Add first challenges and the paths_config to understand how it works

challenges/first-chall-first-path/config.yml

@@ -0,0 +1,9 @@
+title: "Can you write it ?"
+description: "you see the flag but you cant copy/paste it"
+hint: "write it down"
+template: "image.html"
+css: "./static/image-style.css"
+javascript: "./static/image-script.js"
+encoding_script: "encoder.sh"
+static_files:
+  - "./static/image.png"

challenges/first-chall-first-path/encoder.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+
+# Retrieve the flag from the first script argument
+FLAG=$1
+
+# Check if the flag has been provided
+if [ -z "$FLAG" ]; then
+    FLAG='Final Flag : Flag{Raph is the best}'
+fi
+
+SCRIPT_DIR=$(dirname "$BASH_SOURCE")
+# Create a temporary directory for the python file
+TEMP_DIR=$(mktemp -d "python.XXXXXX")
+PYTHON_FILE="$TEMP_DIR/createimg.py"
+
+# Create the Java file with the class content
+cat <<EOF > "$PYTHON_FILE"
+#!/usr/bin/env python
+from PIL import Image, ImageDraw, ImageFont
+import sys
+import os
+
+def create_text_image(text, output_path):
+    # Définir la taille de l'image et la couleur de fond
+    img_width, img_height = 400, 400
+    background_color = (255, 0, 0)  # Rouge
+    text_color = (255, 255, 255)  # Blanc
+    
+    # Créer une nouvelle image
+    image = Image.new('RGB', (img_width, img_height), color=background_color)
+    
+    # Initialiser le dessin sur l'image
+    draw = ImageDraw.Draw(image)
+    
+    # Charger une police (vous pouvez spécifier un chemin vers une police spécifique)
+    try:
+        font = ImageFont.truetype("arial.ttf", 50)
+    except IOError:
+        font = ImageFont.load_default()
+
+    text_bbox = draw.textbbox((0, 0), text, font=font)
+    text_width = text_bbox[2] - text_bbox[0]
+    text_height = text_bbox[3] - text_bbox[1]
+    text_x = (img_width - text_width) / 2
+    text_y = (img_height - text_height) / 2
+
+    # Ajouter le texte à l'image
+    draw.text((text_x, text_y), text, font=font, fill=text_color)
+    
+    # Enregistrer l'image
+    image.save(output_path)
+
+
+image_path=os.path.join("..","$SCRIPT_DIR",'static','image.png')
+create_text_image("$FLAG",image_path)
+EOF
+
+# Execute the python file in the temporary directory
+(cd "$TEMP_DIR" && python createimg.py)
+
+# Clean up: Remove the temporary directory
+rm -r "$TEMP_DIR"

challenges/first-chall-first-path/image.html

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>image suivante</title>
+    <link rel="stylesheet" href="{{ url_for('static', path='/style.css') }}" media="screen">
+    <link rel="icon" href="{{ url_for('static', path='/favicon.ico') }}" type="image/x-icon">
+</head>
+<body>
+    <h1>Here is your flag</h1>
+    <p>The flag is automatically created</p>
+    <img src="{{ url_for('static', path='/image.png') }}" alt="">
+</body>
+</html>

challenges/first-chall-first-path/image.py

@@ -0,0 +1,36 @@
+#!/usr/bin/env python
+from PIL import Image, ImageDraw, ImageFont
+import sys
+import os
+
+def create_text_image(text, output_path):
+    # Définir la taille de l'image et la couleur de fond
+    img_width, img_height = 400, 400
+    background_color = (255, 0, 0)  # Rouge
+    text_color = (255, 255, 255)  # Blanc
+
+    # Créer une nouvelle image
+    image = Image.new('RGB', (img_width, img_height), color=background_color)
+
+    # Initialiser le dessin sur l'image
+    draw = ImageDraw.Draw(image)
+
+    # Charger une police (vous pouvez spécifier un chemin vers une police spécifique)
+    try:
+        font = ImageFont.truetype("arial.ttf", 50)
+    except IOError:
+        font = ImageFont.load_default()
+
+    text_bbox = draw.textbbox((0, 0), text, font=font)
+    text_width = text_bbox[2] - text_bbox[0]
+    text_height = text_bbox[3] - text_bbox[1]
+    text_x = (img_width - text_width) / 2
+    text_y = (img_height - text_height) / 2
+
+    # Ajouter le texte à l'image
+    draw.text((text_x, text_y), text, font=font, fill=text_color)
+
+    # Enregistrer l'image
+    image.save(output_path)
+
+create_text_image("/user/bin/env python",os.path.join(".","static","image.png"))

challenges/first-chall-initial/config.yml

@@ -0,0 +1,8 @@
+title: "CTF Michelin"
+description: "Premiere page chez michelin"
+hint: "check the CSS"
+template: "index.html"
+css: "./static/style.css"
+javascript: "./static/script.js"
+static_files:
+  - "./static/image_static.png"

challenges/first-chall-initial/index.html

@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>CTF/Jeu de piste Michelin</title>
+    <link rel="stylesheet" href="{{ url_for('static', path='/style.css') }}">
+    <!-- Favicon is in static and is automatically copied to be accessible everywhere  -->
+    <link rel="icon" href="{{ url_for('static', path='/favicon.ico') }}" type="image/x-icon">
+</head>
+<body>
+    <section class="header">
+        <h1 class="gradient">Jeu de piste</h1>
+        <div><img src="{{ url_for('static', path='/image_static.png') }}" alt="image" /></div><!--  -->
+    </section>
+    <section class="description">
+        <div>
+            <h2 class="gradient">Fonctionnement</h2>
+            <p>
+                Le jeu de piste est composé de plusieurs énigmes. Pour chaque énigme, vous devez trouver un mot de passe qui vous permettra de passer à l'énigme suivante.
+                Les flag sont de la forme X_S0me-str1nG.html 
+            </p>
+            <p>
+                <br>
+                ps: ceci est deja un challenge
+            </p>
+        </div>
+    </section>
+</body>
+</html>

challenges/first-chall-initial/static/style.css

@@ -0,0 +1,54 @@
+*,*::after,*::before{
+    margin: 0;
+    padding: 0;
+    box-sizing: border-box;
+}
+/* flag{
+    {{flag}}
+} */
+
+body{
+    min-height: 100vh;
+    height:100%;
+    font-family: Arial, Helvetica, sans-serif;
+}
+section{
+    display: flex;
+    justify-content: space-evenly;
+    align-items: center;
+    height: 80vh;
+    background-color: #f1f1f1;
+}
+h1{
+    font-family: Arial, Helvetica, sans-serif;
+    font-size: 5rem;
+    font-weight: 700;
+    color: #333;
+}
+.gradient {
+    font-weight: bold;
+    background: radial-gradient(circle, rgba(238,139,139,1) 0%, rgba(9,92,168,1) 100%);
+    -webkit-background-clip: text;
+    background-clip: text;
+    color: transparent;
+}
+h2{
+    font-family: Arial, Helvetica, sans-serif;
+    font-size: 3rem;
+    font-weight: 400;
+    color: #333;
+}
+
+@media screen and (max-width: 768px){
+    section{
+        flex-direction: column;
+    }
+    h1{
+        text-align: center;
+        font-size: 3rem;
+    }
+    h2{
+        font-size: 2rem;
+    }
+
+}

challenges/first-chall-second-path/api.py

@@ -0,0 +1,21 @@
+from fastapi import APIRouter, Request
+from fastapi.templating import Jinja2Templates
+
+
+
+def create_router(templates: Jinja2Templates):
+    router = APIRouter()
+    @router.get("/{{chall_name}}")
+    async def template(request: Request):
+        data = {"request": request}
+        var = templates.TemplateResponse("{{chall_name}}", data)
+        return var
+
+    @router.post("/{{chall_name}}")
+    def send_flag():
+        return {"message":"GG you finished the CTF Now create your own challs"} #"/{{sub_path}}/{{flag}} "}
+
+    return router
+
+router = create_router
+

challenges/first-chall-second-path/config.yml

@@ -0,0 +1,7 @@
+title: "Je ne suis pas LA POSTE "
+description: "from get to post"
+hint: "use POST request to get the flag"
+template: "p0ste.html"
+css: "./static/p0ste-style.css"
+javascript: "./static/p0ste-script.js"
+api: "./api.py"

challenges/first-chall-second-path/p0ste.html

@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Je ne suis pas la poste</title>
+</head>
+<body>
+    <h1>Send a post request to {{chall_name}} to get the flag</h1>
+</body>
+</html>

challenges/second-chall-first-path/config.yml

@@ -0,0 +1,6 @@
+title: "A thousand problem"
+description: "Can you count to that ?"
+hint: "change data-number to 999 and click on the button or chec the script"
+template: "th0usand.html"
+css: "./static/th0usand-style.css"
+javascript: "./static/th0usand-script.js"

challenges/second-chall-first-path/static/th0usand-script.js

@@ -0,0 +1 @@
+//empty

challenges/second-chall-first-path/static/th0usand-style.css

@@ -0,0 +1,8 @@
+#channel {
+    width: 400px;
+    height: 300px;
+    border: 1px solid black;
+    padding: 20px;
+    margin: 0 auto;
+    text-align: center;
+}

challenges/second-chall-first-path/th0usand.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Chasse au trésor</title>
+    <link rel="stylesheet" href="{{ url_for('static', path='/th0usand-style.css') }}" media="screen">
+    <link rel="icon" href="{{ url_for('static', path='/favicon.ico') }}" type="image/x-icon">
+
+
+</head>
+<body>
+    <div id="channel">
+        <h1>Chasse au trésor</h1>
+        <p>Trouvez le drapeau pour gagner!</p>
+        <!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Increment Button</title>
+    <script src="{{ url_for('static', path='/th0usand-script.js') }}"></script>
+    <script>
+        function incrementNumber() {
+            // Sélectionner le bouton
+            const button = document.getElementById('incrementButton');
+            // Récupérer la valeur de l'attribut data-number
+            let number = parseInt(button.getAttribute('data-number'));
+            // Incrémenter la valeur
+            number += 1;
+            if (number === 1000) {
+                alert('Flag{GG YOU WON}');
+            }
+            // Mettre à jour l'attribut data-number avec la nouvelle valeur
+            button.setAttribute('data-number', number);
+            // Afficher la nouvelle valeur sur le bouton
+            button.innerText = `Number: ${number}`;
+        }
+    </script>
+</head>
+<body>
+    <!-- Bouton avec l'attribut data-number initialisé à 0 -->
+    <button id="incrementButton" data-number="0" onclick="incrementNumber()">Number: 0</button>
+</body>
+</html>
+
+        <p id="flagMessage"></p>
+    </div>
+
+    <script>
+        // Code JavaScript pour trouver le drapeau
+        var flagButton = document.getElementById("flagButton");
+        var flagMessage = document.getElementById("flagMessage");
+
+        flagButton.addEventListener("click", function() {
+            flagMessage.textContent = "Félicitations! Vous avez trouvé le drapeau!";
+        });
+    </script>
+    <script>
+        // Code JavaScript pour trouver le Flag
+        var flagMsg = document.getElementById("flagmsg");
+        var flagBtn = document.getElementById("Flag");
+
+        flagBtn.addEventListener("click", function() {
+            flagMsg.textContent = "GG you found the flag";
+        });
+    </script>
+</body>
+</html>

challenges/second-chall-initial/config.yml

@@ -0,0 +1,6 @@
+title: "Choisis ta voie"
+description: "Fromage ou dessert ?"
+hint: "Clic on the chosen track (you might inspect the link and use the href)"
+template: "s3parat3.html"
+css: "./static/s3parat3-style.css"
+javascript: "./static/s3parat3-script.js"

challenges/second-chall-initial/s3parat3.html

@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html lang="en" >
+<head>
+  <meta charset="UTF-8">
+  <title>Choose your Path</title>
+  <link href="https://fonts.googleapis.com/css?family=Press+Start+2P" rel="stylesheet">
+<link rel="stylesheet" href="{{ url_for('static', path='/s3parat3-style.css') }}">
+
+<link rel="icon" href="{{ url_for('static', path='/favicon.ico') }}" type="image/x-icon">
+</head>
+<body>
+  <header>
+    <link href="https://fonts.googleapis.com/css2?family=Lato&display=swap" rel="stylesheet">
+ </header>
+
+ <h1>Choose ur path</h1>
+
+ <div class="frame">
+  {% for path in PATH["PATHS"] %}
+   <button class="custom-btn btn-{{1+(loop.index %10)}}"><a href="/{{path}}/{{first_path_chall[loop.index-1]}}">{{path}}</a></button>
+   {% endfor %}
+ </div>
+
+  <script  src="{{ url_for('static', path='/s3parat3-script.js') }}"></script>
+
+</body>
+</html>