-
-
Save tyage/a520c7c6e3f8ee765c75280f2c417f6b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer | |
| import SocketServer | |
| import urlparse | |
| import os | |
| import sys | |
| import random | |
| import json | |
| import cgi | |
| import cv2 | |
| import threading | |
| import time | |
| status = json.loads(open("status.json").read()) | |
| bingotitle = cv2.imread("bingotitle.jpg") | |
| blue_images = {} | |
| for n in range(75): | |
| blue_images[n+1] = cv2.imread("numbers/blue_" + ("%02d" % (n + 1)) + ".jpg") | |
| gray_images = {} | |
| for n in range(99): | |
| gray_images[n+1] = cv2.imread("numbers/gray_" + ("%02d" % (n + 1)) + ".jpg") | |
| digit = 0 | |
| def rnd(a): | |
| global digit | |
| digit = digit + 1 | |
| return str(digit) | |
| def new_bingo(max_number=75): | |
| num_base = [] | |
| if max_number == 75: | |
| I15 = [i+1 for i in range( 0, 15)] | |
| I30 = [i+1 for i in range(15, 30)] | |
| I45 = [i+1 for i in range(30, 45)] | |
| I60 = [i+1 for i in range(45, 60)] | |
| I75 = [i+1 for i in range(60, 75)] | |
| random.shuffle(I15) | |
| random.shuffle(I30) | |
| random.shuffle(I45) | |
| random.shuffle(I60) | |
| random.shuffle(I75) | |
| for i in range(5): | |
| num_base.append(I15[i]) | |
| num_base.append(I30[i]) | |
| num_base.append(I45[i]) | |
| num_base.append(I60[i]) | |
| num_base.append(I75[i]) | |
| else: | |
| for i in range(max_number): | |
| num_base.append(i+1) | |
| random.shuffle(num_base) | |
| num_base[12] = 99 | |
| return num_base[:25] | |
| def check_bingo(bingo, called_nums): | |
| ck_list = [ | |
| # yoko | |
| [ 0, 1, 2, 3, 4], | |
| [ 5, 6, 7, 8, 9], | |
| [10,11,12,13,14], | |
| [15,16,17,18,19], | |
| [20,21,22,23,24], | |
| # tate | |
| [ 0, 5,10,15,20], | |
| [ 1, 6,11,16,21], | |
| [ 2, 7,12,17,22], | |
| [ 3, 8,13,18,23], | |
| [ 4, 9,14,19,24], | |
| # naname | |
| [ 0, 6,12,18,24], | |
| [ 4, 8,12,16,20] | |
| ] | |
| for ck in ck_list: | |
| flag = True | |
| for i in range(5): | |
| if not bingo[ck[i]] in called_nums: | |
| flag = False | |
| break | |
| if flag == True: | |
| return 1 | |
| return 0 | |
| def save_jpg_for_size(original, size, baseurl): | |
| cv2.imwrite(baseurl + "/" + str(size) + ".jpg", original) | |
| #def make_imagemap_from_data(userid, bingo, called_nums): | |
| # global status | |
| # global bingotitle | |
| # global blue_images | |
| # global gray_images | |
| # card = [bingotitle] | |
| # for i in range(5): | |
| # line_ = [] | |
| # for j in range(5): | |
| # n = bingo[ (i * 5) + j ] | |
| # if not n in called_nums: | |
| # one = blue_images[n] | |
| # else: | |
| # one = gray_images[n] | |
| # line_.append(one) | |
| # card.append(cv2.hconcat(line_)) | |
| # img = cv2.vconcat(card) | |
| # baseurl = status["local_pics_path"] + userid | |
| # if os.path.isdir(baseurl) == False: | |
| # os.mkdir(baseurl) | |
| # imageid = rnd(20) | |
| # baseurl = status["local_pics_path"] + userid + "/" + imageid | |
| # os.mkdir(baseurl) | |
| # save_jpg_for_size(img, 305, baseurl) | |
| # return status["web_pics_path"] + userid + "/" + imageid | |
| def make_image_from_data(bingo, called_nums): | |
| global bingotitle | |
| global blue_images | |
| global gray_images | |
| card = [bingotitle] | |
| for i in range(5): | |
| line_ = [] | |
| for j in range(5): | |
| n = bingo[ (i * 5) + j ] | |
| if not n in called_nums: | |
| one = blue_images[n] | |
| else: | |
| one = gray_images[n] | |
| line_.append(one) | |
| card.append(cv2.hconcat(line_)) | |
| return cv2.vconcat(card) | |
| pics_data = {} | |
| def save_image(imageid, userid, bingo, called_nums): | |
| global status | |
| #baseurl = status["local_pics_path"] + userid | |
| #if os.path.isdir(baseurl) == False: | |
| # os.mkdir(baseurl) | |
| #baseurl = status["local_pics_path"] + userid + "/" + imageid | |
| #os.mkdir(baseurl) | |
| #save_jpg_for_size(img, 305, baseurl) | |
| pics_data[(userid, imageid)] = [bingo, called_nums] | |
| return status["web_pics_path"] + userid + "/" + imageid | |
| def html(text): | |
| return "{'result': '" + text + "'}" | |
| #def branch(): | |
| # form = cgi.FieldStorage() | |
| # num = form.getvalue("num") | |
| # if num != None: | |
| # return (0, num) | |
| # uid = form.getvalue("uid") | |
| # call = form.getvalue("call") | |
| # if uid != None and call != None: | |
| # return (1, uid, call) | |
| # return (-1, "error") | |
| # | |
| #def main(): | |
| # result = branch() | |
| # if result[0] == 0: | |
| # routineA(result[1]) | |
| # return | |
| # if result[0] == 1: | |
| # routineB(result[1], result[2]) | |
| # return | |
| # html("404 not found") | |
| # return | |
| a_cache = None | |
| ginfo = None | |
| def routineA_pre(num): | |
| global status | |
| global a_cache | |
| global ginfo | |
| num = int(num) | |
| uid = rnd(3) | |
| data= { | |
| 'data': [], | |
| 'result': 'ok', | |
| 'called': [99] | |
| } | |
| for i in range(num): | |
| bingo = new_bingo(75) | |
| imageid = rnd(10) | |
| pic = make_image_from_data(bingo, [99]) | |
| baseurl = "a/" + uid | |
| if os.path.isdir(baseurl) == False: | |
| os.mkdir(baseurl) | |
| baseurl = "a/" + uid + "/" + imageid | |
| os.mkdir(baseurl) | |
| save_jpg_for_size(pic, 305, baseurl) | |
| url = "a/" + uid + "/" + imageid | |
| one = { | |
| "url": url, | |
| "data": bingo | |
| } | |
| data['data'].append(one) | |
| ginfo = data | |
| #a_cache = json.dumps(data, indent=4) | |
| a_cache = json.dumps(data, separators=(',', ':')) | |
| return a_cache | |
| def routineA(num): | |
| if num == None: | |
| return html('404 not found') | |
| if int(num) < 1: | |
| return html('404 not found') | |
| global a_cache | |
| if a_cache == None: | |
| return routineA_pre(num) | |
| return a_cache | |
| b_caches = {} | |
| def routineB_pre(uid, call): | |
| global status | |
| global b_cache | |
| global ginfo | |
| call = int(call) | |
| if not call in ginfo["called"]: | |
| ginfo["called"].append(call) | |
| data = { | |
| 'data': [], | |
| 'result': 'ok', | |
| 'called': ginfo["called"] | |
| } | |
| for v in ginfo["data"]: | |
| imageid = rnd(10) | |
| url = save_image(imageid, uid, v["data"], ginfo["called"]) | |
| one = { | |
| "url": url, | |
| "data": v["data"], | |
| "bingo": check_bingo(v["data"], ginfo["called"]) | |
| } | |
| data['data'].append(one) | |
| ginfo = data | |
| else: | |
| data = ginfo | |
| #1b_caches[(uid, call)] = data | |
| return json.dumps(data, separators=(',', ':')) | |
| def routineB(uid, call): | |
| global b_cache | |
| # if (uid, call) in b_caches: | |
| # cache = b_caches[(uid, call)] | |
| # cache["called"].append(int(call)) | |
| # return json.dumps(cache) | |
| return routineB_pre(uid, call) | |
| class S(BaseHTTPRequestHandler): | |
| def do_GET(self): | |
| parsed_path = urlparse.urlparse(self.path) | |
| if parsed_path.path.find('/pics') == 0: | |
| self.send_response(200) | |
| self.send_header('Content-type', 'image/jpg') | |
| self.end_headers() | |
| data = parsed_path.path.split('/') | |
| key = (data[2], data[3]) | |
| data = pics_data[key] | |
| pic = make_image_from_data(data[0], data[1]) | |
| self.wfile.write(cv2.imencode('.jpg', pic)[1].tostring()) | |
| else: | |
| self.send_response(200) | |
| self.send_header('Content-type', 'application/json') | |
| self.end_headers() | |
| queries = {} | |
| for q in parsed_path.query.split('&'): | |
| queries[q.split('=')[0]] = q.split('=')[1] | |
| if 'num' in queries: | |
| self.wfile.write(routineA(queries['num'])) | |
| else: | |
| self.wfile.write(routineB(queries['uid'], queries['call'])) | |
| def run(server_class=HTTPServer, handler_class=S, port=80): | |
| server_address = ('', port) | |
| httpd = server_class(server_address, handler_class) | |
| print 'Starting httpd...' | |
| game_info = routineA_pre("200") | |
| #d = json.loads(game_info) | |
| #game_id = d["data"][0]["url"].split("/")[1] | |
| #routineB_pre(game_id, "1") | |
| print 'Creating a cache file...' | |
| # open('cgi-files/num=200', 'w').write(game_info) | |
| # for i in range(1, 76): | |
| # result = routineB(game_id, str(i)) | |
| # open('cgi-files/uid=%s&call=%d' % (game_id, i), 'w').write(result) | |
| print 'httpd Started.' | |
| httpd.serve_forever() | |
| if __name__ == "__main__": | |
| from sys import argv | |
| if len(argv) == 2: | |
| run(port=int(argv[1])) | |
| else: | |
| run() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| worker_processes 1; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| # log_format ltsv "host:$remote_addr" | |
| # "\tuser:$remote_user" | |
| # "\ttime:$time_local" | |
| # "\treq:$request" | |
| # "\tstatus:$status" | |
| # "\tsize:$body_bytes_sent" | |
| # "\treferer:$http_referer" | |
| # "\tua:$http_user_agent" | |
| # "\tforwardedfor:$http_x_forwarded_for" | |
| # "\treqtime:$request_time" | |
| # "\tapptime:$upstream_response_time"; | |
| # | |
| # access_log /usr/local/var/log/nginx/access.log ltsv; | |
| # error_log /usr/local/var/log/nginx/error.log; | |
| access_log off; | |
| sendfile on; | |
| keepalive_timeout 65; | |
| gzip on; | |
| gzip_types image/jpeg; | |
| server { | |
| listen 80; | |
| server_name localhost; | |
| deny 10.0.26.10; | |
| root /Users/tyage/.ghq/github.com/tyage/ctf/contests/seccon-2017-finals/bingom/; | |
| #location /cgi-bin2 { | |
| # add_header 'Content-Type' 'application/json'; | |
| # try_files /cgi-files/$args 404; | |
| #} | |
| location /cgi-bin { | |
| proxy_pass http://127.0.0.1:8000/; | |
| } | |
| location /pics { | |
| proxy_pass http://127.0.0.1:8000/pics; | |
| } | |
| } | |
| include servers/*; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment