will be sent when you send the correct command." ] }, { "title": "Tough Zip", "description": "So, remember those zip files from the previous level? Well, they're still sending them, thousands of them, and it looks like they've improved the password protection on them.\nSee if you can write a script to brute force one of the zip files, alien-sample-42.zip and read the extracted file alien-sample-42.txt.", "tips": [ "Tip: Extract the file to the /tmp/ directory to get the flag." ] }, { "title": "Server Key", "description": "Ok, the excellent team on the next level have identified another alien server on a second alien probe ship that's moved down to the moon, but it's protected in a more sophisticated way than the last one. We need you to write a python script which downloads a key, reverses it and then sends it back. Note that the key changes based on a timer.", "tips": [ "Tip: Successfully send back the key in time to get the flag." ] } ], [ { "title": "Magic File", "description": "We've extracted one of the alien zip files, it's a bunch of PNG files, but we think only one of them is valid. Use magic byte to determine which it is.", "tips": [ "Tip: Find and read the correct file to get the flag." ] }, { "title": "Cookie Cutter", "description": "Remember on the last level you helped the team identify the aliens web servers? Well now we want to attack the alien users who are logged in to that server. To do that we need to identify which are logged in.\nSee if you can write a script that can guess cookie values and send them to the url http://127.0.0.1:8082/cookiestore. The cookie to be sent is alien_id.", "tips": [ "Tip: Read the response to the right cookie value to get the flag." ] }, { "title": "Alien Transfer", "description": "We've noticed that the aliens are sending messages between their ships, we think they're using XOR to encrypt the messages, and we've intercepted a key.\nSet up a server listening on (\"localhost\", 10000) to intercept one of the alien messages. When you do perform a bitwise XOR on the message with the key \"attackthehumans\" and then respond with the encrypted data.", "tips": [ "Tip: Read the response to get the flag." ] }, { "title": "Hidden Messages", "description": "One of the agents has intercepted a file from the aliens that we're worried about - it's called destroymoonbase.gif, so we really need to see what it is! Unfortunately we're struggling to make any sense of. It could be because it contains lots of symbols.\nWrite a script that will read the file, it's at /tmp/destroymoonbase.gif, then strip out all the characters that are not letters or numbers.", "tips": [ "Tip: Strip out the file correctly to get the flag." ] }, { "title": "Alien Email", "description": "Breakthrough! We've discovered that the aliens have an insider back on Earth, and they've been contacting each other by... email?!\nWe've managed to get hold of an email between the insider and Zultron, who we think might be the alien leader, with details about attack timings. We want to send another email with something different to try and confuse them.\nWrite a script that will connect to an SMTP server to send an email. Use the SMTP server at \"127.0.0.1\", port 1025, with a from address of bob-roswell-1947@gmail.com and a to address of zultron@thebigeye.com.", "tips": [ "Tip: Send the email correctly to get the flag." ] } ], [ { "title": "New Line of Communication", "description": "When you were on the last level we discovered the aliens had been communicating with a human insider back on Earth, and by email of all things! Well, it seems that may have been a bit of a decoy as they're also exchanging secret encrypted messages from a server on one of the probe ships.\nWe need you to write a script which can connect over TCP to the following server (\"localhost\", 10000) and send GET to retrieve the encoded messages, then send them back split by \\n. We think you'll receive 3 sentences and they're encrypted with a caesar cipher that has a different random offset per sentence.", "tips": [ "Tip: Decrypt and send back the sentences to get the flag." ] }, { "title": "Vulnerable String", "description": "Agent, we're upping our attack on the probe ship servers. We've identified a server that holds a compressed string (which we think might be some kind of unlock code to the mothership's entry system).\nWrite a script which can connect to the server (\"localhost\", 10000) over TCP, and send GET_KEY to download the string. The string is compressed using what we think is a very common form of compression used by many websites on Earth, so you'll need to uncompress.", "tips": [ "Tip: Download, uncompress and print the string to get the flag." ] }, { "title": "Getting Access", "description": "Ok, now things are getting serious. We have agents onboard a probe and they've used a key we have to gain physical access to the mothership. Now inside they've been able to connect to a page on the motherships main server which controls all the human technology they've been using. We think it's vulnerable to directory traversal, and we want to use that vulnerability to gain root access.\nThe page is at http://127.0.0.1:8082/humantechconfig?file=human.conf, write a script which will attempt various levels of directory traversal to give you access to the root directory.", "tips": [ "Tip: Get to the root directory and the HTTP response will be the flag." ] }, { "title": "Unlocking the Mothership", "description": "Agent, it looks like the aliens insider back on earth is someone with a good understanding of technology. The aliens have left him a very complicated backdoor into the ships control system, but we need your expertise to figure it out and break in. If we can do that we think we might be able to set the alien ship to self-destruct!\nWrite a script which connects to the server controlling the entry to the aliens tech over TCP (\"localhost\", 10000) and send some random data. We've already tried it and it sends back a bunch of random word codes. There's also a file called backdoor.txt containing some random text. Use your script to encrypt a message using that text and the word codes. Each word is represented by (paragraph_number, line_number, word_number). We think sending the encrypted message back is what will unlock the server and give us access to the alien tech!\nThe server expects all the words in one transmission. The words should be stripped of punctuation and sent over separated by newline characters. (\\n)", "tips": [ "Tip: Send the encrypted message back to the server to get the flag." ] }, { "title": "Self Destruct", "description": "Ok agent, one more challenge for you to finally defeat these aliens. We now have access to the core part of the alien mothership and have figured out how to set the ship to self-destruct. The only way the aliens can turn off the self-destruct is to get a million miles away from earth, so if you can do this we think they'll be in a hurry to leave!\nYou need to write a script which makes HTTP requests to the server http://127.0.0.1:8082/selfdestruct. That site randomly generates two numbers with a small chance of the numbers matching. To turn on the self-destruct you need to make those two numbers match!", "tips": [ "Tip: Make the numbers match and read the response, that's the flag!" ] } ] ], "Forensics": [ [ { "title": "Suspicious Selfie", "description": "Our agents have gained access to the employees work phone and downloaded a bunch of photos they took to see if we can spot any signs of mischief. For example, we know they somehow gave a conspirator on the outside internal passwords to computers but haven't yet been able to figure out how. Can you see anything in this image that looks suspicious?", "tips": [ "Tip: Find the password, that's the flag." ] }, { "title": "Chirping Chorizo", "description": "As soon as our agents knew which of the employees might be suspects in the case we started recording and logging their phone conversations to see if we could find anything interesting. We know for example that the companies banking password somehow got out to a conspirator. Can you spot anything in this conversation which might give you an indication?", "tips": [ "Tip: Find the banking password, that's the flag." ] }, { "title": "Report - Part One", "description": "One of the things our agents did whilst in the field was to get a packet capture from the suspected employee's computer for us to analyse. Can you take a look and fill in page one of the forensics report we're preparing for the client.", "tips": [ "Tip: Analyse the packet capture to get the right information to put in the report." ] }, { "title": "Report - Part Two", "description": "One of our agents in the field has just put a packet capture from the suspected employee's computer on our internal drive for you to take a look at. Can you use it to help finish off the second part of the forensics report we're preparing for the client?", "tips": [ "Tip: Analyse the packet capture to get the right information to put in the report." ] }, { "title": "Recibo", "description": "Agent, we think the employee in question has been using the digital receipts from the restaurant to move information out to a conspirator. Can you figure out which of these has been tampered with?", "tips": [ "Tip: Find the receipt that's been tampered with, the flag will prove it has been changed." ] } ], [ { "title": "Photo Rapide", "description": "It looks like the photographer took a particular interest in what the employees of the business were doing whilst he was in their shop. We think he actually saw one of them enter the password to one of their internal systems and then hid it, in plain sight, in a photo he took. Our team gained access to the photo files he didn't share with the business. Can you look closely to see if he's using them to hide the passwords?", "tips": [ "Tip: Find the password he stole, it's the flag." ] }, { "title": "Picture in Picture", "description": "When our team gained access to the photographer's photos we found a folder called 'Private' with some photos in it, but oddly the photos seem to be pretty uninteresting from a quick look. Have a look at them yourself and see if you can find anything interesting.", "tips": [ "Tip: The flag is in the image." ] }, { "title": "Trojan Horse", "description": "Whilst in the shop the photographer asked to use one of the staffs Windows PC's to show them previews of the photos. We think he may have done something bad whilst he was using it as now it appears to run an application we don't recognize on boot up.", "tips": [ "Tip: Find the malicious process to get the flag." ] }, { "title": "Remote Access", "description": "After we initially spoke to the owner of the small business as part of our team's initial recon he has been back in touch to let us know that some other strange things have been happening on one of the office PC's outside of normal business hours. We think sometime around the 1st September the photographer logged onto the business network remotely. Take a look at the log files we have for login events and see what you can find.", "tips": [ "Tip: The name of the account the photographer used to log in is the flag." ] }, { "title": "Moving Mix-Up", "description": "Well, this is embarrassing. It seems the team over in Paris captured the running memory from a machine used by the photographer, but the documentation got all mixed up in transit. Can you see if you can at least confirm the Operating System Profile needed to analyse this image?", "tips": [ "Tip: The flag is the correct profile." ] } ], [ { "title": "Picture Imperfect", "description": "The team in New York have been reviewing some of the design work created by the suspects and some of the pieces look really strange. We're sure they must contain a secret of some kind. Have a look at this one for example on his \"About Page\" site, can you see anything that doesn't look right?", "tips": [ "Tip: There's a secret in the image, that's the flag." ] }, { "title": "Peculiar Portfolio", "description": "One of the graphic designers also works as a photographer and usually posts his images on his personal portfolio. But our team noticed he created a second portfolio with just one image on it, which we thought was strange. It made us think maybe it contained a secret message of some kind. Take a look and see what you think.", "tips": [ "Tip: The image contains a secret, that's the flag." ] }, { "title": "Unfamiliar Files", "description": "Here's a strange one for you, agent. Our team was able to recover a hard drive owned by one of the hackers and found all kinds of interesting things on it. Unfortunately, some of the files don't seem to work and we're not sure what they are. Can you take a look at this one and see if you can figure it out.", "tips": [ "Tip: Open the file to get the flag." ] }, { "title": "Dubious Jobs", "description": "As part of our work helping the New York branch, we took on the task of monitoring some of the sites the hackers have been looking at - one of which was a job board for graphic designers. We managed to get a network capture of one of them viewing a job posting which we suspect has a secret message in it. See if you can confirm that by looking at this pcap (packet capture) file.", "tips": [ "Tip: The flag is in the file." ] }, { "title": "Volatile Memory", "description": "When our team in New York came across a couple of PC's they thought might have been compromised by the hackers they took some memory dumps to analyse. Take a look at this one with a tool called Volatility and see if you can identify the running processes and see if you can spot any that look suspicious.", "tips": [ "Tip: The suspicious process is the flag." ] } ], [ { "title": "Social Safari", "description": "One of the customers who had their laptop hacked was kind enough to let us take a look. We believe the hacker social engineered them into downloading a file from a website which turned out to be malware. That gave the hacker a backdoor to the system, from which they then laterally moved across the network. Can you figure out how they did it?", "tips": [ "Tip: The flag is the remote computer name.", "Note: The files for this challenge are the same as Level 4 Challenge 3 and only need downloading once." ] }, { "title": "Hidden Hyena", "description": "Our team in Kenya decided to take a page out of the hackers playbook and try sending an agent of their own along on one of the tours to follow a suspect they suspected might be one of the hackers. Our agent noticed them using a particular website which we believe had a secret message on it for him. Take a look at the network capture file and see if you can find anything interesting.", "tips": [ "Tip: The flag is in the pcap." ] }, { "title": "Hasty Action", "description": "Ok agent, slight change of plan with our investigation! Our team in Africa decided to swoop in and arrest one of the hackers when they saw him doing something they thought was especially suspicious whilst in a cafe in Nairobi. The only problem is he closed the file on his laptop before he was arrested. Can you help the team there figure out what file it was? They've sent the image file for you to take a look at.", "tips": [ "Tip: Find the recent files and find the flag.", "Note: The files for this challenge are the same as Level 4 Challenge 1 and only need downloading once." ] }, { "title": "Shutter Speed", "description": "We have a quick and urgent job for you, agent. One of our team in the field has managed to acquire the suspect's camera and download the images he had on it. They look innocent enough, just photo's of the tour, but we've received word that they've already been taken off the camera, a secret inserted into them, and put back, ready to be passed on to another gang member at the end of the tour. Can you take a look at this particular file and see what you can find.", "tips": [ "Tip: The flag is in the image." ] }, { "title": "Masai Mystery", "description": "We've just finished an interview with one of the customers who believed their equipment was hacked whilst on the safari. Intelligence tells us this group encrypt and encode all of their data, along with the encryption key string, before exfiltrating and deleting the files. We have got a copy of the HDD to examine. Can you find the encryption key?", "tips": [ "Tip: Intelligence tells us that historically the encryption key always starts with the string 'flag:'" ] } ], [ { "title": "Start Line Setback", "description": "Well, that wasn't a promising start. On our very first review, we found an image file on one of the companies servers which doesn't look quite right. We think whoever left it there has used a tool to add a passphrase to it and hide something inside. Take a look and see what you think.", "tips": [ "Tip: Open the file to find the flag." ] }, { "title": "New Racer", "description": "The plot thickens. It seems someone has indeed compromised the company's servers and even set up a new user account named \"sshd server\". Can you find out what the password is for the account so we can log in and unencrypt the data?", "tips": [ "Tip: The password is the flag." ] }, { "title": "Running Report", "description": "Ok agent, it's time to start putting together a draft of the report we'll send on to the client and there's some specific information we need that you can help with. We have found the first time and date the hacker attempted to connect to our client's networks, but we cannot determine what their first actions were. Take a look at the network traffic and then see if you can use it to fill out the forensics report form.", "tips": [ "Tip: Answer the questions to get the flag." ] }, { "title": "Dash Delete", "description": "So here's what we know so far \u2013 someone gained access to the company's servers, set up accounts and left suspicious files. We also think they may have deleted at least one important file called \u2018coms.txt\u2019, but fortunately not in a forensically sound way. Can you find anything important in this file?", "tips": [ "Tip: Find what they deleted to get the flag." ] }, { "title": "Uphill Section", "description": "We've hit a bit of a stumbling block in our investigation and need your urgent help - our client is planning to do their pitch to the marathon committee in the next few days so we need to get the report finished. Unfortunately, we've received an important pcap containing potentially malicious files from our field agents and it seems to be corrupt. We've been unable to open it. Can you help?", "tips": [ "Tip: Find a way to open the pcap to get the flag." ] } ], [ { "title": "Argentine Ambush", "description": "From a meeting she had in Argentina we were able to intercept an image file she sent to the person she met with shortly after they departed which we think has a secret within it. But it looks like she has used a tool that has the ability to use passphrases to hamper extracting hidden files. Some other tracking we put in place has also revealed she has been visiting websites about encoding messages. See if you can put these bits of information to good use.", "tips": [ "Tip: Get into the file to get the flag." ] }, { "title": "Missing Image", "description": "Here's another file we intercepted a while back. We know it contains a secret, and we're pretty sure it's an image file. But for some reason, it doesn't seem to be detected as one. She has probably made a change to it in some way and our analysts were never able to figure out what.", "tips": [ "Tip: Make the image work to get the flag." ] }, { "title": "Brazilian Blather", "description": "Another bit of evidence you can take a look into, agent - a packet capture containing an email conversation and attachments from some interactions the hacker had with a gang member in Brazil. Do some analysis and see what you come up with.", "tips": [ "Tip: Answer the question to get the flag." ] }, { "title": "Island Image", "description": "Here's a question for you, agent - one our team was never able to answer. We have a disk image file taken from the hacker which we know ran a number of oddly named executable files on the target machine, but we don't know what it ran. Can you unravel the name of the program?", "tips": [ "Tip: The name of the program is the flag." ] }, { "title": "Urgent Escalation", "description": "Ok, urgent work for you, agent - this case just got escalated up through the ranks. As you've been looking into it again I decided to get a couple of other agents to take a look as well and they've noticed something of serious concern - we believe one of the servers in our Brazilian office which we were using to conduct the initial investigation has been compromised by exploiting a potential vulnerability. Can you identify it from the log files?", "tips": [ "Tip: Find the vulnerability to get the flag." ] } ], [ { "title": "Icy Admin", "description": "Ok agent, first up we need to recover the NTLM hash of the administrator account. We've had one of the research team send you a memory dump to take a look at.", "tips": [ "Tip: The hash is the flag." ] }, { "title": "Cool Recovery", "description": "Right, time to help the team with some data recovery. They've sent us an image file but it looks a bit odd. See if you can dig deep and recover the data.", "tips": [ "Tip: Recover the data and you'll find the flag." ] }, { "title": "Footprints in the Snow", "description": "It looks like the bad guys left a trail behind. For example, they left a suspicious PDF on the system, but it seems to be empty. Investigate and see if you can figure out what it is.", "tips": [ "Tip: Analyse the PDF to get the flag." ] }, { "title": "Chilly Command", "description": "We know the hackers gained access to a particular Windows box, but we're not sure exactly what they did. See if you can use the registry file to figure out what the last command was that they ran.", "tips": [ "Tip: Get the command to get the flag." ] }, { "title": "Listicle", "description": "As part of the final report we're producing for the team, they've asked us to make a list of all the user accounts and passwords that have been used on one of the compromised machines. We have a memory dump from that machine, take a look and see what you can find.", "tips": [ "Tip: Find the bad account and that will give you the flag." ] } ], [ { "title": "Athens Arrest", "description": "We're trying to piece together the communications that have been happening between the dealers and the hackers. Luckily for us, a hacker our Athens team recently apprehended was one of those involved. We have a recovered memory dump of his machine. See if you can dig through it to find some key information to go in our initial report.", "tips": [ "Tip: Fill in the report correctly to get the flag." ] }, { "title": "Ancient Attachment", "description": "As part of investigating the ongoing communications between the dealers and hackers, we've been able to recover a mailbox file, extracted from a memory image by one of our analysts. Based on other messages we've seen we think there might be an attachment here with something interesting in it. See what you can find.", "tips": [ "Tip: Open the attachment to get the flag." ] }, { "title": "Final Bid", "description": "We have a quick task for you. One of our agents was almost done completing a forensics report for the client but got called away, could you help her finish it? There are only two questions left.", "tips": [ "Tip: Finish the report to get the flag." ] }, { "title": "Dodgy Dealers", "description": "To help expand the investigation we've been permitted to do some analysis on the machines of other dealers that weren't under suspicion of being involved, and we've already found something interesting. Take a look at this network capture, an initial analysis has revealed that it might have some hidden messages in it, can you help us figure out what they are?", "tips": [ "Tip: The flag is in the message." ] }, { "title": "Malicious Memory", "description": "Breakthrough! We've identified the hacker we think is in control of the group and managed to get hold of a memory dump from his machine. Our analysts in Athens have taken an initial look and believe there are some malicious tools and files hidden in memory, but they're quite small and stored in the MFT. Can you help us retrieve the file?", "tips": [ "Tip: Find the file, the flag is inside." ] } ] ], "Volcano": [ [ { "title":"Recon", "description":"See if you can find any backup files from http://contacts.nootrino-laboratory.com.", "tips":[ "Tip: The flag is the admin access code." ] }, { "title":"Easy Access", "description":"Nootrino Labs have a public-facing contacts systems accessible at http://contacts.nootrino-laboratory.com. As a first step, see if you can access the database behind it, gathering the username and password. We're sure that information will be useful later on.", "tips":[ "Tip: The flag is the password of Professor Julie Bywater." ] }, { "title":"Backdoor", "description":"See if you can find a backdoor somewhere on the network and gain access through it.", "tips":[ "Tip: The flag is the file path of the backdoor." ] }, { "title":"To the Source", "description":"Now you have access to the reactor system see if you can get access to its source code - we think that's where the gang went next as it contains lots of potentially useful information for them.", "tips":[ "Tip: The flag is the database password." ] }, { "title":"Cracked Window", "description":"One of our agents thinks the gang must have had an employee username and access code to get to certain systems. Our best guess about where they got that information from is a Windows system on the network. See if you can exploit it.", "tips":[ "Tip: The flag is the employee access token." ] }, { "title":"Melting Core", "description":"Time is not on our side, agent. The core is melting and needs to be shut down using the control panel. With the information you've gathered so far see if you can regain access and shut it down!", "tips":[ "Tip: Get access to get the flag." ] } ], [ { "title":"Targets", "description":"Find a list of potential targets for the finalfrontier.agency domain.", "tips":[ "Tip: The flag is one of the target domains." ] }, { "title":"Password Hunt", "description":"Visit their ||[redacted]|| directory at http://[redacted].finalfrontier.agency and see if you can recover the hashed user passwords.", "tips":[ "Tip: The flag is one of the hashed passwords." ] }, { "title":"SAHAdmin", "description":"One of their ||[redacted]|| teams built a small holding site intended to eventually become a wiki. We think the server it's on might be vulnerable. Visit http://[redacted].finalfrontier.agency and attempt to recover the server's admin user password and get the plaintext version of the password.", "tips":[ "Tip: The password is the flag." ] }, { "title":"Terminal Trouble", "description":"Visit their ||[redacted]|| teams internal site at http://redacted.finalfrontier.agency and attempt to gain access to the file system.", "tips":[ "Tip: The flag is the subdomain of the hidden vhost in format subdomain.domain.tld." ] }, { "title":"Route to Nowhere", "description":"Access the site on the hidden vhost using what you already know.", "tips":[ "Tip: The flag is the basic auth challenge message." ] }, { "title":"Ready to Launch", "description":"This is the final test for this client. Can we get access to their most important site, the mission control centre, available from the hidden vhost you found previously? It requires the highest admin access level.", "tips":[ "Tip: Get access to get the flag." ] } ], [ { "title":"Bad Config", "description":"There is a site at http://configuration.securegov-test.com. See if you can find any interesting file paths.", "tips":[ "Tip: The flag is the file path to an important shell script." ] }, { "title":"Fishing for Files", "description":"See if you can find a way to retrieve the files you found in the previous challenge.", "tips":[ "Tip: The flag is the MD5 checksum of the binary file." ] }, { "title":"Vulnerable Service", "description":"We think there is a vulnerable service running on the network. See if you can find and exploit it.", "tips":[ "Tip: The flag is the username of the user you gain access as after exploiting the target." ] }, { "title":"Database Dumping", "description":"Find a way to access a dump of the database that your existing user may not have access to.", "tips":[ "Tip: The filename of the database dump is the flag. Look at existing functions in the binary to help you." ] }, { "title":"Corrupted User", "description":"The database you were able to dump seems to be corrupted. Find a way to recover the user information from it.", "tips":[ "Tip: The flag is a password in the database." ] }, { "title":"Secret Service", "description":"See if you can find a sql database service that could contain useful data. Connect to it using the information you've gathered in the previous challenges.", "tips":[ "Tip: The flag is a piece of personal client information." ] } ], [ { "title":"Unauthenticated", "description":"The networking team at Pencil Factory Investments have a site they can sign in to with an interface for monitoring network uptime at http://uptime.pencilfactoryinvestments.com. It should be secure, but see if you can log in as the administrator.", "tips":[ "Tip: The flag is the database password." ] }, { "title":"Range Finding", "description":"Based on the work you did in the previous challenge, see if you can find a way to discover the intranet subnet range.", "tips":[ "Tip: The flag is the ip address of the web server on the intranet subnet." ] }, { "title":"Heading Home", "description":"So you have the intranet subnet range, but can you find the intranet home page?", "tips":[ "Tip: Find the home page URL to get the flag." ] }, { "title":"Subnet", "description":"The internal site you discovered previously has a protected debug interface, see if there is any way to exploit it.", "tips":[ "Tip: The flag is the secret used by the hashing algorithm. A number between 40 and 50 will help you in solving this challenge." ] }, { "title":"Going Up", "description":"There is a private network segment containing Pencil Factory's private site. Access the network and exploit the site.", "tips":[ "Tip: The flag is the last quarter earnings from the financial report exactly as written in the document." ] }, { "title":"Final Report", "description":"It's time to put together the final report for the Pencil Factory Investments senior management team. You should have all the information you need to finish it off.", "tips":[ "Tip: Complete the report to get the flag. The secret project is the one that sounds the most suspicious." ] } ], [ { "title":"Free Files", "description":"Visit http://files.granitewallsecurity.com and see if you can access the file sharing part of their intranet.", "tips":[ "Tip: The flag is the file name of the zip containing the ||[redacted]|| config." ] }, { "title":"Open Intranet", "description":"The ||[redacted]|| you discovered previously seems to be encrypted somehow. Decrypt it and gain access to the company intranet.", "tips":[ "Tip: The flag is the key used to encrypt the file." ] }, { "title":"FTP", "description":"There is an FTP server on the intranet. See if you can find a way to access it.", "tips":[ "Tip: The flag is the name of a file served by the FTP server." ] }, { "title":"Network Service", "description":"See if you can find an exploitable network service running on the network and then exploit it.", "tips":[ "Tip: Exploit the network service to find the flag in flag.txt." ] }, { "title":"Web Service", "description":"Try and find the web service accessible from the previous target and exploit it.", "tips":[ "Tip: The flag is the MD5 hash of the executable file." ] }, { "title":"Missile Launch", "description":"Now you have the missile schematics file you might as well see if you can recover it.", "tips":[ "Tip: Get into the file to get the flag." ] } ] ] } ================================================ FILE: cdbot/data/legacy/headquarters2018.json ================================================ { "L1": { "C1": { "title": "Secret Caesar", "description": "Our agents have been reviewing some documents they recovered from one of The Slootmaekers bike shops and they came across an order form for a set of six bikes which looks a little odd.\n\nWe think the six bike reference numbers might be encrypted with a caesar cipher (which is where the letters are shifted along by a certain offset, e.g. if the letter is A and the offset is 2 it will become C), and we've got some intel that one of them contains a code that starts with the word \"BAR\". We've worked out that the offset for each code is determined by the order quantity. See if you can use that to break the encryption and find the hidden code.", "tips": [ "Tip: The decrypted reference number containing the word BAR is the flag." ] }, "C2": { "title": "Social Secret", "description": "Agent, we think we might have a way to log into a social media account of one of the gang using the site's password reset form. We have two key pieces of information: his username and his favourite color. We just need his age and we'll be able to log in - can you guess it from the information we already have?", "tips": [ "Tip: Get the age correct and submit the form to get the flag." ] }, "C3": { "title": "Broken Banks", "description": "Agent, it looks like the gang are trying to raise some money to fund their plans - and they're doing so by sending fake banking emails to the customers of their bike shop to try and defraud them. Take a look at these four emails we intercepted, all are seemingly from well known banks, but can you spot the one which is fake?", "tips": [ "Tip: Click on the part of the dodgy email that makes you think it's fake and you'll get the flag." ] }, "C4": { "title": "Happy Customers", "description": "During our initial analysis of the gang we noticed something strange - they created lists of their customers and shared it between their bike shops, and each customer had a unique pattern of numbers after their name. One of our agents thinks the pattern of numbers might be encoded words. We also noticed the numbers never went above 26, that might be relevant. Can you work out what it means?", "tips": [ "Tip: Decode the message to get the flag." ] }, "C5": { "title": "Race To Where", "description": "Here's an interesting one for you agent - at the weekend the gang released what looks like a one page website advertising an upcoming bike race they're organising. Being cyber detectives we're naturally curious that things might not be as they seem. Have a look at the site - it looks like there are just two images on the page, a logo and the poster, can you find anything suspicious, maybe some text?", "tips": [ "Tip: Find the hidden clue and it'll lead you to the flag." ] }, "C6": { "title": "Tower of Wheels", "description": "So, this is strange - our undercover agent noticed that one of the gang has left a set of bike wheels set up in his workshop like a Tower of Hanoi puzzle. We think it's wired up to his computer and might reveal something if our agent can complete the puzzle.\n\nWe've mocked up the puzzle for you to try using javascript. You can move the wheels by entering the following command: move(, ), where the src or dst values can be \"left\", \"mid\", or \"right\". For example, to move a wheel from the middle lane to the left lane you need to type: move(\"mid\", \"left\"). If you get stuck type \"reset \"to start again.", "tips": [ "Tip: Complete the puzzle to get the flag." ] }, "C7": { "title": "Horrible Hats", "description": "One of our agents has noticed something a little strange that she thought you might be able to look into. The Slootmaekers have a cycle hat creator tool on their website which allows you to select a combination of up to eight colors to go into a custom hat design. The tool itself didn't seem strange until we noticed the gang were sending each other links to hat color combinations they'd created on a regular basis that were a bit dull and had no other comment. It seems a little odd and we think they might be using it to hide secret messages.\n\nWe've managed to get hold of an example output page which we think contains a secret code word the gang are using in other communications. If we could figure out that word it would really help us discover what their bigger plans are.", "tips": [ "Tip: See if you can convert the color RGB numbers into letters using the included ASCII table to get the flag." ] }, "C8": { "title": "Mixed Messages", "description": "Our team have been monitoring some text message chatter between two of the senior gang members over the last week. There was nothing interesting of note until suddenly all their messages started coming through mixed up.\n\nAt first we thought it might be a technical problem, but then it occured to us that they might be deliberately encoding the messages somehow.\n\nI've had one of the agents forward you one of the messages, see if you can decode it.", "tips": [ "Tip: Decode the message, we think it mentions two colors, combine them (e.g. redgreen) and that's the flag." ] }, "C9": { "title": "Bike Fan", "description": "Quick task for you agent, one of the gang, Lars De Vries, has a site where he posts pictures of bikes he likes. Recently we've noticed some of the images are broken and he hasn't fixed it. Seems odd. Take a look at this page and see if you can get the image to show, perhaps take a look at the source code of the page and see if anything doesn't look right.", "tips": [ "Tip: Find a way to get the image to show and you'll find the flag." ] }, "C10": { "title": "Executable", "description": "Agent, quick question for you. One of the team sent me a screenshot of his filesystem browser with a bunch of files she recovered from a memory stick one of the gang discarded. She's asking if any of them are executable files. Take a look and let me know.", "tips": [ "Tip: The name of the executable file (including the extension) is the flag." ] }, "C11": { "title": "Hidden Report", "description": "One of the ways we've been investigating the gang and their bike shop is by actually buying products from them online. We've spotted a piece of functionality that we think might be exploitable, allowing us to get more information on other customers (some of which we think might actually be helping them with their plans to steal the eBikes).\n\nHave a look at our account page on the site, it allows you to generate a report of your transactions. See if you can find a way to view a transaction report for the very first user of the site.", "tips": [ "Tip: Find the report for the first user of the site and you'll get the flag." ] }, "C12": { "title": "Binary Bike Lock", "description": "Well, this gang love their technology and bikes so much that they've combined them to make a custom bike lock!\n\nWe're concerned they're going to use this lock technology as part of the bigger bike heist, so it's worth us taking the time to try and figure out how to crack them now.\n\nTake a look at this lock and see if you can unlock it.", "tips": [ "Tip: Unlock the bike lock to get the flag." ] } }, "L2": { "C1": { "title": "User Who", "description": "Urgent request - one of our agents is currently at a Slootmaeker hideout and we know the rest of the gang are on their way back there. He's found a computer they've been using and managed to gain access to their linux server through the use of an exploit - but we don't know which user he's been able to log in as, and we need to know before he runs out of time. We've patched you in to his screen - see if you can find out.", "tips": [ "Tip: Get the username, that's the flag." ] }, "C2": { "title": "Secret Pages", "description": "You're now well aware of the Slootmaekers supposedly legit business, the Bike Factory. Evidence is mounting up that the business, and especially its website, have quite a few things to hide. We've just had a tip off that there's a secret page on the website with some interesting information about when the gang plan to attempt the eBike heist. Problem is, it seems to be restricted. Can you get access?", "tips": [ "Tip: Get access to the page to get the flag." ] }, "C3": { "title": "Encrypted Message", "description": "We have an undercover agent in one of the Slootmaekers bike shops, posing as a bike mechanic. We need to send him an urgent message but the only phone he has is one the gang gave him and may be monitoring. We have a specific substitution cipher we can use - quickly encode the message and send it.", "tips": [ "Tip: Correctly encrypt the message and send it to get the flag." ] }, "C4": { "title": "Decryption Ring", "description": "Things are really starting to get busy - the Slootmaekers seem to be in the final stages of preparing the heist, we need to move quickly! We've just received a message back from one of our undercover agents with details of where they're planning to attack first. It's encrypted with a caesar cipher, but we can't remember what he said he was going to use as the offset and can't seem to get hold of him again. We've put the message into our caesar cipher decryption tool, see if you can use it to decrypt the text and read the message.", "tips": [ "Tip: Decrypt the message, the flag is the name of the street." ] }, "C5": { "title": "Loopy Login", "description": "Quick piece of analysis for you to do agent. We think there is something suspicious about the login form on the Slootmaekers website. Can you see what it is?", "tips": [ "Tip: Click on the suspicious thing to get the flag." ] }, "C6": { "title": "Broken Click", "description": "Here's a weird one agent, there's a link on the Slootmaekers login page for an admin login. We wanted to take a look but the link doesn't seem to work. Can you figure out how to get to it?", "tips": [ "Tip: Get to the admin login page to get the flag." ] }, "C7": { "title": "Hard Hash", "description": "Agent D from our cryptography department has just sent me this hash she intercepted from an exchange between two Slootmaeker gang members. She thought it might be a good task for a smart agent like yourself to figure out.", "tips": [ "Tip: Unhash it to get the flag." ] }, "C8": { "title": "More Broken Bicycles", "description": "Remember Lars cycling fan site from the last floor? Well, we thought we'd figured out what the issue was with the broken images on the site, but on this page that we've just come across all the images already have file extensions, but one is still broken. Can you see what's wrong?", "tips": [ "Tip: Get the image to show to get the flag." ] }, "C9": { "title": "Fingerprints", "description": "We've found a secret lock-up used by the gang, a big breakthrough! One small problem, it uses an electronic keypad and requires a four digit pin.\n\nWe've noticed four of the numbers have fingerprints on and we've discovered that the lock only allows you to use each number once (i.e. you can't do 7777). Can you use that information to guess the right code? There are still quite a few possible combinations so you'll need to be systematic about it.", "tips": [ "Tip: Get the right code to get the flag." ] }, "C10": { "title": "Useful Hack", "description": "Agent, we really need to log in to the Slootmaekers site as one of the gang - it looks like it has functionality for them to exchange messages about their heist plans. Time is running out and we need to know what they're saying.\n\nWe don't have a username and password combination for any of the gang members, but it just occurred to one of our agents that a big popular dutch social media site called Gellukkig was recently hacked and a bunch of username and password combinations posted online. There's a small chance one of those was one of the gang members and they've re-used the details for the login on the site.", "tips": [ "Tip: Login to the site as a gang member to get the flag." ] }, "C11": { "title": "Too Much Text", "description": "Ok, this is really weird, one of the gang just emailed every other gang member a HUGE text file with loads of random latin text in it. There must be a secret code hidden in it, right?", "tips": [ "Tip: Find the secret code, that's the flag." ] }, "C12": { "title": "Under Attack", "description": "It looks like part of the heist is underway, they're hacking the Amsterdam City Bike Initiative servers as we speak! We need to help them out, see if you can change the server configuration settings to kick the hackers out of the server.", "tips": [ "Tip: Change the settings correctly to get the flag." ] } }, "L3": { "C1": { "title": "Chopper Check-in", "description": "For this assignment we need your help keeping an eye on the gang. One of our agents wants to remotely access their computers but only when they are not around to see.\n\nWe've discovered that today is their Christmas party but we don't know where it is. If we knew we could send an agent along to check they were all there.\n\nOne of the gang, Sannfred, uses a location check-in site called Circle. Perhaps you could take a look at his profile to see where the party is?", "tips": [ "Tip: The challenge flag is the number of the building." ] }, "C2": { "title": "Password Postulation", "description": "One of our agents was recently able to get hold of a username and password that one of The Chopper gang uses to access their company intranet. However, before he was able to use it to log in they implemented a change in their password policy.\n\nThe old password is \"evergreen\", and we've heard the new password policy requires a capital letter and number. Perhaps you could guess what he changed it to and help us get access?", "tips": [ "Tip: To get the challenge flag you need to successfully login." ] }, "C3": { "title": "Secret Source", "description": "It looks like the gang has a lot of information we might find useful on their intranet; probably details of how they intend to break into their competitors' computer systems to look for the plans to their better felling machine. It would be especially useful if we could log in as their main developer, Aksel.\n\nSometimes developers can be a little bit lazy and leave information in the source code of a page that might be revealing. Perhaps you could take a look and see if there's anything Aksel left that might help you log in.", "tips": [ "Tip: To get the challenge flag you need to successfully login." ] }, "C4": { "title": "Snake Charmer", "description": "We've just intercepted an email from one of the gang members with a file attached called \"passgen.py\". It looks like a Python script.\n\nWe've heard that the gang is looking for a way to make their passwords more secure, perhaps using code like this to generate them. See if you can run the code so we know exactly what it does.", "tips": [ "Tip: The output from the code is the flag you need." ] }, "C5": { "title": "Corrupted", "description": "An agent in the field managed to get access to an XML file that he believes belonged to one of The Chopper gang members. It looks corrupted so he's sent it to us for analysis.\n\nHave a look at the file and see if you can get it working.", "tips": [ "Tip: The flag to complete the challenge is on the last line of the file." ] }, "C6": { "title": "The Competitor Revealed", "description": "We've intercepted some encrypted text from one of the gang members, which we think might include the name of the competitor company that they intend to target.\n\nLuckily, we also know it uses a letter substitution cipher and CPA has our very own tool for breaking this kind of encryption. Use it to try and work out what the text says.", "tips": [ "Tip: The flag is the name of the competitor company." ] }, "C7": { "title": "A Secret Rendezvous", "description": "Yesterday we intercepted some code passed between two Chopper gang members - Ibert and Dante. We believe it mentions the location of a secret meeting to discuss plans to hack into their competitors' computers.\n\nFortunately, we know it uses columnar transposition and have a CPA tool to help you crack it. We've loaded the code into the tool. Give it a try and see if you can decrypt the message.", "tips": [ "Tip: The flag is the city they will be meeting in." ] }, "C8": { "title": "Route into the Router", "description": "Good news, we've managed to get access to the login page for one of the gang's home routers. Useful... if only we knew the username and password. I wonder if they've been lazy and left the router's default username and password active? The router is just a standard Nethub 5000.", "tips": [ "Tip: Find the correct username and password to get the flag." ] }, "C9": { "title": "Big Transfer", "description": "Agent, we've just intercepted a message between two of The Choppers talking about how they intend to steal money from the bank account of a different competitor to fund their plans.\n\nIt said they've found a weakness in the money transfer tool on the Global Bank website. We've just successfully put through a test transfer, can you see any way to hack it?", "tips": [ "Tip: Transfer 1000 to a bank account called cpatestreceiver from cpatestsender to get the flag." ] }, "C10": { "title": "Dante In Command?", "description": "We found a file in an intercepted email from one of The Chopper gang members, Dante, but it needs to be run from the command line in order to make it work.\n\nWe think it might be a program the gang are writing to gain access to their competitors' computers, so it's important we check it out.", "tips": [ "Tip: Run the program from the command line; the flag will be in the output." ] }, "C11": { "title": "Wheel Spin", "description": "Whilst taking a look around The Choppers' intranet site, one of our agents found a rather odd page. It just has two numbers on it. Take a look and see if you can figure out what's going on.", "tips": [ "Tip: If you figure it out and you're persistent enough, you'll see the flag!" ] }, "C12": { "title": "Confused", "description": "Recruit, we've intercepted some chatter between Chopper gang members talking about one of their competitor's machines. They all have unique identifiers and we think one of those identifiers is hidden in some code we found. One of the other agents has emailed it to you. Take a look and see if you can find the identifier.", "tips": [ "Tip: The identifier is the flag you need." ] } }, "L4": { "C1": { "title": "Arnold Chopper?", "description": "A few days ago one of our field agents, who is now working undercover for The Choppers, found two pages of a book ripped out and left on a table.\n\nWe weren't sure if it meant anything, but then today we intercepted an email containing some cryptic code. It looks like the gang is getting smarter with its encrypted messages and is now using Arnold ciphers.\n\nSee if you can use the intercepted code and the two pages of the book to discover what it means.", "tips": [ "Tip: We believe the message contains a code, that's the flag." ] }, "C2": { "title": "Maggie's File", "description": "Our field agent has managed to get some login details from one of the gang, Magdalina. We believe she uses the details to SSH into a remote server to view a particular file that might be important.\n\nThese are the details we have:\n\nIP address: 192.162.132.199\nUsername: maggie\nPassword: ubersecurepw\n\nWhy don't you try it yourself using the secure terminal we've provided and see what you find.", "tips": [ "Tip: The terminal uses non-default implementation of OpenSSH and only accepts common formats. The flag is the name of the file." ] }, "C3": { "title": "Cookie Jar", "description": "Now that we've gained access to The Choppers' intranet site it has dawned on us that they might have more than one level of user. If we could log in as an admin user it might allow us to see much more.\n\nSometimes you can change the session cookie to achieve that, and admins often have an ID of 0. Why don't you give it a try?", "tips": [ "Tip: If you're able to change your access to admin level the code will appear." ] }, "C4": { "title": "Photobomb", "description": "Our team have been monitoring The Choppers' web traffic and it seems they've been spending a lot of time on a photo-sharing site, especially one particular page. Have you ever heard of steganography? It's the practice of hiding a file or message in another file. Maybe one of the images on the photo-sharing site contains a hidden message. Why don't you take a look and see if you can find out?", "tips": [ "Tip: The flag is in the image." ] }, "C5": { "title": "Upgrades? Paaa!", "description": "It looks like The Choppers know they need to improve their security set-up, as recently we've been unable to log in to their intranet and they've been making a few changes to their security.\n\nThey have rewritten their login form to use slightly improved javascript, but it doesn't seem to be much more secure. Maybe you could change some of the javascript on the login page to see if you can log us back in.", "tips": [ "Tip: Log in successfully to get the flag." ] }, "C6": { "title": "A Helping Hand", "description": "This morning I received a message from my counterpart in another agency. It seems they've been monitoring The Choppers too.\n\nHelpfully they've sent us over an extract from a report one of their agents wrote, which they thought might be of use to us. Unhelpfully it's a PDF and much of the sensitive information has been redacted. Maybe you could find a way to see what it says.", "tips": [ "Tip: We think it contains one of the gang's passwords - that's the flag." ] }, "C7": { "title": "A Dangerous Contact", "description": "During our research into The Choppers, we noticed that their website has a contact page with a form for getting in touch. Our agents want to know whether it might be vulnerable to SQL injection.\n\nSee if you can put the SQL code in the right order. If you do, the data should appear in the console at the top of the page. This will contain the information we're looking for - a list of all previously submitted messages.", "tips": [ "Tip: The flag is the last name of the most recent person to send a message through the form." ] }, "C8": { "title": "Bad Kitty", "description": "For weeks now The Chopper gang members have been passing animated gifs of kittens backwards and forwards in a chat room app called KittyLitter. We thought they were just messing around, until one of our agents noticed something interesting in one of the gifs.\n\nTake a look at the gifs in this message thread and see if you can figure out what it is. Oh, by the way, one of the agents mentioned something about a browser plugin to help you with your investigation.", "tips": [ "Tip: The flag is what you discover!" ] }, "C9": { "title": "Bendikke Loves Axes", "description": "Whilst doing some background research on one of the gang members, Bendikke, we discovered that she writes a blog all about axes. We suspect she might be using the backend of the blogging tool to store information about how they plan to attack their competitors and, more importantly, the specific machinery blueprints they are after. If we knew that, it would really help us foil the gang's plans.\n\nSee if you can find the login page on the blog and use some of the techniques you've learned already to break in.", "tips": [ "Tip: If you successfully log in you'll get the flag!" ] }, "C10": { "title": "Phishing For Flemming", "description": "In our background research on one of the gang members, Flemming, we discovered their profile page on Ansikt, a Norwegian social media site.\n\nLuckily he's written all the details in English. We thought we might use them to create a phishing email and send it to him to try and get some further information, like his home address.\n\nTake a look at the profile, then create the phishing email with the right details, hit \"send\", and see if he sends anything back.", "tips": [ "Tip: Get all the details right, otherwise you can't send the email. When you do, you'll get the flag." ] }, "C11": { "title": "Lost But Not Forgotten", "description": "We've recovered a bunch of .gif files from an old hard drive one of the gang members threw out. We thought they were innocent enough until we started wondering whether they were all actually gif files.\n\nCheck your email, download the files and see if you can find out what's going on.", "tips": [ "Tip: The flag is in one of the files." ] }, "C12": { "title": "Lockdown", "description": "It looks like The Choppers might know we're trying to get in to their intranet.\n\nThey've currently got it locked down by disabling the login form. We still have a correct username and password - can you find a way to get in?", "tips": [ "Tip: Log in successfully and you'll get the flag." ] } }, "L5": { "C1": { "title": "Word On The Street", "description": "We've been monitoring the Yakoottees for a while now, ever since we first came across one of their team trying to hack into large car manufacturers. Two of the gang members have recently started sending each other emails containing what we thought were Word documents. But here's the thing, the emails don't contain any words and we can't seem to open the files. Why don't you take you take a look?", "tips": [ "Tip: Open the file to get the flag." ] }, "C2": { "title": "Dangerous Comment", "description": "One of the Yakoottees, Haruka, recently created a site where she posts photos of her favourite cars. We think it might be a front to store files containing their plans to break in to the Superspin factory. Each page has a form on it where you can post comments. Try and use the form on this particular page to use command injection and find any files hidden in the same directory. Remember, to inject code you need to include two commands by including a semi-colon.", "tips": [ "Tip: One of the files has the flag in it." ] }, "C3": { "title": "Out Of Sight", "description": "Well, that's a bit of luck. We've managed to get our hands on some details that allowed us to SSH into one of the Yakoottees private servers. They're a sophisticated gang, so they've probably hidden a few files in there. We've passed you the connection so have a look and see if you can find anything.", "tips": [ "Tip: The flag is in a file somewhere on the server." ] }, "C4": { "title": "Shopping For Secrets", "description": "An agent on Level 05 has told us about another big hack he's working on. Apparently someone broke into a popular shopping site, stole all the usernames and passwords and was going to post them online. Luckily, we got to them first and recovered the details. Why is this important? Well, it seems one of the Yakoottees was a member of that site.\n\nHe typically uses one of these three usernames: kazuya, kaz_whizz, kazuya99. We've put the recovered data on one of our servers. We've given you access, so see if you can find him on there. If we knew the password he uses maybe we can use that later.", "tips": [ "Tip: The flag is his password." ] }, "C5": { "title": "Shinji's Drone", "description": "Yesterday one of our field agents spotted Shinji, one of the Yakoottees low-level gang members, checking out the Superspin HQ, seemingly on a reconnaissance mission. He was seen flying a drone around the building with a video camera attached to it. We've since discovered that he put that video up on his personal site to share with other gang members. If we could get in and take a look at the video we might know better where they intend to target.\n\nCheck out the login page on his site and see if you can break in.", "tips": [ "Tip: Log in successfully to get the flag." ] }, "C6": { "title": "Zapped", "description": "The gang have been using a lesser-known chat app called Chatzap to communicate. We know one of the usernames (kanako) but not the password. If we could get access we might be able to see what they're saying.\n\nIt's not a great site and the security is average at best. Look at the login page - they do SHA1 hash their passwords but leave them in plain sight in the source code. See if you can use that to get in.", "tips": [ "Tip: Gain access to get the flag." ] }, "C7": { "title": "Yakoo Cars", "description": "The Yakoottees aren't just a criminal gang, they're also a group of talented car engineers. Their organisation has a front - a high-end car repair shop called Yakoo Cars.\n\nNaturally, we took a thorough look through their website to see if we could find anything interesting. One thing we found was a little strange: an empty page. Empty, apart from a message saying \"Error. Cookie user expected.\". Ordinarily we wouldn't think anything of it, but the page name is \"Secret\", so we should investigate.\n\nWe think only the boss Yaka Matsu should have access. Take a look and see if you can get around the cookie issue.", "tips": [ "Tip: Get past the issue to get the flag." ] }, "C8": { "title": "Perplexed By Pixels", "description": "The Yakoottees love their cars. And so you'd expect that they might send each other car photos, images and even art. But recently we intercepted something strange: a pixel drawing of a car. What's strange about it? One of the gang, Kanako, sent two copies of it to another gang member. After some initial analysis we noticed some slight variations in colour in a selection of pixels.\n\nOne of the team has already built a comparison tool but he's just been reassigned to another urgent project. Perhaps you could take a look at what he's built and finish the analysis.", "tips": [ "Tip: Calculate the differences, convert it with the ASCII table, and that's your flag." ] }, "C9": { "title": "Baffled By Browsers", "description": "Whilst monitoring the gang's web traffic, we noticed they've been visiting one particular page quite a lot. When we try we get rejected immediately without it even asking for a username or password.\n\nOur field agent, who is working for the The Yakoottees undercover, thinks it might be something to do with a particular browser that the gang built themselves called \"Orion\". Time for you to investigate. Maybe try looking for a browser plugin to help you out.", "tips": [ "Tip: To get the flag, get access to the page!" ] }, "C10": { "title": "Rattlesnake", "description": "Well, one thing is for sure, the Yakoottees' scripting language of choice is Python. We've intercepted a lot of Python files from all over the place. So many, in fact, that we need someone to look at them and see what they do. Can have a look at this one to find out what it does?", "tips": [ "Tip: The flag is in the file." ] }, "C11": { "title": "T-Shirt Trivia", "description": "The Yakoottees have a number of side businesses that they use to launder money. One of them is an online T-shirt business. We've been monitoring the site to look for unusual activity and yesterday a T-shirt went up for sale and then ten minutes later was taken down. Luckily we've been running a tool, which takes copies of all new pages before they get removed.\n\nThere's something odd about this page. The T-shirt for sale doesn't seem to be designed like the rest (which mostly feature cars); this one has what looks like a QR code on it. Take a look and see what you think.", "tips": [ "Tip: Read the code to get the flag." ] }, "C12": { "title": "File Found", "description": "Whilst monitoring one of the gang, Ryosuke, we came across a file that he posted online. The problem is, we can't seem to figure out what type of file it is. Take a look and see if you can work it out.", "tips": [ "Tip: The flag is in the file." ] } }, "L6": { "C1": { "title": "Hush Fund", "description": "It looks like The Yakoottees are preparing for an attack and the senior members of the gang seem to be providing the funds. We've intercepted a message containing what we think are bank details, but they're encrypted. If you could decrypt them, we'd have a better idea of who is behind the plan.", "tips": [ "Tip: The decrypted bank account number is the flag." ] }, "C2": { "title": "Heroka's DB", "description": "In the previous level you may have been part of the investigation into Heroka. She recently created a site where she posts photos of her favourite cars. That investigation revealed that the site was vulnerable to injection and that she's been hiding details about their plans there.\n\nWe think that some results from a search of the site are also hidden unless you're logged in. We don't have any login details, so perhaps you could use SQL injection to get all the results. Think about which SQL query is run when you submit the search form.", "tips": [ "Tip: Get the full results and then you'll get the flag!" ] }, "C3": { "title": "Still Hiding", "description": "Were you involved in the previous level when we needed someone to SSH into one of The Yakoottees' servers and take a look around? Well, we need to do it again. It seems they're becoming a little smarter about hiding their files. Take a look and see what you can find.", "tips": [ "Tip: The flag is in a file somewhere on the server." ] }, "C4": { "title": "Brute Strength", "description": "Great news, recruit. Thanks to your work we've been able to recover a zip file from the Yakoottees' private server. We're pretty sure it contains blueprints of the Superspin HQ and details of how they plan to get in.\n\nThe zip file is password protected, so we set one of our engineers on writing a script to brute force it. Unfortunately, he was called away onto a special project for a team on another level. Perhaps you could make the final few alterations to his script to get it working.", "tips": [ "Tip: Change the script and open up the zip file to get the flag. Oh, and don't forget you can use your local terminal to help." ] }, "C5": { "title": "Running Man", "description": "The Yakoottees are preparing their break-in, so we're doing a full review of everything they have running. We found a service running on the server services.cyberprotection.agency, port 8203. Connect to the service and find what is on there to see if it's related.", "tips": [ "Tip: Connect and look at the banner for the flag." ] }, "C6": { "title": "Custom Plates", "description": "We've just had some new intel. The Yakoottees are planning to change the supercar's numberplates to British plates when they steal it. For some reason, rather than create their own, they've ordered some from a site online called CoolPlates. We want to see which plates they've ordered and where they're being sent.\n\nSee if you can get in to the site so we can find out. We don't have a username and password but we think it uses some simple javascript security checks.", "tips": [ "Tip: Log in to get the flag." ] }, "C7": { "title": "Junya Who?", "description": "Recruit, I need a favour. We've just had some intel about one of the gang members. His first name is Junya, but we can't find his surname. We know we have it on record but it could be in any one of a huge set of files. Perhaps you could SSH into our server and see if you can find his surname for me?", "tips": [ "Tip: Find \"Junya\" mentioned in the files and his surname will follow. That's the flag." ] }, "C8": { "title": "Rezapped", "description": "Remember ChatZap from a previous challenge? We need to get back in but it looks like they've changed their security. Take a look.", "tips": [ "Tip: Log back in to get the flag." ] }, "C9": { "title": "Meeting Momoko", "description": "Our field agents decided to make a move and pick up one of the Yakoottees, Momoko. We believe she was in charge of picking up some equipment that the gang needed to break in.\n\nUnfortunately, when they got there she'd gone. But they did find a post-it note with a cryptic code on it. On reviewing the surveillance tapes, it seems someone stuck it on her door a few minutes before she left. We think it might be a meet-up location. Can you crack the code for us?", "tips": [ "Tip: Crack the code, it's the flag! Note: The flag is in lowercase!" ] }, "C10": { "title": "QR.gif", "description": "Remember the QR code that the Yakoottees printed on a T-shirt? You might have been assigned to investigate it on the previous level. Well, it looks like they're using QR codes again and they've gone one step further by embedding them in a gif file. We think the combined output is important, so get straight on it recruit.", "tips": [ "Tip: Work out the QR codes and put them together for the flag." ] }, "C11": { "title": "Lost Key", "description": "Our agent on the ground noticed a USB key discarded outside The Yakoottees' garage and he's just uploaded the files for analysis. It's probably nothing important; they just look like innocent jpg files. One looks corrupt, however. Can you take a look just to be sure we don't miss anything?", "tips": [ "Tip: The flag is in the file." ] }, "C12": { "title": "Truck Stop", "description": "Recruit, we're sending you into the field for the first time! We think you're ready, so don't let us down.\n\nHere's the situation. We know a group of the Yakoottees are heading to a nearby depot to steal a truck, which they are going to use to transport the supercar prototype without anyone seeing. We want to get in to the depot first and wait for them. However, we can't get hold of the depot's owners and the front gate uses a sophisticated locking system.\n\nWe know the Yakoottees have the code already but we're going to need to crack it.", "tips": [ "Tip: Crack the code for the flag." ] } }, "L7": { "C1": { "title": "All Zipped Up", "description": "Recruit, we need your scripting skills again. One of our field agents has managed to turn one of the Chiquitoos' to act as an informant. He has obtained access to a zip file from one of the senior gang members but it's password protected and he doesn't know the password (although we're pretty sure it starts with \"Cola\"). We've got a Python script that might help us brute force it but we think it needs some modifications.", "tips": [ "Tip: Open the zip file to get the flag. And don't forget you can use your local terminal to help." ] }, "C2": { "title": "Docking Port", "description": "We have come across a site, which we believe is run by one of the Chiquitoo gang members, that sends information out on the port 1337. We've got a terminal tool you can use that is restricted to do just what you need. See if you can use it to get the information so we can find out what the site is being used for.", "tips": [ "Tip: Get the information to get the flag." ] }, "C3": { "title": "Hidden Boats", "description": "Those Chiquitoos are a busy gang and they run a number of legitimate and criminal operations. One of their legitimate businesses is a small boating company that transports workers to the offshore wind farm. Their website has a page, which lists all the scheduled trips out, but we think there might be more that they're not making public. Our inside informant tells us they're stored in a file called \"extra.txt\". Have a look at the site and see if you can get access to it.", "tips": [ "Tip: The flag is the boat number of the last one in the secret list." ] }, "C4": { "title": "Pedro's Password", "description": "Recruit, we've had access to a server used by one of the Chiquitoos' side businesses for a while and have an idea that one of the gang members, Pedro, might have moved his user account from an old version of Linux. SSH in and see if you can find his hashed password.", "tips": [ "Tip: The flag is the hashed password." ] }, "C5": { "title": "Dot Dot Dash", "description": "It's time to go old-school, recruit.\n\nWe think the Chiquitoos have an insider that works on the ships carrying the shipping containers full of Cola. Obviously they don't want to be found out while passing details to the gang members on the nearby reconnaissance boats, so they've resorted to using Morse code to communicate. We've tapped into the frequency they're using and funnelled the code into our Morse code tool. Decipher the message and see what they're saying.", "tips": [ "Tip: In the message they mention a ship name; that's the flag." ] }, "C6": { "title": "Quick Drop", "description": "Recruit, we need your help urgently.\n\nThere's a package drop between two gang members about to happen; we have agents following them both. The first gang member has dropped off a briefcase at a discreet location and has left. We have an agent following the other one and he's just 4 minutes away from the pick up point.\n\nOur first agent has intercepted the package, it's a briefcase with two four digit number combinations required to get in. We have no idea what the unlock number is but the case has a post-it stuck to it with an encrypted code written on it.\n\nCan you decipher it in time to get the number combination? We've patched you in to the instant chat with the field agent - tell him the code before the time elapses.\n\nYou only get one chance per day to complete this timed challenge. Reload the page to try again.", "tips": [ "Tip: If you get the right code, the agent will give you the flag." ] }, "C7": { "title": "Secret Spreadsheet", "description": "Recruit, we've stumbled upon something. We think it might really help in getting us closer to the Chiquitoos' plan to steal the shipment of Cola. They've created a spreadsheet listing all the containers they intend to target. Luckily for us, they've posted it online for other gang members to see and update. But, of course, being the clever cyber criminals they are, they've put it behind a particularly clever password system.\n\nIf you visit the page where it exists the ciphered password is there but it changes every two seconds; too fast for us to decipher and use. One of our engineers has been working on a Python script to try and get around it. Have a look at the script and see if you can make some changes to get it working.", "tips": [ "Tip: Run the correct script to get the flag." ] }, "C8": { "title": "Miguel the Moneyman", "description": "Recruit, we think we know where the money for this Chiquitoo operation is coming from: one of their senior gang members, Miguel. And it's given us an idea.\n\nTo make the payments to gang members look normal, Miguel has asked them all to send him links to official looking PDF invoices, which we know he is opening on his computer and then paying. So our plan is to send him a malicious PDF disguised as an invoice from one of the gang members. But we need your help serving up the file to Miguel.\n\nCreate a web server with the terminal using Python, then finish off the email we've created by inserting the web server's location.", "tips": [ "Tip: Serve the file up correctly to get the flag. Make your web server listen on port 8000 to be sure to bypass the firewall." ] }, "C9": { "title": "Breaking Bottles", "description": "Recruit, we think we now know how the Chiquitoos' plan to distribute the Cola they steal. One of the gangs supposedly legitimate businesses is actually a bottling plant... and one of the things they bottle is Cola. We think they might be planning to re-label the bottles they steal as another brand they already bottle, making a huge mark-up and meaning the stolen Cola will effectively just disappear! Clever.\n\nWe think we might have a way in. The bottling plant has a website and there is a form where you can request a price list for their bottling services. We think it might be vulnerable to command injection, and there's a text file we believe you could access with \"recipe\" in the file name, which actually includes details about their plan. But here's the issue - they've added a filter to the form, which prevents the use of semi-colons. See if you can find a way around it.", "tips": [ "Tip: Open the file to get the flag." ] }, "C10": { "title": "Bash the Botnet", "description": "We have managed to gain access to a server used by one of The Chiquittoos' side businesses. We think the gang use it to connect to their botnet, which we want to take down. The botnet is of course password protected but, if you can find the password we can log in and disable it!\n\nLog into the server using these credentials and see if you can find the password.", "tips": [ "Tip: The password is the flag." ] }, "C11": { "title": "Password Pickle", "description": "Hmm, these Chiquitoos are clever. We've intercepted a program that takes a password in and generates a one-time password. We found the correct password (it's \"password\") but it still won't let us in. The other agents are stumped. Can you take a look and see if you can figure out how to get the one-time password?", "tips": [ "Tip: Get it right and you get the flag." ] }, "C12": { "title": "Developer Disaster", "description": "Recruit, quick job for you. We've been using the shipping company website to keep an eye on which ships have been coming in and out of port. However, it looks like their developer pushed an update to the site, which has broken it and then he went home for the day!\n\nThere's an error message on the site. See if you can find a way around it to get us back in.", "tips": [ "Tip: Get back in to get the flag." ] } }, "L8": { "C1": { "title": "Wake Up Alarm", "description": "Recruit, it's time for you to get back in the field. We want to do a test run of one of the ship's onboard security systems. Take a look at the online control panel to the ship's security. Can you find a way to turn the alarms off? If you can, then maybe The Chiquitoos' can too!\n\nBy the way, our intel tells us that there used to actually be a button called \"Turn Off Alarms\", which the ship's security team removed to try and make it more secure. Maybe start with that.", "tips": [ "Tip: Turn off the alarms to get the flag." ] }, "C2": { "title": "Locked Doors", "description": "Recruit, another piece of field work for you.\n\nWe want to test the internal door locks on the ship - and how better than to let one of our most promising agents (you!) try and hack into it!\n\nTake a look at this lock. It has some encrypted numbers which you need to decrypt to get in.", "tips": [ "Tip: Break through the lock to get the flag." ] }, "C3": { "title": "Port Service", "description": "Recruit, another interesting one for you.\n\nWe found a service running on one of The Chiquitoos servers at services.cyberprotection.agency on port 5737. We're not entirely sure what it does but we think we should check it out. We know that it somehow grants a code but it's hidden in so much text that we can't find it. Can you see if you can find it?", "tips": [ "Tip: Find the code, it's the flag!" ] }, "C4": { "title": "Barcode Bonanza", "description": "Intel just in!\n\nOn doing a routine review of all the boxes of Cola on one of the ships, we found four boxes with additional barcode stickers on them. Nobody can account for how they got there or what they mean. It must be The Chiquitoos on the inside sending each other messages about which boxes to target.\n\nSee if you can read the barcodes, decode the output and put them in the right order to get the message.", "tips": [ "Tip: The flag is in the decrypted message." ] }, "C5": { "title": "", "description": "Filtered Cola\nHey recruit, back on the previous level you might have been involved with the team that was looking into one of The Chiquitoos' side businesses: the bottling plant. We found their price list request form was vulnerable to command injection and we think the site must also be open to SQL injection.\n\nOn the site there's a page where you can search through a list of all the orders they are planning to fulfil over the next month and we've got you access to it. We think that some of the results are hidden and only available to the senior gang members. We need that extra list so we can see when they are planning to re-label the stolen Cola as a different brand.\n\nOne of our other agents has already tried but, unfortunately, it looks like there is a filter being applied to prevent certain phrases being used in the form. Can you bypass it?", "tips": [ "Tip: Get the full list and you'll also get the flag. The flag is the name of the handler on the last result marked \"secret\"." ] }, "C6": { "title": "Boat Missing", "description": "Recruit, we've lost sight of one The Chiquitoo boats! We think it's heading out to intercept the ship they are targeting but we can't find it.\n\nWe know one of the gang members onboard, Arturo: he frequently posts photos from his phone to Picster, a social media site. Perhaps you can take a look at his latest photos and see if you can figure out where they are.", "tips": [ "Tip: The flag is the latitude and longitude degrees added together!" ] }, "C7": { "title": "Encrypted", "description": "Quick extra project for you, recruit.\n\nWe have managed to gain access to a server, which is running The Chiquitoo gang's secure encryption service. We need the password they are using as the encryption key. Can you find out what it is for me?", "tips": [ "Tip: The flag is the password." ] }, "C8": { "title": "Float to the Top", "description": "Recruit, we're close to foiling The Chiquitoos' plans, but to do so our guy on the inside needs access to the senior members of the gang. The only way he can do that is to pass one of their tests to see if he's got what it takes.\n\nThe good news is that we know what the test is. He needs to bypass the security check on a file called \"OverflowedBuffer\". We've got hold of the file and the test is tonight. Can you do it for him?", "tips": [ "Tip: Pass the security check to get the flag." ] }, "C9": { "title": "Shipping Lanes", "description": "Recruit, we've been monitoring the web traffic of one of the gang members and he's visited a page, which has made us very suspicious. Why? Two reasons: first, it's called \"shipping-lanes-target\" (so we think he's using it to monitor the ship) and second, we can't get access to it! Whatever we try, it just won't work.\n\nTake a look at the page, maybe have a dig around the source code and see if you can get us access to it.", "tips": [ "Tip: Get access to get the flag." ] }, "C10": { "title": "Corrupted Corruption", "description": "Recruit, there's another quick task I need your help with. One of the agents intercepted a zip file from The Chiquitoos, but it looks like it's corrupted. I know you've helped us with this kind of thing before. Can you take a look and see if you can get it working?", "tips": [ "Tip: Open the file to get the flag." ] }, "C11": { "title": "Secret Messages", "description": "Crikey, every time we think we're getting one step ahead of The Chiquitoos, they do something that proves how good they are.\n\nIt seems they now know we've been intercepting some of their messages, so they've started encoding them all. Our agents are looking at them now to try and figure it out. Why don't you take a look too and see if you can figure it out first. It probably won't harm your promotion prospects if you do!", "tips": [ "Tip: Decrypt the message to get the flag." ] }, "C12": { "title": "Hidra", "description": "Well, this is interesting. We've finally been able to get access to a messaging app (called Hidra) that The Chiquitoo gang is using to communicate. Within an hour of looking at the messages, they've already given us some great intel.\n\nFor example, FTP login details to the gang's main server! One small issue: they mention the address and the username but not the password. See if you can find a way in.", "tips": [ "Tip: Find the password for the user account. The flag is in a file which you get from connecting to the FTP server via a PASV connection. If you are inside the VM, you can use ftp -p." ] } }, "L9": { "C1": { "title": "Cold File", "description": "Agent, quick task for you if you have a few minutes to spare. We have an old program one of our previous agents used that we can't get into. Can you get into it for me?", "tips": [ "Tip: Run the program, find the password, input it into the program to get the flag." ] }, "C2": { "title": "Code Attack", "description": "We need your programming skills agent, and from what you've demonstrated so far we think you're definitely up for the challenge.\n\nYou need to write a simple script from scratch to crack into another program that takes an argument (a 4 digit numerical pin code) and outputs a result.", "tips": [ "Tip: If you enter the right argument into the program you get the flag." ] }, "C3": { "title": "Bunsen Burners", "description": "Agent, we've been looking into the different ways the Spetzners have been communicating with each other about their plans, and one of them is a science forum called Bunsen Burners. We want to see if the site is vulnerable in such a way that would allow us to serve our own JavaScript to one of the gang when they view it.\n\nWe've created an account for you and made a test forum page called \"Hack Trick\". See if you can get an alert box to appear on the page saying \"Kaboom!\".", "tips": [ "Tip: Get the alert to show with the right text and you'll get the flag!" ] }, "C4": { "title": "Centrifuge Exposed", "description": "Agent, here's a test for you to show the rest of the team you deserve to be on this level.\n\nOne of the Spetzners associates, Alexei, runs a science equipment ecommerce site called Centrifuge. Our team knows that he's secretly been using it to sell the Spetzners mad scientists the equipment they need for their schemes, so we've been trying to get access for weeks, to no avail.\n\nWe've just had a bit of good news. When making an update to the site Alexei made a mistake which, for a few hours last night, left some of the sites PHP code exposed. We managed to grab the code when it was there. Take a look and see if you can use it to find a way in to the site.", "tips": [ "Tip: Get access to the site to get the flag." ] }, "C5": { "title": "Mission Extension", "description": "Agent, those Spetzners are really trying to test our patience! We have someone on the inside that managed to quickly take a copy of one of the gangs hard drives. But just to make it really hard to figure out what they're doing they've removed all file extensions - from every file!\nWe know there's a jpg in there somewhere with an image of the particular EMP they're trying to steal, but it's taking the team forever to find it. Can you think of a quicker way?", "tips": [ "Tip: Find the jpg, it contains a serial number (SN), that's the flag!" ] }, "C6": { "title": "Hidden Centrifuge", "description": "Agent, we've been looking through the Centrifuge ecommerce site, run by one of the Spetzners associates Alexei. It contains thousands of pages, so one of the ways we've been doing that is simply by using a search engine, which has indexed all the pages.\n\nThe team have been starting to wonder whether there are other pages that we've not seen. Can you see if you can find them.", "tips": [ "Tip: Find the hidden page to get the flag." ] }, "C7": { "title": "Grand Old Ruble", "description": "Ok, we need you to step into the shoes of the Spetzners best hackers for a while. We've received some intel that the gang have identified a vulnerability on the Grand Ruble Bank's website that allows them to perform actions only an admin should be able to.\n\nTake a look and see if you can do the same so we can help the bank fix their security.", "tips": [ "Tip: Transfer 1000 rubles to a user called cpa to get the flag." ] }, "C8": { "title": "Hayka", "description": "Remember we said the Spetzners were mad scientists? Well, one of the gang, Vladimir, is an actual scientist, and runs an official scientific paper submission site called Hayka. But here's the thing - the server he runs the site from is his own, and we think he's also using it to store the gangs secret plans.\n\nWe want you to take a look at the scientific paper upload page, we think it might be vulnerable. See if you can upload a PHP file which will output the code word \"b1n4ry\" to the screen when you visit the page.", "tips": [ "Tip: Upload the correct file and visit the file page to get the flag." ] }, "C9": { "title": "Tayga Bears", "description": "One of the Spetzners lives in Tayga, a heavily forested area with a lot of bears! So it's no surprise that he spends some of his spare time taking photographs of them and posting them to a nature site called \u043c\u0435\u0434\u0432\u0435\u0434\u044c \u0441\u043b\u0435\u0434\u0438\u0442\u044c (which is Russian for Bear Watch). We thought it was fairly innocent until one of the agents spotted something weird about one of the images.\n\nTake a look at them and see if you can spot what it is.", "tips": [ "Tip: There's a hidden file, open it to get the flag." ] }, "C10": { "title": "Bogdan's Data", "description": "Agent, a possible breakthrough that we need your help with. We've found a server run by the gang, it's at services.cyberprotection.agency:3166 and it seems to be protecting some data. The gang member who we think administers it, Bogdan, is one of the key members behind the plans to steal the EMP. We think it might have even been his suggestion in the first place. In short, we need access to the the data on that server.\n\nFortunately we've been able to recover some source code for it. Take a look at the source code and see if you can get access to the server.", "tips": [ "Tip: Get access to the server to get the flag." ] }, "C11": { "title": "Recruit List", "description": "Agent, the Spetzners are trying to recruit someone on the inside of the hidden weapons facility to help them get the access they need to steal the EMP. We believe one of the gang members has made a list of names of the people they want to target, and placed it on his own private web server.\n\nWe've found the login page for it, see if you can get access.", "tips": [ "Tip: Bypass the login form to get the flag." ] }, "C12": { "title": "File Hunt", "description": "Agent, we have SSH access to one of the gangs servers that contains lots of files and we need to find one in particular.\nOne of the gang, Stanislav, created the file on 22 Nov 2015 at 8.00pm (we know because we were monitoring him!). Can you find that particular file, we think it contains important information concerning the whereabouts of several gang members.", "tips": [ "Tip: Find the file, it contains the flag." ] } }, "L10": { "C1": { "title": "Odd File", "description": "Hmm, this is an interesting one for you recruit. We have a file that the Spetzners have been sending back and forth between them for a while. We have no idea what it is or how to get access. We've tried running it and answering the question it asks but to no avail.\n\nWhy don't you give it a try and see if you can get access.", "tips": [ "Tip: Get access to the file to get the flag." ] }, "C2": { "title": "Overflow Egor", "description": "Right recruit, it's time we tested your skills against the Spetzners finest.\n\nOne of their gang, Egor, is a master scientist and skilled programmer. He's written a program which we think is vulnerable to buffer overflow. See if you can crack it.", "tips": [ "Tip: Overflow the buffer to get the flag." ] }, "C3": { "title": "Hidden Bear", "description": "It seems the Spetzners will find any way possible to keep their secrets from us. And we think they know we're on to them, so they're doubling down with strange new ways to hide their messages.\n\nHere's a good example, you may remember the Bear Watch site from the previous level? Well we've been looking at one of the images from that site for days and can't seem to crack what it's hiding. Take a look and see if you can find it.", "tips": [ "Tip: Manipulate the image in some way to get the flag." ] }, "C4": { "title": "Text and Text", "description": "Recruit, yesterday one of our field agents was able to snoop on a meeting between several gang members planning out their attack on the weapons facility.\n\nOne of them mentioned to the other that he'd send over the lock code to one of the doors on the facility. If we knew the code we'd know how they got it (because the codes are only given to certain people) and where exactly on the facility they planned to get access.\n\nWell, this morning we intercepted an email between the two expecting to see the code, but instead they just sent over two large text files. Weird. Can you find the code?", "tips": [ "Tip: Find the code, that's the flag." ] }, "C5": { "title": "Perilous Pencils", "description": "Agent, we've just had an interesting piece of intel. It seems the gang know we're monitoring their own sites and servers, and have therefore started removing anything incriminating. But they still intend to implement their plans to steal the EMP and so need a new way of sharing information.\n\nIn what we thought was an unrelated piece of intel, one of our field agents monitoring the gang reported this morning that he noticed one of them looking at a site which sells pencils. The Spetzners, being geeky science types, do love their pencils, but we think it's a little more sinister than that - it seems they might have hacked the site and started adjusting the images on it to contain hidden messages! If we hadn't noticed them using the site we would never have known. Clever.\n\nHave a look at this page in particular which the gang member was looking at. Anything strange about it?", "tips": [ "Tip: The flag is in one of the images! Oh, and for password protected files don't attempt to drag and drop them." ] }, "C6": { "title": "Calling Yaroslav", "description": "Agent, we know the gang are attacking soon, so it's time to start bringing them in. This morning our agents picked up one of the gangs henchmen, Yaroslav, because we knew he had the time and date of the attack on his phone. The trouble is, we've looked at his phone and it contains a sophisticated eight digit pin locking system. It's based on a math problem, and we want you to crack it.\n\nHere's what we know: when the phone was first started the pin code code to log in was 4096. Every time we enter the pin code the number of times the pin code has been entered correctly in the past is added to the value of the pin code, to get the new pin. We know the system has been used 5520 times before. What will the pin code be this time?", "tips": [ "Tip: Get the right pin code to get the flag. All we know at the moment is that it's definitely eight digits long." ] }, "C7": { "title": "Chatz with Semyon", "description": "Agent, we need your urgent help.\n\nOne of the gang, Semyon, has been using a Skype equivalent called Chirp to make calls. We know he made a call this morning to an associate of the gang that's planning to help as a getaway driver when they steal the EMP. We want to pick him before he can help, so we need to know his phone number (which will help give us his location).\n\nSee if you can crack into the Chirp site. If you do you'll see the calls Semyon made today, we're looking for the one to Yury. Oh, and luckily one of the other agents has managed to get the PHP source code to the page, that might help.", "tips": [ "Tip: The flag is Yury's phone number." ] }, "C8": { "title": "Junk Decryption", "description": "Agent, we've just received a bunch of files from one of our field agents taken from one of senior gang members hard drives, and our team is having trouble putting it all together. Maybe you can help?\n\nHere's what we have: a decryption program which takes a string as an argument, but when we run it we just get junk back; some encrypted text, and; a weird image file of a calendar. A bizarre combination, take a look and see if you can figure it out.", "tips": [ "Tip: Run the correct string through the decryption program to get the flag." ] }, "C9": { "title": "Matryoshka", "description": "Agent, know anything about man pages?\n\nLog into this SSH server using the details below. We've received word that the gang has been using this public server to pass messages through the use of man pages. We need to see if they've used a particular code word (matryoshka) which they're using to say when to start implementing their plan. See if you can find it.\n\nHere are the details:", "tips": [ "Tip: Find the code word to get the flag." ] }, "C10": { "title": "Snakes in Motion", "description": "Ok, it looks like the gang are in motion. They're meeting at a particular street in an hour and we think we know how to get the street name. The only problem is the street name is encrypted.\n\nSo, we have the encrypted text, a dictionary file and a python script to help you. Unfortunately the python script is incomplete. Can you finish it off so that it runs each line in the dictionary against the encrypted text to decrypt it? You better hurry.", "tips": [ "Tip: Decrypt the text, that's the flag." ] }, "C11": { "title": "Kapa's Hidden Secrets", "description": "Agent, you may have already come across the pencil selling ecommerce site Kapa that the gang hacked into and have been using to exchange messages. Well, it seems they're using it for something else too - to hide files.\n\nLuckily for us we think the site is vulnerable to command injection. See if you can use the comment form to get access and find a file, we think it has a list of the gang members involved in the planned robbery and their particular role in the attack, so it's vital we get our hands on it right away.", "tips": [ "Tip: Find the file, it contains the flag." ] }, "C12": { "title": "Dear John", "description": "Ok, really important task for you recruit. We need access to the main Spetzner database! We think it's the only way to not only bring the gang down, but also gather the amount of incriminating evidence we'll need to prosecute.\n\nWe have a word list and a binary. The binary takes in a word list and attempts to break the password on their database server. Unfortunately the word list doesn't have the password on there, we think it may be a similar word though. Another agent mentioned a program called \"john\" which can alter word lists to make minor changes, can you look into that and see if you can use it to get access to the database?", "tips": [ "Tip: Get access to the database to get the flag!" ] } }, "L11": { "C1": { "title": "Art Thief", "description": "Agent, we've been doing some research on Barry Brigley, one of the Bulldogs and a notorious art thief. We've managed to get access to a site he uses to post images of the art he's stolen which are for sale on the black market, but he's hiding the images somehow so we don't know what he's stolen. If we knew it would help us track his movements over the past few months (we think the art comes from a variety of galleries all over Europe).\n\nTake a look at the site and the images. You can download the images, they're in a common image format, see if you can recover them.", "tips": [ "Tip: The flag is in one of the images." ] }, "C2": { "title": "The Insider", "description": "One of the other agents needs your help. He's been trying to open a file we intercepted which we believe might have special insider information about the bank the Bulldogs are targeting. The agent thought opening the file was going to be simple, but it's not working. Can you help?", "tips": [ "Tip: Get the password and open the file to get the flag." ] }, "C3": { "title": "Nightclub Rendezvous", "description": "Agent, this one is urgent. Our team have just intercepted some chatter between two gang members and it's confirmed they are holding a meeting tonight at a nightclub somewhere in London. Unfortunately there are a lot of nightclubs in London and they didn't mention which one. Then, 10 minutes after the conversation ended, one of them posted up a cryptic piece of text on his social media account. We think it contains the time and exact location of the meeting. We have every agent on the ninth floor working to decode the text, can you get there first?\n\nHere's what we know about it so far: each character in the text was converted into a decimal number (according to the ASCII chart), then each number had the same number subtracted from it (a number between 1 and 10). Then each number was written to a new line of the text.", "tips": [ "Tip: The flag is the name of the nightclub." ] }, "C4": { "title": "Stepping Up", "description": "Finally, some good news! We've had an agent undercover with the Bulldogs for a while now, but the gang is quite large and it's very hard to get access to the elite group that are planning to rob the bank. However, we've just received word from our counterparts in Spain that they've arrested one of that elite group whilst he was on a trip there. He was their best hacker and now they need to replace him quickly otherwise their attack on the bank won't work.\n\nThe elite group have decided to select someone from the rest of the gang by issuing them with a hacking challenge. Whoever cracks it first gets to go with them on the robbery. If we could get our undercover agent into that group we'd almost certainly be able to disrupt their plans. The challenge is tough - there's a file and you need to overwrite the buffer to make the secret variable read: de4dc0de. Do you think you can be the first to break it?", "tips": [ "Tip: Overflow the buffer to get the flag." ] }, "C5": { "title": "Unsafe Deposit Box", "description": "Agent, we've been working with the bank to try and make their website more secure, which will hopefully prevent the Bulldogs getting access.\n\nAs part of our penetration testing we've found a page which might be vulnerable to XSS. It's the page you use to request further information about safety deposit boxes. You need to be logged in as a standard bank customer to get to that page, but we think you can use XSS to change the access level to admin. Give it a try.", "tips": [ "Tip: Get admin access to the site to get the flag." ] }, "C6": { "title": "Binary Battle", "description": "Agent, it looks like we might need your programming skills again. We've intercepted a binary that we want you to take a look at. It takes a password as an argument and produces a result if you get it correct. We think writing a script which uses strings might be the best way to crack it, but none of the other agents have been able to so far.\n\nThe file was taken from the hard drive of the gang member we think has been doing reconnaissance on the bank, so it could contain some extremely important information.", "tips": [ "Tip: Input the right password to get the flag." ] }, "C7": { "title": "Vicious Voicemail", "description": "Agent, once again we need you to step up and show us your skills. This time you need to stand in for Agent V, our resident audio expert, as he's been called up to help the team on the next level with a special mission.\n\nBefore he went he was able to get access to the private voicemail system the Bulldogs were using. He got access by logging in as one of the gang members, Terry Turner, and we can see there are a set of voicemails on there for him. Agent V didn't have chance to analyse them before he went, can you do it for him? We think there might be hidden messages in the audio files.", "tips": [ "Tip: Find the hidden message to get the flag." ] }, "C8": { "title": "Cryptonite", "description": "Yesterday our uncover agent let us know about an encryption tool one of the gang built called Cryptonite. It runs on one of the Bulldogs private servers and we think it might be vulnerable.\n\nSee if you can use it to get access to the server and look for any files that might be worth investigating. We think the gang member who built it, Percy Pinkly, is involved in the gangs efforts to circumvent the banks main security alarms, so he might have been storing files on the server related to blueprints or the security system.", "tips": [ "Tip: There's a file on the server containing the flag." ] }, "C9": { "title": "Open Box", "description": "It looks like Billy Johnson, one of the gangs enforcers, is using a cloud storage service to keep his files secure. We know he has an account and we know his password, but we don't know his account name.\n\nOur team have created an account with the service and logged in. See if you can find a way to trick the site into giving you a list of accounts.", "tips": [ "Tip: Billy Johnson's account name is the flag." ] }, "C10": { "title": "Benjamin the Brute", "description": "Agent, one of the gang, Benjamin Goldleaf, was yesterday overheard by our inside undercover agent talking about posting notices on a secret message board that the gang use to communicate meeting times.\n\nWith a bit of detective work we've managed to find the message board and get Bens user details. We want to post a fake message using the API to try and draw one of the more senior gang members out, but we can't get it to work. See if you can.", "tips": [ "Tip: Successfully post a notice on the board to get the flag." ] }, "C11": { "title": "Exposure", "description": "One of the Bulldogs, Lara Mindsay, is a surveillance expert and we think she's been using advanced drones to take high resolution photo's of the bank from different angles.\n\nShe also runs a small legit side project, a photo site which allows anyone to create an account and upload photo's. We think she's using it herself to store the bank surveillance photo's and so we want to see if it's vulnerable. We've been penetration testing the site but have not had any success so far, then this morning one of the other agents sent me a tip - CVE-2012-2399. Take a look and see if you can use it to see if the site is vulnerable.", "tips": [ "Tip: Find the vulnerability to get the flag." ] }, "C12": { "title": "Port of Call", "description": "Quick job for you Agent. We think the gang have a port running between 12000 and 15000 that might expose some interesting information about them, we've temporarily pointed our domain services.cyberprotection.agency to their server. Use that address to find the service and connect to it.", "tips": [ "Tip: Connect to the port to get the flag." ] } }, "L12": { "C1": { "title": "Remote Unlock", "description": "Agent, because of your great work on the previous level the gang have struggled to find a way to get physical access to the bank. So it looks like they are testing ways to get a package containing a small robot into the building which they can unlock remotely.\n\nThey seem to be testing it with a server (which we've pointed services.cyberprotection.agency at, port 9999), which has a service running on it. When you connect it starts a timer and gives you three numbers. We think to unlock it you need to multiply the first two numbers together and then divide the result by the third number. But the result has to be sent to the server in under 0.1 seconds to gain access to the remote package. We haven't been able to find a way to do it. Can you?", "tips": [ "Tip: Send the right answer in time to get the flag." ] }, "C2": { "title": "Coffee Robot", "description": "It seems the gang are indeed building some kind of physical robotic trojan horse that they plan to sneak into the bank. Luckily our inside agent has told us Charlie Hampton, one of the gangs smartest engineers, has been making detailed notes, instructions and schematic drawings of the robot and keeping them on one of his servers. Getting access to those drawings would really help us know what we're looking for.\n\nThe problem is, we don't know which server he's keeping the plans on. All we do know is that Charlie owns a legit business, a coffee shop in East London, which he uses as a cover for his gang activities. It's a long shot but we do know they run a small server in the basement of the shop which controls their on-demand coffee ordering service. Go to the coffee ordering site, see if it's vulnerable. If it is see if you can find anything useful on the server.", "tips": [ "Tip: Find the drawings file to get the flag." ] }, "C3": { "title": "Change of Plan", "description": "Our Agent on the inside has just received an email from one of the senior gang members. It looks like it was an email to the whole gang and we think it's letting everyone know about the change of plans, from a physical robbery to the new plan to access the bank remotely with some kind of robotic trojan horse.\n\nWe really need to confirm that, but at the moment we can't because the email came in the form of some encrypted text. We've had an agent working on it, and he's created a dictionary file and an unfinished python script to try and crack it. He seems to have hit a dead end, maybe you could pick it up and finish breaking the encryption.", "tips": [ "Tip: Crack the encryption to get the flag." ] }, "C4": { "title": "Multiple Boxes", "description": "Remember Filebox, the cloud storage site Bulldog gang member Billy Johnson was using to store his files? Well, it seems he's not the only gang member to store his secret files there.\n\nAs we know it's vulnerable we want to look at other ways to find the gangs files. We think files can be exposed with directory traversal and there are some two levels up from the account page. See if you can get access to them.", "tips": [ "Tip: Find the file to get the flag." ] }, "C5": { "title": "The Robot Speaks", "description": "Agent, we have more details about the Bulldogs trojan horse robot. Apparently there's a gang member very high up in the organisation that is actually friends with one of the banks senior management. The gang are planning to send him the robot as a pretend birthday gift! On the face of it the robot doesn't do anything fancy, it moves around and has an LCD display for messages. But of course, being the Bulldogs they obviously have something more sinister in mind.\n\nWe think the LCD display might be used as a way to display secret messages and access codes to someone in the bank. We've managed to get hold of the program, written in assembly code, that outputs the messages to the display. But it seems to have bad instruction and fails to run. See if you can patch it.", "tips": [ "Tip: Edit the code and run it, the robots confirmation message will show the flag." ] }, "C6": { "title": "Fork in the Road", "description": "Agent, it's time we went on the offensive! We know the Bulldogs are putting their trojan horse robot plan into action, and whilst we're continuing to work specifically on stopping that we also want to disrupt as many of the Bulldogs operations as possible, to keep them distracted and slow them down.\n\nHere's one example we want your help with specifically. Remember the encryption tool Cryptonite that one of the Bulldogs created from the previous level? It uses server side commands to handle the encryption and we want you to use some kind of command injection to send the command for a fork bomb to DoS the website and take down the tool.", "tips": [ "Tip: Crash the website to get the flag!" ] }, "C7": { "title": "Account Roulette", "description": "Agent, remember the social media website from the previous level where Bulldog gang member Darren Greggs posted that cryptic message? Well we think the site might be vulnerable and if we could log in as Darren we could post messages as him and confuse other gang members. Unfortunately we don't have his login details, but we're sure you can find another way to log in as him using a possible cookie vulnerability we think exists.\n\nWe have logged in as another random test user that we created and have gone to an old message Darren posted. See if you can use that access to log in with various other cookie values, then test the response to see who you are logged in as. If you can do that to find Darren's account (his username is thedazman), change the cookie to log in as him.", "tips": [ "Tip: Log in as Darren to get the flag." ] }, "C8": { "title": "Open Port", "description": "Agent, it looks like we're having an effect on the morale of the Bulldogs with all the chaos we've been causing! Our inside agent has just picked up some chatter from a small group of the Bulldogs that are planning to splinter off and form their own gang! There's a possibility they might be planning to hijack the trojan horse idea and steal the gold bullion for themselves, so we need to find out what they're up to.\n\nWe believe they've set up a port running on an IP address that we've pointed services.cyberprotection.agency at, between ports 19000 and 20000. See if you can connect to it and help us find out what they're up to.", "tips": [ "Tip: Connect to the port to get the flag." ] }, "C9": { "title": "Nosey Robot", "description": "Agent, we've been doing some analysis of the trojan horse robot we think the gang are planning to plant in the bank, trying to figure out what it's there to do.\n\nWe've recovered some C code, and we think it might be used by the robot to take photos, but we can't be sure because running it currently returns a segmentation fault. Another agent has rigged up the code to a camera interface. See if you can fix the code, get it to run and take a photo.", "tips": [ "Tip: Take the photo, the robots confirmation message will show the flag." ] }, "C10": { "title": "Catch and Throw", "description": "Agent, we've just stumbled on something we think could be very important. We know the gang have been working on getting their trojan horse robot into the bank, and we also know they're trying to communicate with it and use it to get access to the banks servers from the inside. But until now we didn't know if they had the codes they'd need once they'd made the connection. Well, it seems they might.\n\nWe've received an anonymous tip from one disgruntled gang member about two web pages, the second of which he claims, has a list of access codes the gang would need to get in. If we could see those codes we'd know whether the risk was real, but here's the thing - on the first web page there's just a number which keeps changing. On the second page, nothing, except for an error message. We think to open up access to the second page you need to pass the value from the first page to the cookie on the second page. Give it a try.", "tips": [ "Tip: Change the value of the cookie on the second page correctly to show the codes. The last code is the flag." ] }, "C11": { "title": "Stop and Search", "description": "Agent, we've been continuing to work with the bank to improve their security. Now that we've identified there could be someone (or something, like the trojan horse robot!) on the inside they want us to penetration test all their internal systems. We've identified a possible XSS flaw in their contact management system, in the \"search contact\" field to be specific.\n\nHere's a javascript payload, see if you can get it to work in the search field.\n\n\n\nTip:Submit the payload correctly to get the flag.", "tips": [] }, "C12": { "title": "Spam Robot", "description": "It looks like we may know how the trojan horse robot is going to be used to steal the banks money! The gang are sending it to one of the senior management, who is a friend of a senior gang member (although the manager doesn't know he belongs to the Bulldog gang). Being a friend he doesn't suspect the robot is malicious, so when it needs charging up (which it does via USB) it will hijack the bank managers computer and access his email.\n\nWhen the gang are ready to attack and they have the relevant security details they are going to send the manager an email disguised as spam, which the robot will pick up and use to start an attack on the banks servers from the inside!\n\nOne way we're going to stop them, and get the gang member responsible in the process, is to find out who is going to be sending that email. We've recovered a log file and a mail queue of pending outgoing email spam messages. See if you can match up the ESMTPA ID from the messages to the log file and get the login details of the gang member. We can then stop him sending the email.", "tips": [ "Tip: The flag is the username of the gang member sending the spam." ] } }, "L13": { "C1": { "title": "String Cruncher", "description": "We've discovered a web page used by the gang which seems to just generate some strings, but we're not sure why. They all seem to be random but we have a feeling, given the technical sophistication of this gang, that things might not be as they seem. Take a look.", "tips": [ "Tip: Find the right value, that's the flag." ] }, "C2": { "title": "Silver Service", "description": "Good news agent, we've found a TCP service used by the gang, it's services.cyberprotection.agency on port 13222. Take a look and see what you can find.", "tips": [ "Tip: You'll find the flag somewhere in the service." ] }, "C3": { "title": "Bypass", "description": "Agent, we've found a TCP service the gang are using, but we can't seem to get access. It's services.cyberprotection.agency on port 13880 See if you can bypass the login screen.", "tips": [ "Tip: Get in and find the flag." ] }, "C4": { "title": "Trial by File", "description": "Agent, we've got what we think might be your toughest test yet. We've intercepted a file which was sent to the gangs boss, so we know it's important, but none of our agents can exploit it. Time for you to show us what you're made of.", "tips": [ "Tip: The flag is in the file." ] }, "C5": { "title": "Memories", "description": "Agent, we've intercepted a file sent between two gang members and it's confused our agents. When you execute the program it will give you a memory address for a function. See if you can exploit the binary to run the function.", "tips": [ "Tip: Run the function to get the flag." ] }, "C6": { "title": "Server Strike", "description": "Breakthrough - we have gained access to the gangs primary server! We found out because we recently took down a hacker from a rival gang that has previously managed to gain access to the system.\n\nWe think he left an exploit on the server. SSH in and see if you can use it to exploit the server.", "tips": [ "Tip: Exploit the server to get the flag.", "Warning: Make sure to back up any files you are about to modify. There are no second chances!" ] }, "C7": { "title": "Run Server Run", "description": "Quick task for you, we've obtained details of another TCP server the gang are using (details are services.cyberprotection.agency on port 13777) - we just need you to connect to it. Should be easy, right?", "tips": [ "Tip: Connect to the server to get the flag." ] }, "C8": { "title": "Binary Memories", "description": "Ok, this is annoying. Our undercover agent has just sent us a file he managed to take from the gangs primary server, so we think it's important, but when we run it nothing happens. We think it might be loading something into memory, any ideas?", "tips": [ "Tip: Run the file and get the flag!" ] }, "C9": { "title": "Encrypted", "description": "Good news agent, another intercepted file for you to analyse that we think contains the access code to a safe the gang have on their boat - our undercover agent thinks he can get physical access to it, so we need the code as soon as possible.\n\nWe've tried executing the file and it loads the encrypted access code into memory. That's as far as we've got, give it a try and see if you can decrypt the code.", "tips": [ "Tip: The decrypted code is the flag." ] }, "C10": { "title": "Seashell", "description": "We've just made a big discovery agent, it seems the gang have more than one ship! We know because we've intercepted a message sent between them. Trouble is we can't figure out what the message is. Take a look.", "tips": [ "Tip: Figure out the message to get the flag." ] }, "C11": { "title": "Spam For Dinner", "description": "Agent, we're trying to distract the gang whilst we try and gain access to their primary server and we think we've found a target for you.\n\nWe want to spam the booking form for their restaurants, if we can create enough incorrect bookings that'll make a real mess to keep them distracted. The problem is the form is protected by a captcha.", "tips": [ "Tip: Find a way to bypass the captcha", "Tip: Prove you can bypass it by tricking the form into using the same captcha every time you submit the form.", "Tip: After submitting the form with the same captcha several times in a row, you will be given the flag." ] }, "C12": { "title": "Hash'em", "description": "Agent, we've managed to get physical access to a router the gang are using on their ship. We want you to use that access to get the username and password for SSH.", "tips": [ "Tip: Send the username and password to our undercover by text to get the flag. The message should be in the format: username / password." ] } } } ================================================ FILE: cdbot/data/readme.json ================================================ { "part1": { "content": "**Welcome to the Cyber Discovery: Legacy Discord Server!** This was once the place where people would congregate to discuss the Cyber Discovery program, but since Her Majesty's Department for Digital, Culture, Media, and Sport killed that we now just come here to chat and screw with the American CyberStart programs. Come in, sit a while, and hear stories of a happier time. A time where UK-based 13-18 year olds would learn Cyber Security skills 10% through the program and 90% through Googling the terms from memes. A time where discussing the Cult of Lyne was a socially acceptable thing to do, and a time where no CTF was too big to dominate the leaderboard of. A better time. But that's gone now, so this is all you're getting. If you're here from one of the other CyberStart programs and have no idea what I'm talking about, don't question it and go to <#509080315369881600>.\nPermanent invite link: " }, "part2": { "content": "What follows is an explanation of some of the **roles** and their purposes on this server. If you qualify for one of these roles, please ask a member of @Root or Sudo (explained below!); for certain roles, we may ask you to DM proof for verification.", "embed": { "color": "0x009688", "fields": [{ "name": "Root", "value": "Server Administrator" }, { "name": "Sudo", "value": "Server Moderator" }, { "name": "Agent J", "value": "[Agent J](https://twitter.com/jameslyne) himself" }, { "name": "Official Cyber Discovery Staff", "value": "Staff from the [Cyber Discovery](https://joincyberdiscovery.com/) program" }, { "name": "For Your Own Protection", "value": "Moderation role to hide all channels" }, { "name": "Community Developer", "value": "Made significant contributions to the [community GitHub projects](https://github.com/CyberDiscovery)" }, { "name": "Veteran - 2018/2019/2020/2021", "value": "Qualified for CyberStart Elite in 2018/2019/2020/2021" }, { "name": "Quote Czar", "value": "Have the ability to quote messages in <#463657120441696256>" }, { "name": "Level [1-75]", "value": "Automatically assigned roles for [MEE6](https://mee6.xyz/) levels" }, { "name": "Year [9-13]", "value": "Corresponding school years" }, { "name": "Technically Adults", "value": "Those who are now older than any of the year roles" }, { "name": "Trusted", "value": "Can use external emoji and control Rythm" }, { "name": "Muted", "value": "Cannot speak in any channel" } ] } }, "part3": { "embed": { "title": "**RULES**", "color": "0xff0000", "fields": [{ "name": "1. No discriminatory or adult content", "value": "Swearing is allowed, so long as it isn’t malicious. Racism, sexism, and any other form of harassment or offensive comment is not permitted and will be met with punishment." }, { "name": "2. No Spam", "value": "Spam clogs up the channels, and we will take action if you post a large number of messages in a short period of time or post long messages unnecessarily." }, { "name": "3. Keep spam or shitposting to #overflow", "value": "<#489217138020712478> is still subject to other rules - it is not a channel for NSFW content. However, spam, inappropriate discussions, and other content deemed to be unsuitable for other channels yet still maintainable on the server should be moved here. Mention spam is not acceptable." }, { "name": "4. No spoilers", "value": "This server is for Cyber Discovery, but not for spoiling Cyber Discovery. By giving someone else answers you’re ruining the experience for everyone." }, { "name": "5. No harassment", "value": "Be it sexual or verbal, harassment is not acceptable. This is any targeted action towards someone else with malicious intent." }, { "name": "6. No unauthorised invite links", "value": "A list of authorised invite links can be found on [meta](https://github.com/CyberDiscovery/meta/blob/master/RULES.md#authorised-invite-links)." }, { "name": "7. No encouragement of illegal activity", "value": "This is not limited to, but includes acts which may break the Computer Misuse Act." }, { "name": "8. Appropriate channels should be used at all times", "value": "For example, memes belong in <#411573113156009984> not <#411573884597436416>, and discussion of Cyber Discovery challenges belong in the appropriate CyberStart channels." } ] } }, "part4": { "content": "Infractions are measured by severity and punished accordingly.\n\nAttempting to evade a sanction by using another account will result in that account being permanently banned. The originally punished account may also receive an increased sanction.", "embed": { "title": "**Punishments**", "color": "0xff7f00", "fields": [{ "name": "1. Adult Content/Doxing/Discrimination - Temporary (14 day)/Permanent ban", "value": "If the content is entirely unsuitable for the server, you will be banned. Doxing someone else is entirely unacceptable as well, as detailed in the doxing rules. Discriminating someone on the basis of sex, race, etc. will also be met with a ban." }, { "name": "2. Harassment - Temporary (14 day)/Permanent Ban", "value": "Forms of sexual and verbal harassment are entirely unacceptable. Harassing another member on the server and ruining their experience is wrong, and, after being judged on a case-by-case basis, will be punished with a temporary or permanent ban." }, { "name": "3. Repeated Infractions, Consistent Spam - 3 hour mute", "value": "If you receive 3 such mutes, this will escalate to a temporary ban of duration 7 days. If you make another serious infraction soon after this, you will be permanently banned." }, { "name": "4. Spam, Reposting Deleted Content - Warning, followed by 1h mute if continued", "value": "3 of these counts as one 3h mute, and further punishments will be given accordingly. The 1 hour duration can be increased to up to 3 hours depending on whether the offence has been repeated or not." } ] } }, "part5": { "embed": { "title": "**Be Respectful**", "description": "Other people are on the other side of a screen, and this server is aimed mostly at young people. Different people often feel differently about various remarks, and as moderators, we reserve the right to take action if you're explicitly making someone else's experience of the server difficult and miserable. We have a zero-tolerance policy on bullying or harassment, and targeting other members of the server with hurtful or offensive remarks is simply not on, and can lead to mutes or bans.", "color": "0x9B69FF" } }, "part6": { "embed": { "title": "**Doxing**", "description": "1. Do not expose any personal information about other people without express permission. Personal information is any info pertaining to their identity, e.g. locations, names, contact details - anything that is linked to that person.\n2. Ask the person in question first. Do not do it if you’re not sure. Do not try and find information that can dox someone else either without their permission either.\n3. Releasing your own information means it can be re-quoted. If you say something on the server, unless it is removed then anyone can re-quote it. If you want something deleted, ask a moderator. Do not harass someone else based on their information.", "color": "0xFFD500" } }, "part7": { "embed": { "title": "**Suggesting Changes to the Community**", "description": "If you feel that something on the server could/should be improved, make an issue on the meta repository at https://github.com/CyberDiscovery/meta/. This is a platform for constructive discussion around the future of our community - however, this is not the place to appeal punishments or to report moderators so please see below.", "color": "0xFCAF8E" } }, "part8": { "embed": { "title": "**Reporting a Moderator/Appealing Punishments**", "description": "If you have a serious complaint to make about a moderator, then DM an @Root in order to get this addressed. Please do not DM unless entirely required. Do not harass a moderator about decisions they make - **we reserve the right to make decisions not covered entirely by these rules if the situation requires it.**\n\nModerators are @Root and @Sudo and are here to answer any queries you may have in DMs. We can also be DMed in order to appeal punishments. Please note that we are not Cyber Discovery staff - any personal queries regarding the program should be sent to `support@joincyberdiscovery.com`, not us. If you have any enquiry to make around the above rules, or wish to discuss a punishment or deletion, we will be happy to discuss the exact reasoning in DMs. Harassing moderators is not on - we are people as well, and any sort of malicious activity towards us, will be met with appropriate punishment.", "color": "0xC1EAC0" } } } ================================================ FILE: cdbot/log.py ================================================ """ An implementation of a logging.Handler for sending messages to Discord """ import datetime import logging from discord import Color, Embed from discord.ext import commands from cdbot.constants import LOGGING_CHANNEL_ID LEVEL_COLORS = { logging.CRITICAL: Color.red(), logging.ERROR: Color.red(), logging.WARNING: Color.gold(), logging.INFO: Color.blurple(), } class DiscordHandler(logging.Handler): """ A class implementing logging.Handler methods to send logs to a Discord channel. """ def __init__(self, bot: commands.Bot, *args, **kwargs): super().__init__(*args, **kwargs) self.client = bot self.log_channel = self.client.get_channel(LOGGING_CHANNEL_ID) def _level_to_color(self, level_number: int): return LEVEL_COLORS.get(level_number) def emit(self, record): if not self.client.loop.is_running(): # The event loop is not running (discord is not connected) return # Create an embed with a title like "Info" or "Error" and a color # relating to the level of the log message embed = Embed( title=record.levelname.title(), color=self._level_to_color(record.levelno) ) embed.timestamp = datetime.datetime.utcnow() embed.add_field(name="Message", value=record.msg, inline=False) embed.add_field(name="Function", value=f"`{record.funcName}`", inline=True) embed.add_field(name="File name", value=f"`{record.filename}`", inline=True) embed.add_field(name="Line number", value=record.lineno, inline=True) if "discord_info" in record.__dict__: for field, value in record.__dict__["discord_info"].items(): embed.add_field(name=field, value=value, inline=True) if self.log_channel is None: self.log_channel = self.client.get_channel(LOGGING_CHANNEL_ID) # Create a task in the event loop to send the logging embed self.client.loop.create_task(self.log_channel.send(embed=embed)) ================================================ FILE: docker-compose.yml ================================================ version: '3' volumes: database: driver: local services: database: image: postgres:11 volumes: - database:/var/lib/postgresql/data bot: build: . links: - database environment: - PGHOST=database - PGUSER=postgres - PGDATABASE=postgres - BOT_TOKEN - QUOTES_BOT_ID - QUOTES_CHANNEL_ID - LOGGING_CHANNEL_ID ================================================ FILE: pyproject.toml ================================================ [tool.poetry] name = "cdbot" version = "0.1.0" description = "A Discord bot for the Cyber Discovery community." authors = ["Cyber Discovery Community "] license = "MIT" [tool.poetry.dependencies] aiohttp = "^3" "discord.py" = ">=2" python = "^3.8" python-dateutil = "^2.8" asyncpg = "^0.25.0" sentry-sdk = "^1.5.12" Pillow = "^8.1" gitpython = "^3" aiocontextvars = "^0.2.2" [tool.poetry.dev-dependencies] flake8 = "^4.0.1" flake8-bandit = "^3" flake8-bugbear = "^22" flake8-import-order = "^0.18" flake8-string-format = "^0.3.0" flake8-tidy-imports = "^4" flake8-todo = "^0.7" flake8-formatter-junit-xml = "^0.0.6" [tool.poetry.scripts] cdbot = "cdbot:main" [build-system] requires = ["poetry>=0.12"] build-backend = "poetry.masonry.api" ================================================ FILE: tox.ini ================================================ [flake8] max-line-length=120 application_import_names=cdbot exclude=__pycache__ import-order-style=pycharm ignore=S311,P103 format=junit-xml output-file=flake8.xml