tosu
/
hackhpi23-cyber-range
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

big progress

This commit is contained in:
KyuDev 2023-04-13 21:29:38 +02:00
parent 1d95ede8db
commit fceb51ad8c
3 changed files with 146 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webserver/database/users/12345/user.json
View File

@ -1,7 +1,7 @@
{ {
"userid":"12345", "userid":"12345",
"username":"Admin Test", "username":"1",
"email":"", "email":"",
"password":"supersecure", "password":"1",
"picture":"/static/icon/main_free.png" "picture":"/static/icon/main_free.png"
} }

98
webserver/main.py
View File

@ -13,6 +13,7 @@ from shutil import copyfile
from werkzeug.middleware.shared_data import SharedDataMiddleware from werkzeug.middleware.shared_data import SharedDataMiddleware
from oauthlib.oauth2 import WebApplicationClient from oauthlib.oauth2 import WebApplicationClient
from discord_webhook import DiscordWebhook, DiscordEmbed from discord_webhook import DiscordWebhook, DiscordEmbed
from base64 import b64decode
app = Flask(__name__) app = Flask(__name__)
@ -70,7 +71,7 @@ def login_general():
if not matching_user_json == None: if not matching_user_json == None:
if matching_user_json["password"] == password_login: if matching_user_json["password"] == password_login:
var_user_to_login = User(matching_user_json["id"]) var_user_to_login = User(matching_user_json["userid"])
login_user(var_user_to_login) login_user(var_user_to_login)
return redirect("/d1") return redirect("/d1")
else: else:
@ -107,20 +108,67 @@ def cpdashy_1_main():
with open(f'database/users/{userid}/user.json','r') as f: with open(f'database/users/{userid}/user.json','r') as f:
user_data = json.load(f) user_data = json.load(f)
# Continue here -> log data reading if not os.path.exists("database/temp/sim_running.txt"):
# start sim button sim_running = "False"
else:
with open("database/temp/sim_running.txt","r") as f:
sim_running = f.read()
return render_template("main/dashboard_main1.html",sidebar_html_insert=cpdash_get_sidebar().replace("active_state_class1","is-active"), profile_picture=user_data["picture"],profile_username=user_data["username"],profile_userid=user_data["userid"],profile_email=user_data["email"]) if not os.path.exists("database/temp/sim_start.txt"):
sim_start_timestamp = "0"
else:
with open("database/temp/sim_start.txt","r") as f:
sim_start_timestamp_stamp = int(f.read().split(".")[0])
sim_start_timestamp = str(round((time.time() - sim_start_timestamp_stamp) / 60,3))
with open("database/logs/blue.json","r") as f:
blue_logs_list_ori = json.load(f)
blue_logs_list = []
for blue_log_now in blue_logs_list_ori:
min, sec = divmod(time.time() - int(blue_log_now["timestamp"]),60)
blue_log_now["timestamp"] = str(int(min)) + "m " + str(int(round(sec,0))) + "s"
blue_logs_list.append(blue_log_now)
with open("database/logs/red.json","r") as f:
red_logs_list_ori = json.load(f)
red_logs_list = []
for red_log_now in red_logs_list_ori:
min, sec = divmod(time.time() - int(red_log_now["timestamp"]),60)
red_log_now["timestamp"] = str(int(min)) + "m " + str(int(round(sec,0))) + "s"
red_logs_list.append(red_log_now)
blue_logs_list.reverse()
red_logs_list.reverse()
return render_template("main/dashboard_main1.html",blue_logs_list=blue_logs_list,red_logs_list=red_logs_list,sim_running=sim_running,sim_start_timestamp=sim_start_timestamp,sidebar_html_insert=cpdash_get_sidebar().replace("active_state_class1","is-active"), profile_picture=user_data["picture"],profile_username=user_data["username"],profile_userid=user_data["userid"],profile_email=user_data["email"])
else: else:
return redirect('/login') return redirect('/login')
@app.route("/d1/startsim", methods=['GET']) #start the sim @app.route("/d1/startsim", methods=['GET']) #start and stop the sim
def cpdashy_startsim(): def cpdashy_startsim():
if current_user.is_authenticated: if current_user.is_authenticated:
clear_session_full() if os.path.exists("database/temp/sim_running.txt"):
with open("database/temp/attack_start.txt","w") as f: with open("database/temp/sim_running.txt","r") as f:
f.write(str(time.time())) current_state = f.read()
if not current_state == "False":
with open("database/temp/sim_running.txt","w") as f:
f.write("False")
else:
clear_session_full()
with open("database/temp/sim_start.txt","w") as f:
f.write(str(time.time()))
with open("database/temp/sim_running.txt","w") as f:
f.write("True")
else:
clear_session_full()
with open("database/temp/sim_start.txt","w") as f:
f.write(str(time.time()))
with open("database/temp/sim_running.txt","w") as f:
f.write("True")
return redirect("/d1") return redirect("/d1")
else: else:
return redirect('/login') return redirect('/login')
@ -128,12 +176,15 @@ def cpdashy_startsim():
# API # API
def clear_session_full(): def clear_session_full():
os.remove("database/temp/sim_start.txt") for file_now in ["database/temp/sim_start.txt","database/temp/attack_start.txt","database/temp/sim_running.txt","database/temp/attack_running.txt"]:
os.remove("database/temp/attack_start.txt") try:
os.remove(file_now)
except:
pass
with open("database/logs/red.json","w") as f: with open("database/logs/red.json","w") as f:
f.write("{}") f.write("[]")
with open("database/logs/blue.json","w") as f: with open("database/logs/blue.json","w") as f:
f.write("{}") f.write("[]")
@app.route("/api/red", methods=['POST']) @app.route("/api/red", methods=['POST'])
def api_red_logs(): def api_red_logs():
@ -141,7 +192,7 @@ def api_red_logs():
print("red log received") print("red log received")
print(temp_json_n) print(temp_json_n)
if temp_json_n["title"] == "Start of attack": if temp_json_n["data"] == "Start of attack":
with open("database/temp/attack_start.txt",'w') as f: with open("database/temp/attack_start.txt",'w') as f:
f.write(str(temp_json_n["timestamp"])) f.write(str(temp_json_n["timestamp"]))
@ -149,7 +200,24 @@ def api_red_logs():
logs_list = json.load(f) logs_list = json.load(f)
logs_list.append(temp_json_n) logs_list.append(temp_json_n)
with open("database/logs/red.json","w") as f: with open("database/logs/red.json","w") as f:
json.dump(logs_list) json.dump(logs_list,f)
return("log saved")
@app.route("/api/blue", methods=['POST'])
def api_blue_logs():
temp_json_n = request.json
temp_json_n["data"] = b64decode(temp_json_n["data"]).decode("utf-8").replace("\n","<br>")
print("blue log received")
print(temp_json_n)
with open("database/logs/blue.json","r") as f:
logs_list = json.load(f)
logs_list.append(temp_json_n)
with open("database/logs/blue.json","w") as f:
json.dump(logs_list,f)
return("log saved") return("log saved")
@ -165,5 +233,7 @@ def custom_401(error):
def custom_404(error): def custom_404(error):
return redirect("/") return redirect("/")
clear_session_full()
if __name__ == '__main__': if __name__ == '__main__':
app.run(host='185.78.255.231', threaded=True,use_reloader=True, port=443, ssl_context=('/etc/letsencrypt/live/network.kyudev.xyz/fullchain.pem', '/etc/letsencrypt/live/network.kyudev.xyz/privkey.pem')) app.run(host='185.78.255.231', threaded=True,use_reloader=True, port=443, ssl_context=('/etc/letsencrypt/live/network.kyudev.xyz/fullchain.pem', '/etc/letsencrypt/live/network.kyudev.xyz/privkey.pem'))

75
webserver/templates/main/dashboard_main1.html
View File

@ -8,6 +8,8 @@
<meta name="title" content="CyberRange"> <meta name="title" content="CyberRange">
<meta name="description" content="Teach and Test you employee about cyber attacks"> <meta name="description" content="Teach and Test you employee about cyber attacks">
<!-- <meta http-equiv="refresh" content="3"> -->
<style> <style>
@import url("https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap"); @import url("https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap");
@ -38,8 +40,8 @@
body { body {
font-family: var(--body-font); font-family: var(--body-font);
color: var(--body-color); color: var(--body-color);
background-image: url("https://wallpaperstock.net/planet-stars-mountains-field-wallpapers_44750_1920x1200.jpg?ixlib=rb-1.2.1&ixid=MXwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHw%3D&auto=format&fit=crop&w=1951&q=80"); /* background-image: url("https://wallpaperstock.net/planet-stars-mountains-field-wallpapers_44750_1920x1200.jpg?ixlib=rb-1.2.1&ixid=MXwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHw%3D&auto=format&fit=crop&w=1951&q=80"); */
background-image: url(https://wallpaperstock.net/planet-stars-mountains-field-wallpapers_44750_1920x1200.jpg?ixlib=rb-1.2.1&ixid=MXwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHw%3D&auto=format&fit=crop&w=1950&q=80); /* background-image: url(https://wallpaperstock.net/planet-stars-mountains-field-wallpapers_44750_1920x1200.jpg?ixlib=rb-1.2.1&ixid=MXwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHw%3D&auto=format&fit=crop&w=1950&q=80); */
background-position: center; background-position: center;
background-size: cover; background-size: cover;
background-repeat: no-repeat; background-repeat: no-repeat;
@ -351,10 +353,10 @@
overflow: auto; overflow: auto;
} }
.anim { /* .anim {
-webkit-animation: bottom 0.8s var(--delay) both; -webkit-animation: bottom 0.8s var(--delay) both;
animation: bottom 0.8s var(--delay) both; animation: bottom 0.8s var(--delay) both;
} } */
.main-header { .main-header {
font-size: 30px; font-size: 30px;
@ -618,10 +620,6 @@
z-index: 10; z-index: 10;
} }
.video:hover .video-by {
color: #c034dcb4;
}
.video-author { .video-author {
position: absolute; position: absolute;
right: 10px; right: 10px;
@ -1302,25 +1300,25 @@
<div class="main-header anim" style="--delay: 0.4s">General</div> <div class="main-header anim" style="--delay: 0.4s">General</div>
<div class="videos"> <div class="videos">
<div class="video anim" style="--delay: .4s"> <div class="video anim" style="--delay: .4s">
<a target="_blank" href="#" style="text-decoration: none;color: #ff66d9;"> <a href="#" style="text-decoration: none;color: #ff66d9;">
<div class="video-by" title="Time elapsed since the Attack started">Time since Attack start</div> <div class="video-by" title="Time elapsed since the Attack started">Time since Attack start</div>
<div class="video-name padding_stat_n">xxx</div> <div class="video-name padding_stat_n">xxx</div>
</a> </a>
</div> </div>
<div class="video anim" style="--delay: .45s"> <div class="video anim" style="--delay: .45s">
<a href="#" style="text-decoration: none;color: #ff66d9;"> <a href="#" style="text-decoration: none;color: #ff66d9;">
<div class="video-by" title="xxx">Time since Sim start</div> <div class="video-by" title="Time since the sim started">Time since Sim start</div>
<div class="video-name padding_stat_n">xxx</div> <div class="video-name padding_stat_n" id="time_since_sim_start_min"></div>
</a> </a>
</div> </div>
<div class="video anim" style="--delay: .5s"> <div class="video anim" style="--delay: .5s">
<a target="_blank" href="/d1/startsim" style="text-decoration: none;color: #ff66d9;"> <a href="/d1/startsim" style="text-decoration: none;color: #ff66d9;">
<div class="video-by" title="Start the Simulation">Start Simulation</div> <div class="video-by" title="Start or Stop the Simulation" id="start_stop_sim_btn">Start Simulation</div>
<div class="video-name padding_stat_n">click here</div> <div class="video-name padding_stat_n">click here</div>
</a> </a>
</div> </div>
<div class="video anim" style="--delay: .55s"> <div class="video anim" style="--delay: .55s">
<a target="_blank" href="#" style="text-decoration: none;color: #ff66d9;"> <a href="#" style="text-decoration: none;color: #ff66d9;">
<div class="video-by" title="xxx">Other</div> <div class="video-by" title="xxx">Other</div>
<div class="video-name padding_stat_n">xxx</div> <div class="video-name padding_stat_n">xxx</div>
</a> </a>
@ -1331,9 +1329,56 @@
<div class="main-header anim" style="--delay: 0.6s">Logs</div> <div class="main-header anim" style="--delay: 0.6s">Logs</div>
<div class="videos"> <div class="videos">
gimme a bit <div class="video anim" style="width: 203%;">
<div style="text-decoration: none;color: #666eff;">
<div class="video-by">Defender</div>
<div class="video-name padding_stat_n" style="width: 99%;">
<table>
{% for blue_log_now in blue_logs_list %}
<tr>
{% autoescape false %}
<td>{{ blue_log_now["timestamp"] }}</td>
<td style="color:white;font-size: 20px;">|</td>
<td style="color: white;font-weight: 700;word-break: break-all;">{{ blue_log_now["data"] }}</td>
{% endautoescape %}
</tr>
{% endfor %}
</table>
</div>
</div>
</div>
<div class="video anim" style="width: 0;"></div>
<div class="video anim" style="width: 203%;">
<div style="text-decoration: none;color: #ff6666;">
<div class="video-by">Attacker</div>
<div class="video-name padding_stat_n">
<table>
{% for red_log_now in red_logs_list %}
<tr>
<td>{{ red_log_now["timestamp"] }}</td>
<td style="color:white;font-size: 20px;">|</td>
<td style="color: white;font-weight: 700;">{{ red_log_now["data"] }}</td>
</tr>
{% endfor %}
</table>
</div>
</div>
</div>
</div><br> </div><br>
</div> </div>
<script>
if("{{ sim_running }}" == "True"){
console.log("1")
document.getElementById("start_stop_sim_btn").innerHTML = "Stop Simulation"
} else {
console.log("2")
document.getElementById("start_stop_sim_btn").innerHTML = "Start Simulation"
}
document.getElementById("time_since_sim_start_min").innerHTML = {{sim_start_timestamp}} + " min"
</script>
</div> </div>
</div> </div>
</body> </body>