Merge pull request #4 from MathVerg/dev

webapp/templates: adapt templates to s4dFarm API

webapp/templates/http-replay.py.jinja2

@@ -22,10 +22,16 @@ Corresponding flow id: {{ data[0].flow_id }}
 Service: {{ ns.service_name }}
 """
 
-# Load variables
+# Load arguments
 # EXTRA is an array of the flagids for current service and team
-HOST = os.getenv("TARGET_IP")
-EXTRA = json.loads(os.getenv("TARGET_EXTRA", "[]"))
+if len(sys.argv) < 2:
+    print(f'Usage: {sys.argv[0]} <target> [flag_id]')
+    sys.exit(1)
+HOST = sys.argv[1]
+if len(sys.argv) > 2:
+    EXTRA = json.loads(bytes.fromhex(sys.argv[2]).decode())
+else:
+    EXTRA = []
 
 # FIXME: You should identify if a flagid was used in the following
 # payload. If it is the case, then you should loop using EXTRA.
@@ -52,6 +58,6 @@ r = s.{{ req.http_method | lower }}(
 )
 if r.status_code != {{ req.status }}:
     print(f"[!] Request returned wrong status code {r.status_code}, expected {{ req.status }}")
-print(r.text)
+print(r.text, flush=True)
 
 {% endfor -%}

webapp/templates/raw-replay-socket.py.jinja2

@@ -22,10 +22,16 @@ Corresponding flow id: {{ data.flow_id }}
 Service: {{ ns.service_name }}
 """
 
-# Load variables
+# Load arguments
 # EXTRA is an array of the flagids for current service and team
-HOST = os.getenv("TARGET_IP")
-EXTRA = json.loads(os.getenv("TARGET_EXTRA", "[]"))
+if len(sys.argv) < 2:
+    print(f'Usage: {sys.argv[0]} <target> [flag_id]')
+    sys.exit(1)
+HOST = sys.argv[1]
+if len(sys.argv) > 2:
+    EXTRA = json.loads(bytes.fromhex(sys.argv[2]).decode())
+else:
+    EXTRA = []
 
 # Timeout is important to prevent stall
 socket.setdefaulttimeout(2)
@@ -50,7 +56,7 @@ s.sendall({{ payload | safe }})
 data = b""
 while not data.endswith({{ payload[-16:] | safe }}):
     data += s.recv(1024)
-print(data)
+print(data, flush=True)
 {%- endif %}
 {%- endfor %}
 

webapp/templates/raw-replay.py.jinja2

@@ -25,10 +25,16 @@ Service: {{ ns.service_name }}
 # Set logging level
 context.log_level = "DEBUG"  # or INFO, WARNING, ERROR
 
-# Load variables
+# Load arguments
 # EXTRA is an array of the flagids for current service and team
-HOST = os.getenv("TARGET_IP")
-EXTRA = json.loads(os.getenv("TARGET_EXTRA", "[]"))
+if len(sys.argv) < 2:
+    print(f'Usage: {sys.argv[0]} <target> [flag_id]')
+    sys.exit(1)
+HOST = sys.argv[1]
+if len(sys.argv) > 2:
+    EXTRA = json.loads(bytes.fromhex(sys.argv[2]).decode())
+else:
+    EXTRA = []
 
 # Connect to remote and run the actual exploit
 # Timeout is important to prevent stall
@@ -51,6 +57,6 @@ data = r.recvuntil({{ payload[-16:] | safe }})
 
 # Use the following to capture all remaining bytes:
 # data = r.recvall(timeout=5)
-# print(data)
+# print(data, flush=True)
 
 r.close()