feat(misc/superguesser): add superguesser parts 1,2 and 3

README.md

@@ -26,9 +26,11 @@ Although some of the challenges may run as is, it is recommended that you have d
 
 ### misc
 
-| Name                           | Author      |
-| ------------------------------ | ----------- |
-| [Placeholder](./misc/.gitkeep) | Placeholder |
+| Name                                         | Author |
+| -------------------------------------------- | ------ |
+| [Superguesser Part 1](./misc/superguesser)   | koks   |
+| [Superguesser Part 2](./misc/superguesser_2) | koks   |
+| [Superguesser Part 3](./misc/superguesser_3) | koks   |
 
 ### pwn
 

misc/superguesser/challenge.yml

@@ -0,0 +1,27 @@
+name: "Superguesser Part 1"
+author: "koks"
+category: misc
+
+description: |
+  The machines seem to live and breathe in binary. Use that against them and capture the flag.
+
+value: 500
+type: dynamic_docker
+extra:
+  initial: 500
+  minimum: 100
+  decay: 25
+  redirect_type: direct
+  compose_stack: !filecontents docker-compose.yml
+
+flags:
+  - CCSC{part1_sec0nds_and_s33ds_d0nt_m1x_t0gether}
+
+tags:
+  - misc
+  - easy
+  - medium
+  - hard
+
+state: visible
+version: "0.1"

misc/superguesser/docker-compose.yml

@@ -0,0 +1,7 @@
+version: '3'
+services:
+  superguesser:
+    image: ghcr.io/cybermouflons/ccsc2024/superguesser:latest
+    build: ./setup/
+    ports:
+      - 9745:9745

misc/superguesser/setup/Dockerfile

@@ -0,0 +1,20 @@
+FROM golang:1.22.1-alpine3.19 as builder
+
+RUN mkdir -p /temp/builder
+COPY main.go /temp/builder
+RUN cd /temp/builder && go build -o superguesser main.go
+
+FROM alpine:3.19
+
+RUN mkdir /challenge
+WORKDIR /challenge
+COPY --from=builder /temp/builder/superguesser .
+
+RUN addgroup -S challenge && adduser -S challenge -G challenge
+USER challenge
+
+ENV FLAG_ONE="CCSC{part1_sec0nds_and_s33ds_d0nt_m1x_t0gether}"
+ENV FLAG_TWO="CCSC{part2_m1lli5_n33d_som3_brains_and_s0me_luck}"
+ENV FLAG_THREE="CCSC{part3_nan0s_d0nt_c4re_bis3ct_is_1n_the_a1r}"
+
+ENTRYPOINT [ "./superguesser" ]

misc/superguesser/setup/main.go

@@ -0,0 +1,169 @@
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"math"
+	"math/rand"
+	"net"
+	"os"
+	"strconv"
+	"strings"
+	"time"
+)
+
+var flags []string
+
+func init() {
+	flag_one := os.Getenv("FLAG_ONE")
+	if flag_one == "" {
+		flag_one = "CCSC{fake_dummy_flag_1}"
+	}
+
+	flag_two := os.Getenv("FLAG_TWO")
+	if flag_two == "" {
+		flag_two = "CCSC{fake_dummy_flag_2}"
+	}
+
+	flag_three := os.Getenv("FLAG_THREE")
+	if flag_three == "" {
+		flag_three = "CCSC{fake_dummy_flag_3}"
+	}
+
+	flags = []string{flag_one, flag_two, flag_three}
+}
+
+func main() {
+	port := os.Getenv("PORT")
+	if port == "" {
+		port = "7945"
+	}
+	listener, err := net.Listen("tcp", ":"+port)
+	if err != nil {
+		fmt.Println("Error listening:", err.Error())
+		return
+	}
+	defer listener.Close()
+
+	fmt.Println("Listening on port " + port)
+
+	for {
+		conn, err := listener.Accept()
+		if err != nil {
+			fmt.Println("Error accepting connection:", err.Error())
+			return
+		}
+
+		fmt.Println("Client connected")
+
+		go handleConnection(conn)
+	}
+}
+
+func handleConnection(conn net.Conn) {
+	defer conn.Close()
+
+	gen := func(part int) (randomNumber int64, maxTries int) {
+		switch part {
+		case 1:
+			seed := time.Now().Unix()
+			random := rand.New(rand.NewSource(seed))
+			randomNumber, maxTries = random.Int63(), 5
+			return
+		case 2:
+			seed := time.Now().UnixMilli()
+			random := rand.New(rand.NewSource(seed))
+			randomNumber, maxTries = random.Int63(), 50
+			return
+		case 3:
+			seed := time.Now().UnixNano()
+			random := rand.New(rand.NewSource(seed))
+			randomNumber, maxTries = random.Int63(), 500
+			return
+		}
+		return 0, 0
+	}
+
+	reader := bufio.NewReader(conn)
+	writer := bufio.NewWriter(conn)
+
+	writer.WriteString("v1.1\n")
+	writer.WriteString("=======================================================\n")
+	writer.WriteString("ReverseCAPTCHA commencing... Prove you are not a human!\n")
+	writer.WriteString("=======================================================\n\n")
+	writer.Flush()
+
+	var optionSelected = -1
+
+	for {
+		writer.WriteString("Options:\n--------\n(1) Part One\n(2) Part Two\n(3) Part Three\n\nSolve part: ")
+		writer.Flush()
+
+		input, err := reader.ReadString('\n')
+		if err != nil {
+			fmt.Println("Error reading input:", err.Error())
+			return
+		}
+
+		input = strings.TrimSpace(input)
+		option, err := strconv.Atoi(input)
+		if err != nil || option > 3 || option < 1 {
+			writer.WriteString("\n[x] Invalid input.\n\n")
+			writer.Flush()
+			continue
+		}
+
+		optionSelected = option
+		break
+	}
+
+	randomNumber, maxTries := gen(optionSelected)
+	if randomNumber == 0 {
+		fmt.Println("Something's wrong, terminate")
+		return
+	}
+
+	triesLeft := maxTries
+
+	writer.WriteString("\n")
+	writer.WriteString(fmt.Sprintf("I've hallucinated a number between 0 and %d. Can you guess it?\n\n", math.MaxInt64))
+	writer.WriteString(fmt.Sprintf("You have %d tries.\n\n", maxTries))
+	writer.Flush()
+
+	for {
+		writer.WriteString(fmt.Sprintf("[%d]: ", triesLeft))
+		writer.Flush()
+
+		input, err := reader.ReadString('\n')
+		if err != nil {
+			fmt.Println("Error reading input:", err.Error())
+			return
+		}
+
+		input = strings.TrimSpace(input)
+		guess, err := strconv.ParseInt(input, 10, 64)
+		if err != nil {
+			writer.WriteString("Invalid input.\n")
+			writer.Flush()
+			continue
+		}
+
+		triesLeft--
+
+		if triesLeft <= 0 {
+			writer.WriteString("\nBye.\n")
+			writer.Flush()
+			return
+		} else if guess < randomNumber {
+			writer.WriteString("++ Higher\n")
+			writer.Flush()
+		} else if guess > randomNumber {
+			writer.WriteString("-- Lower\n")
+			writer.Flush()
+		} else {
+			writer.WriteString(fmt.Sprintf("Superior computational brain power detected.\n%s\n", flags[optionSelected-1]))
+			writer.Flush()
+			return
+		}
+	}
+}

misc/superguesser_2/challenge.yml

@@ -0,0 +1,27 @@
+name: "Superguesser Part 2"
+author: "koks"
+category: misc
+
+description: |
+  The machines seem to live and breathe in binary. Use that against them and capture the flag.
+
+value: 500
+type: dynamic_docker
+extra:
+  initial: 500
+  minimum: 100
+  decay: 25
+  redirect_type: direct
+  compose_stack: !filecontents docker-compose.yml
+
+flags:
+  - CCSC{part2_m1lli5_n33d_som3_brains_and_s0me_luck}
+
+tags:
+  - misc
+  - easy
+  - medium
+  - hard
+
+state: visible
+version: "0.1"

misc/superguesser_2/docker-compose.yml

@@ -0,0 +1,7 @@
+version: '3'
+services:
+  superguesser:
+    image: ghcr.io/cybermouflons/ccsc2024/superguesser:latest
+    build: ../superguesser/setup/
+    ports:
+      - 9745:9745

misc/superguesser_3/challenge.yml

@@ -0,0 +1,27 @@
+name: "Superguesser Part 3"
+author: "koks"
+category: misc
+
+description: |
+  The machines seem to live and breathe in binary. Use that against them and capture the flag.
+
+value: 500
+type: dynamic_docker
+extra:
+  initial: 500
+  minimum: 100
+  decay: 25
+  redirect_type: direct
+  compose_stack: !filecontents docker-compose.yml
+
+flags:
+  - CCSC{part3_nan0s_d0nt_c4re_bis3ct_is_1n_the_a1r}
+
+tags:
+  - misc
+  - easy
+  - medium
+  - hard
+
+state: visible
+version: "0.1"

misc/superguesser_3/docker-compose.yml

@@ -0,0 +1,7 @@
+version: '3'
+services:
+  superguesser:
+    image: ghcr.io/cybermouflons/ccsc2024/superguesser:latest
+    build: ../superguesser/setup/
+    ports:
+      - 9745:9745

web/arcane-nebula/setup/Dockerfile

@@ -19,5 +19,4 @@ WORKDIR /app
 
 # run the app
 USER bun
-EXPOSE 3000/tcp
 ENTRYPOINT [ "bun", "run", "index.ts" ]