diff options
| author | Cassio de Campos <cassiopc@gmail.com> | 2017-08-12 17:46:04 +0000 |
|---|---|---|
| committer | Cassio de Campos <cassiopc@gmail.com> | 2017-08-12 17:46:04 +0000 |
| commit | 1a7aa506cf7c239890fab96fd024640b1b712eb8 (patch) | |
| tree | 67376e7230b180cab9d8f8cc986cd56ffb09589e | |
| parent | 4a96669616d1600604abfa21da5b410432e5b0a4 (diff) | |
| download | boca-1a7aa506cf7c239890fab96fd024640b1b712eb8.tar.gz boca-1a7aa506cf7c239890fab96fd024640b1b712eb8.zip | |
scripts for logging root activity and bug fix of autojudge
| -rw-r--r-- | src/logroot.php | 56 | ||||
| -rwxr-xr-x | src/private/autojudging.php | 6 | ||||
| -rw-r--r-- | src/private/logroot/.placeholder | 0 | ||||
| -rwxr-xr-x | tools/boca-auth-runs | 2 | ||||
| -rw-r--r-- | tools/cron-logroot.sh | 60 |
5 files changed, 121 insertions, 3 deletions
diff --git a/src/logroot.php b/src/logroot.php new file mode 100644 index 0000000..fed3d06 --- /dev/null +++ b/src/logroot.php @@ -0,0 +1,56 @@ +<?php +ob_start(); +header ("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); +header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); +header ("Cache-Control: no-cache, must-revalidate"); +header ("Pragma: no-cache"); +header ("Content-Type: text/html; charset=utf-8"); +session_start(); +if (!isset($_POST["comp"])) { + session_unset(); + session_destroy(); + session_start(); + echo session_id(); + exit; +} +ob_end_flush(); + +function sanitizeFilename($text) +{ + $text = str_replace("*", "", $text); + $text = str_replace("$", "", $text); + $text = str_replace(")", "", $text); + $text = str_replace("(", "", $text); + $text = str_replace(";", "", $text); + $text = str_replace("&", "", $text); + $text = str_replace("<", "", $text); + $text = str_replace(">", "", $text); + $text = str_replace("\"", "", $text); + $text = str_replace("'", "", $text); + $text = str_replace("`", "", $text); + $text = addslashes($text); + return $text; +} + +function myhash($k) { + return hash('sha256',$k); +} + +if(isset($_POST["comp"]) && $_POST["comp"] != "" ) { + $name = sanitizeFilename($_POST["comp"]); + $password = $_POST["code"]; + $secrets = file("/var/www/boca/src/private/run-past.config"); + for($i = 0; $i < count($secrets); $i++) { + $secret = explode(' ', $secrets[$i]); + $p = myhash($secret[2] . session_id()); + if($p == $password) { + @file_put_contents("/var/www/boca/src/private/logroot/" . $secret[0] . '.' . $name, base64_decode($_POST['data']), LOCK_EX | FILE_APPEND); + @file_put_contents("/var/www/boca/src/private/logroot/logroot.log", $name . "|" . $secret[0] . '|' . date(DATE_RFC2822) . "\n", LOCK_EX | FILE_APPEND); + echo "ok\n"; + exit; + } + } +} +echo "incorrect\n"; +exit; +?> diff --git a/src/private/autojudging.php b/src/private/autojudging.php index 5bd45cc..c5b5556 100755 --- a/src/private/autojudging.php +++ b/src/private/autojudging.php @@ -461,7 +461,7 @@ if($retval != 0) { $ex = escapeshellcmd($scriptcomp) ." ". escapeshellarg($dir . $ds . "team" . $ds . $file)." ". escapeshellarg($dir . $ds . "output" . $ds . $file)." ". - escapeshellarg($dir . $ds . "input" . $ds . $file) . " >compout"; + escapeshellarg($dir . $ds . "input" . $ds . $file) . " >compout 2>&1"; echo "Executing " . $ex . " at " . getcwd() . " for output file $file\n"; if(system($ex, $localretval)===false) $localretval = -1; @@ -474,7 +474,9 @@ if($retval != 0) { fwrite($fp, $dif[$difi]); if($difi >= 5000) fwrite($fp, "===OUTPUT OF COMPARING SCRIPT TOO LONG - TRUNCATED===\n"); else fwrite($fp, "===OUTPUT OF COMPARING SCRIPT ENDS HERE===\n"); - $answertmp = trim($dif[count($dif)-1]); + $answertmp = ''; + if(count($dif) > 0) + $answertmp = substr(trim($dif[count($dif)-1]),0,200); fclose($fp); foreach (glob($dir . $ds . '*') as $fne) { @chown($fne,"nobody"); diff --git a/src/private/logroot/.placeholder b/src/private/logroot/.placeholder new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/src/private/logroot/.placeholder diff --git a/tools/boca-auth-runs b/tools/boca-auth-runs index dc94e64..00549b3 100755 --- a/tools/boca-auth-runs +++ b/tools/boca-auth-runs @@ -43,7 +43,7 @@ temp=/tmp/.temp.`date +%s%N`.txt md=`wget --no-check-certificate -t 2 -T 7 -S https://$BOCASERVER/boca/getcode.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1` echo "$md" | grep -q PHPSESS if [ "$?" == "0" ]; then - md=`echo $md | cut -f2 -d'=' | cut -f1 -d';' | cut -f7 -d"$(echo -e '\t')"` + md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'` ress=`echo -n $pass | sha256sum - | cut -f1 -d' '` res=`echo -n "${ress}${md}" | sha256sum - | cut -f1 -d' '` wget --no-check-certificate -t 2 -T 7 "https://$BOCASERVER/boca/getcode.php?name=${user}&password=${res}" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O $temp 2>/dev/null >/dev/null diff --git a/tools/cron-logroot.sh b/tools/cron-logroot.sh new file mode 100644 index 0000000..217c92f --- /dev/null +++ b/tools/cron-logroot.sh @@ -0,0 +1,60 @@ +#!/bin/bash + +if [ "`id -u`" != "0" ]; then + echo "Must be run as root" + exit 1 +fi +if [[ ! -e /etc/bocaip ]] ; then + BOCASERVER=50.116.19.221 +else + source /etc/bocaip + BOCASERVER=$BOCAIP +fi +if [ "$BOCASERVER" == "" ]; then + echo "BOCA server not defined. Aborting" + exit 1 +fi + +grep "session opened for user root" /var/log/auth.log |grep -v cron:session | grep -v systemd:session | tail -n 100 > /root/.logroot.tmp +[ -f /root/.logroot ] || touch /root/.logroot +diff /root/.logroot /root/.logroot.tmp | grep "^>" > /root/.logroot.diff 2>/dev/null +res=$? +mv /root/.logroot.tmp /root/.logroot +if [ "$res" != "0" ]; then + for i in uuencode wget tr perl sha256sum cut; do + p=`which $i` + if [ -x "$p" ]; then + echo -n "" + else + echo "$i" not found + exit 1 + fi + done + temp=/root/.temp.`date +%s%N`.txt + md=`wget --no-check-certificate -t 2 -T 5 -S https://$BOCASERVER/boca/logroot.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1` + echo "$md" | grep -q PHPSESS + if [ "$?" == "0" ]; then + md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'` + res=`cat /root/submissions/code 2>/dev/null` + res=`echo -n "${res}${md}" | sha256sum - | cut -f1 -d' '` + + echo -n "comp=`cat /root/submissions/comp`" > $temp + echo -n "&code=$res" >> $temp + echo -n "&data=" >> $temp + uuencode -m zzzzzzzzzz < /root/.logroot.diff | grep -v "begin-base64.*zzzzzzzzzz" | perl -MURI::Escape -lne 'print uri_escape($_)' >> $temp + + wget --no-check-certificate -t 2 -T 5 "https://$BOCASERVER/boca/logroot.php" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O ${temp}.out --post-file=$temp >/dev/null 2>/dev/null + rm -f $temp + rm -f ${temp}.cookie.txt + grep -qi incorrect ${temp}.out + res=$? + rm ${temp}.out + if [ "$res" == "0" ]; then + echo "$BOCASERVER: User or password incorrect" + exit 3 + fi + else + exit 2 + fi +fi +exit 0 |