simon/CTF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init htb

Browse Source 
old htb folders
This commit is contained in:
Simon
2023-08-29 21:53:22 +02:00
parent 62ab804867
commit 82b0759f1e
21891 changed files with 6277643 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
HTB/encoding/target/api.utils.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
// Global functions
function jsonify($body, $code = null)
{
if ($code) {
http_response_code($code);
}
header('Content-Type: application/json; charset=utf-8');
echo json_encode($body);
exit;
}
function get_included_contents($filename) {
ob_start();
include $filename;
return ob_get_clean();
}
function get_url_content($url){
$domain = parse_url($url, PHP_URL_HOST);
if (gethostbyname($domain) === "127.0.0.1") {
jsonify(["message" => "Unacceptable URL"]);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
$url_content = curl_exec($ch);
curl_close($ch);
return $url_content;
}
function make_api_call($action, $data, $uri_path, $is_file = false){
if ($is_file) {
$post = [
'data' => file_get_contents($data),
'action' => $action,
'uri_path' => $uri_path
];
} else {
$post = [
'data' => $data,
'action' => $action,
'uri_path' => $uri_path
];
}
$ch = curl_init();
$url = 'http://api.haxtables.htb' . $uri_path . '/index.php';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post));
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
$response = curl_exec($ch);
curl_close($ch);
return $response;
}
?>

54
HTB/encoding/target/api.v2.tools.string.index.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
include_once '../../header.php';
include_once '../../../utils.php';
include_once 'utils.php';
start();
if (isset($_FILES['data_file'])) {
$action = $_POST['action'];
$data = file_get_contents($_FILES['data_file']['tmp_name']);
} else {
$jsondata = json_decode(file_get_contents('php://input'), true);
$action = $jsondata['action'];
$data = $jsondata['data'];
if ( empty($jsondata) || !array_key_exists('action', $jsondata))
{
echo jsonify(['message' => 'Insufficient parameters!']);
}
}
if ($action === 'str2hex') {
echo jsonify(['data'=> str2hex($data)]);
} else if ($action === 'hex2str') {
echo jsonify(['data' => hex2str($data) ]);
} else if ($action === 'md5') {
echo jsonify(['data'=> md5($data)]);
} else if ($action === 'sha1') {
echo jsonify(['data'=> sha1($data)]);
} else if ($action === 'urlencode') {
echo jsonify(['data'=> urlencode($data)]);
} else if ($action === 'urldecode') {
echo jsonify(['data'=> urldecode($data)]);
} else if ($action === 'b64encode') {
echo jsonify(['data'=> base64_encode($data)]);
} else if ($action === 'b64decode') {
echo jsonify(['data'=> base64_decode($data)]);
} else {
echo jsonify(['message'=> 'Invalid action'], 404);
}
?>

17
HTB/encoding/target/api.v3.tools.string.utils.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
// Version 3
// String functions
function str2hex($string) {
return bin2hex($string);
}
function hex2str($integer) {
if (!preg_match("/^[0-9A-Fa-f]+$/", $integer)) {
return 'Invalid characters specified';
} else {
return hex2bin($integer);
}
}
?>

58
HTB/encoding/target/api.v3.tools.strings.index.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
include_once '../../../utils.php';
include_once 'utils.php';
if (isset($_FILES['data_file'])) {
$action = $_POST['action'];
$data = file_get_contents($_FILES['data_file']['tmp_name']);
} else {
$jsondata = json_decode(file_get_contents('php://input'), true);
$action = $jsondata['action'];
if ( empty($jsondata) || !array_key_exists('action', $jsondata))
{
echo jsonify(['message' => 'Insufficient parameters!']);
}
if (array_key_exists('file_url', $jsondata)) {
$data = get_url_content($jsondata['file_url']);
} else {
$data = $jsondata['data'];
}
}
if ($action === 'str2hex') {
echo jsonify(['data'=> str2hex($data)]);
} else if ($action === 'hex2str') {
echo jsonify(['data' => hex2str($data) ]);
} else if ($action === 'md5') {
echo jsonify(['data'=> md5($data)]);
} else if ($action === 'sha1') {
echo jsonify(['data'=> sha1($data)]);
} else if ($action === 'urlencode') {
echo jsonify(['data'=> urlencode($data)]);
} else if ($action === 'urldecode') {
echo jsonify(['data'=> urldecode($data)]);
} else if ($action === 'b64encode') {
echo jsonify(['data'=> base64_encode($data)]);
} else if ($action === 'b64decode') {
echo jsonify(['data'=> base64_decode($data)]);
} else {
echo jsonify(['message'=> 'Invalid action'], 404);
}
?>

54
HTB/encoding/target/default-sites.txt Normal file
View File

@@ -0,0 +1,54 @@
<VirtualHost *:80>
ServerName haxtables.htb
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName api.haxtables.htb
ServerAdmin webmaster@localhost
DocumentRoot /var/www/api
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName image.haxtables.htb
ServerAdmin webmaster@localhost
DocumentRoot /var/www/image
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
#SecRuleEngine On
<LocationMatch />
SecAction initcol:ip=%{REMOTE_ADDR},pass,nolog,id:'200001'
SecAction "phase:5,deprecatevar:ip.somepathcounter=1/1,pass,nolog,id:'200002'"
SecRule IP:SOMEPATHCOUNTER "@gt 5" "phase:2,pause:300,deny,status:509,setenv:RATELIMITED,skip:1,nolog,id:'200003'"
SecAction "phase:2,pass,setvar:ip.somepathcounter=+1,nolog,id:'200004'"
Header always set Retry-After "10" env=RATELIMITED
</LocationMatch>
ErrorDocument 429 "Rate Limit Exceeded"
<Directory /var/www/image>
Deny from all
Allow from 127.0.0.1
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</DIrectory>
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Process finished with exit code 0

71
HTB/encoding/target/utils.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
// Global functions
function jsonify($body, $code = null)
{
if ($code) {
http_response_code($code);
}
header('Content-Type: application/json; charset=utf-8');
echo json_encode($body);
exit;
}
function get_included_contents($filename) {
ob_start();
include $filename;
return ob_get_clean();
}
function get_url_content($url){
$domain = parse_url($url, PHP_URL_HOST);
if (gethostbyname($domain) === "127.0.0.1") {
jsonify(["message" => "Unacceptable URL"]);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
$url_content = curl_exec($ch);
curl_close($ch);
return $url_content;
}
function make_api_call($action, $data, $uri_path, $is_file = false){
if ($is_file) {
$post = [
'data' => file_get_contents($data),
'action' => $action,
'uri_path' => $uri_path
];
} else {
$post = [
'data' => $data,
'action' => $action,
'uri_path' => $uri_path
];
}
$ch = curl_init();
$url = 'http://api.haxtables.htb' . $uri_path . '/index.php';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post));
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
$response = curl_exec($ch);
curl_close($ch);
return $response;
}
?>