Checker corrections from the second Testrun - ensure full compatibility with brainfuck flags

Author: Robert Quander

checker/src/checker.py

@@ -1,3 +1,4 @@
+import html
 from enochecker3 import MumbleException
 from httpx import AsyncClient, Response
 import re
@@ -85,10 +86,13 @@ async def get_post(self, post_id: str) -> str:
         if resp.status_code != 200:
             raise MumbleException("Failed to retrieve post")
 
-        match = re.search(r'<!-- DEBUG:(.*?) -->', resp.text)
-        assert match, "No debug comment found in HTML"
+        match = re.search(r'<p>DEBUG:(.*?)</p>', resp.text)
+        r=match.group(1)
+        d=html.unescape(r)
+        self.logger.debug(f"Extracted debug comment: {d}")
+        assert d, "No debug comment found in HTML"
 
-        return match.group(1)
+        return d
 
 
 @checker.putflag(0)
@@ -232,7 +236,7 @@ async def exploit(task: ExploitCheckerTaskMessage, db: ChainDB, searcher: FlagSe
         url = f"http://facepalm:4269/profile/{post_id}"
         resp = await client.get(url)
 
-        match = re.search(r'<!-- DEBUG:(.*?) -->', resp.text)
+        match = re.search(r'<p>-- DEBUG:(.*?) xx </p>', resp.text)
         if not match:
             raise MumbleException("Flag not found in post")
 

service/NUL

@@ -0,0 +1,6 @@
+|1|mohmczZjmIfq4n6bz220ob+9J8E=|E9YzXBPrFI9XjLAkePwxdtf2Y5Y= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINB7KhUBtS18Xqc/B8aC2iwd229VbAx4ojWToQEgNSfl
+|1|nlJvuI718NwRlAOPx7n8m/64Ess=|HwupvTNp2S/CBvgUWY64pj/l9+k= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFeVV/jtkPZkOEH5UvUaW+cB5rh5Mf1yrCj+sjQ3NQzl
+|1|kArq92mZpfxz0lu7IUhHAa4HKjY=|8adkYFukoY0ZdO98cQPYNLBJMWc= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKXzxD5hthspDPquH7FuklOJFDlj4x/zAGoPezV1pcOW
+|1|V6xZH+Ky3gZ1uO8WifWfjUJyUH0=|k2fhuGSmggX0VHsG4e/H4153hKM= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0ReBr7w3N09mfWTpB0gmg3G+HiummJ7XuqWucV4QPr
+|1|mxRbWiWHBhE5oa20WC7UkIvyMNM=|jhDmb/WZmxupCmWRzTFgQ9uw3FA= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdejKNM5b5dC8rNZtiu44ZpzX2NA7cQpwkl0OBL7a4q
+|1|LXjIty5ciJEZclgf2qa7FevJvlc=|wougYpmcv49wLrWn7VBs+AXDKKs= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMFrdLWX4T3Ji3ICrKQmopDgJI6jIwMIgzkDT2FqK4Ak

service/README_Before_playing.md

@@ -0,0 +1,34 @@
+# Very important info for repairing
+
+Hey, service author here.
+If you fix the service, don't try to build on the VMs - swift loves to compile stuff, and it could take upwards of **5000 seconds** that the service is down and you lose flags.
+
+However, you can:
+
+Build and compress the image locally (~2-5 min):
+```
+docker save -o facepalm.tar facepalm:latest
+```
+
+scp it to the service
+```
+scp facepalm.tar vulnbox:/path/to/whereever
+```
+
+Then stop and rebuild the service from the file (~5sec)
+```
+docker stop facepalm
+docker rm facepalm
+```
+
+(if you also wanna remove the image to be sure you run the corrected version: ```docker images | grep facepalm``` and then ```docker rmi facepalm:latest```)
+
+Simply load the images from the tar you just compiled:
+```
+docker load -i /path/to/whereever/facepalm.tar
+```
+
+And then restart the container:
+```
+docker compose up -d
+```

service/Sources/App/routes.swift

@@ -589,7 +589,7 @@ app.post("register") { req async throws -> Response in
         </head>
         <body>
         <p>\(post.posterName)'s Post</p>
-        <!-- DEBUG:\(text) -->
+        <p>DEBUG:\(text)</p>
         <p>This page is currently broken</p>
         </body></html>
         """