fix(leet): Remove symbols from LeetDictionary (#43)

* fix(leet): Remove symbols from LeetDictionary * Use dictionary initializer and minor enhancement * Dispose SHA256 eagerly * wip: add more items to charmap * wip: update placeholder Co-authored-by: Steve <[email protected]> Co-authored-by: GZTime <[email protected]>
GZTimeWalker · Sep 23, 2022 · 63d86fc · 63d86fc
1 parent 0d3c6c7
commit 63d86fc
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 20 deletions.
diff --git a/GZCTF/CTFServer.csproj b/GZCTF/CTFServer.csproj
@@ -25,7 +25,7 @@
   <ItemGroup>
     <PackageReference Include="AspNetCoreRateLimit" Version="4.0.2" />
     <PackageReference Include="Docker.DotNet" Version="3.125.12" />
-    <PackageReference Include="KubernetesClient" Version="8.0.68" />
+    <PackageReference Include="KubernetesClient" Version="9.0.25" />
     <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.9" />
     <PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.Json" Version="6.0.9" />
     <PackageReference Include="Microsoft.AspNetCore.SpaProxy" Version="6.0.9" />

diff --git a/GZCTF/ClientApp/src/components/ChallengeDetailModal.tsx b/GZCTF/ClientApp/src/components/ChallengeDetailModal.tsx
@@ -28,6 +28,7 @@ import { useTypographyStyles } from '@Utils/useTypographyStyles'
 import api, { AnswerResult, ChallengeType } from '@Api'
 import { ChallengeTagItemProps } from '../utils/ChallengeItem'
 import MarkdownRender from './MarkdownRender'
+import { useRef } from 'react'
 
 interface ChallengeDetailModalProps extends ModalProps {
   gameId: number
@@ -60,6 +61,30 @@ const Countdown: FC<{ time: string }> = ({ time }) => {
   )
 }
 
+const FlagPlaceholders: string[] = [
+  '横看成岭侧成峰，flag 高低各不同',
+  'flag 当关，万夫莫开',
+  '寻寻觅觅，冷冷清清，flag 惨惨戚戚',
+  '问君能有几多愁？恰似一江 flag 向东流',
+  '人生得意须尽欢，莫使 flag 空对月',
+  '汉皇重色思 flag，御宇多年求不得',
+  'flag 几时有？把酒问青天',
+  '羽扇纶巾，谈笑间，flag 灰飞烟灭',
+  '浊酒一杯家万里，flag 未勒归无计',
+  '孤帆远影碧空尽，唯见 flag 天际流',
+  '安得 flag 千万间，大庇天下 ctfer 俱欢颜！',
+  '两个黄鹂鸣翠柳，一行 flag 上青天',
+  'flag 一场大梦，人生几度秋凉？',
+  '剪不断，理还乱，是 flag',
+  '蓦然回首，flag 却在，灯火阑珊处',
+  '稻花香里说丰年，听取 flag 一片',
+  '采菊东篱下，悠然见 flag',
+  '不畏 flag 遮望眼，自缘身在最高层',
+  '便纵有千种 flag，更与何人说？',
+  '人生自古谁无死？留取 flag 照汗青',
+  '借问 flag 何处有？牧童遥指杏花村'
+]
+
 const ChallengeDetailModal: FC<ChallengeDetailModalProps> = (props) => {
   const { gameId, challengeId, tagData, title, score, solved, ...modalProps } = props
   const [downloadOpened, { close: downloadClose, open: downloadOpen }] = useDisclosure(false)
@@ -234,6 +259,12 @@ const ChallengeDetailModal: FC<ChallengeDetailModalProps> = (props) => {
     }
   }
 
+  const placeholder = useRef('')
+
+  if (props.opened) {
+    placeholder.current = FlagPlaceholders[Math.floor(Math.random() * FlagPlaceholders.length)]
+  }
+
   return (
     <Modal
       {...modalProps}
@@ -372,7 +403,7 @@ const ChallengeDetailModal: FC<ChallengeDetailModalProps> = (props) => {
         ) : (
           <form onSubmit={onSubmit}>
             <TextInput
-              placeholder="flag{...}"
+              placeholder={placeholder.current}
               value={flag}
               onChange={setFlag}
               styles={{

diff --git a/GZCTF/Repositories/FileRepository.cs b/GZCTF/Repositories/FileRepository.cs
@@ -30,8 +30,9 @@ public async Task<LocalFile> CreateOrUpdateFile(IFormFile file, string? fileName
         await file.CopyToAsync(tmp, token);
 
         tmp.Position = 0;
-        var hash = await SHA256.Create().ComputeHashAsync(tmp, token);
-        var fileHash = BitConverter.ToString(hash).Replace("-", "").ToLower();
+        using SHA256 sha256 = SHA256.Create();
+        var hash = await sha256.ComputeHashAsync(tmp, token); // TODO: change to use SHA256.HashDataAsync in .NET 7
+        var fileHash = BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
 
         var localFile = await GetFileByHash(fileHash, token);
 
@@ -110,4 +111,4 @@ public async Task<TaskStatus> DeleteFileByHash(string fileHash, CancellationToke
 
     public Task<List<LocalFile>> GetFiles(int count, int skip, CancellationToken token = default)
         => context.Files.OrderBy(e => e.Name).Skip(skip).Take(count).ToListAsync(token);
-}
+}
diff --git a/GZCTF/Utils/Codec.cs b/GZCTF/Utils/Codec.cs
@@ -79,12 +79,12 @@ public static class Leet
     {
         private readonly static Dictionary<char, string> CharMap = new()
         {
-            { 'A', "Aa4@" }, { 'B', "Bb68" }, { 'C', "Cc" }, { 'D', "Dd" }, { 'E', "Ee3" }, { 'F', "Ff1" },
-            { 'G', "Gg69" }, { 'H', "Hh" }, { 'I', "Ii1l!" }, { 'J', "Jj" }, { 'K', "Kk" }, { 'L', "Ll1I" },
-            { 'M', "Mm" }, { 'N', "Nn" }, { 'O', "Oo0" }, { 'P', "Pp" }, { 'Q', "Qq9" }, { 'R', "Rr" },
-            { 'S', "Ss5$" }, { 'T', "Tt7" }, { 'U', "Uu" }, { 'V', "Vv" }, { 'W', "Ww" }, { 'X', "Xx" },
-            { 'Y', "Yy" }, { 'Z', "Zz2" }, { '0', "0oO" }, { '1', "1!lI" }, { '2', "2zZ" }, { '3', "3eE" },
-            { '4', "4aA" }, { '5', "5Ss" }, { '6', "6G" }, { '9', "9g" }
+            ['A'] = "Aa4", ['B'] = "Bb68", ['C'] = "Cc", ['D'] = "Dd", ['E'] = "Ee3", ['F'] = "Ff1",
+            ['G'] = "Gg69", ['H'] = "Hh", ['I'] = "Ii1l", ['J'] = "Jj", ['K'] = "Kk", ['L'] = "Ll1I",
+            ['M'] = "Mm", ['N'] = "Nn", ['O'] = "Oo0", ['P'] = "Pp", ['Q'] = "Qq9", ['R'] = "Rr",
+            ['S'] = "Ss5", ['T'] = "Tt7", ['U'] = "Uu", ['V'] = "Vv", ['W'] = "Ww", ['X'] = "Xx",
+            ['Y'] = "Yy", ['Z'] = "Zz2", ['0'] = "0oO", ['1'] = "1lI", ['2'] = "2zZ", ['3'] = "3eE",
+            ['4'] = "4aA", ['5'] = "5Ss", ['6'] = "6Gb", ['7'] = "7T", ['8'] = "8bB", ['9'] = "9g"
         };
 
         public static double LeetEntropy(string flag)
@@ -118,7 +118,7 @@ public static string LeetFlag(string original)
                     doLeet = false;
                 else if (doLeet && CharMap.TryGetValue(char.ToUpperInvariant(c), out string? table) && table is not null)
                 {
-                    var nc = table.ElementAt(random.Next(table.Length));
+                    var nc = table[random.Next(table.Length)];
                     sb.Append(nc);
                     continue;
                 }
@@ -160,7 +160,7 @@ public static string RandomPassword(int length)
     public static string BytesToHex(byte[] bytes, bool useLower = true)
     {
         string output = BitConverter.ToString(bytes).Replace("-", "");
-        return useLower ? output.ToLower() : output.ToUpper();
+        return useLower ? output.ToLowerInvariant() : output.ToUpperInvariant();
     }
 
     /// <summary>
@@ -222,8 +222,7 @@ public static string Reverse(string s)
     /// <returns></returns>
     public static string StrMD5(string str, bool useBase64 = false)
     {
-        MD5 md5 = MD5.Create();
-        byte[] output = md5.ComputeHash(Encoding.Default.GetBytes(str));
+        byte[] output = MD5.HashData(Encoding.Default.GetBytes(str));
         if (useBase64)
             return Convert.ToBase64String(output);
         else
@@ -238,8 +237,7 @@ public static string StrMD5(string str, bool useBase64 = false)
     /// <returns></returns>
     public static string StrSHA256(string str, bool useBase64 = false)
     {
-        SHA256 sha256 = SHA256.Create();
-        byte[] output = sha256.ComputeHash(Encoding.Default.GetBytes(str));
+        byte[] output = SHA256.HashData(Encoding.Default.GetBytes(str));
         if (useBase64)
             return Convert.ToBase64String(output);
         else
@@ -252,13 +250,13 @@ public static string StrSHA256(string str, bool useBase64 = false)
     /// <param name="str">原始字符串</param>
     /// <returns></returns>
     public static byte[] BytesMD5(string str)
-        => MD5.Create().ComputeHash(Encoding.Default.GetBytes(str));
+        => MD5.HashData(Encoding.Default.GetBytes(str));
 
     /// <summary>
     /// 获取SHA256哈希字节摘要
     /// </summary>
     /// <param name="str">原始字符串</param>
     /// <returns></returns>
     public static byte[] BytesSHA256(string str)
-        => SHA256.Create().ComputeHash(Encoding.Default.GetBytes(str));
-}
+        => SHA256.HashData(Encoding.Default.GetBytes(str));
+}