secure-code-game/Season-3/Level-1/solution/solution_test.lua at 68771523d4f8f55299a545ec000b68673cb942de · skills/secure-code-game · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
-- Run solution_test.lua by following the instructions below:

-- This file is a copy of code_test.go and hack_test.go
-- It tests the solution for failing and passing payloads

-- Run them by opening a terminal and running the following:
-- $ (cd Season-3/Level-1/solution && lua solution_test.lua)

local code = require("solution")


local indexHookExploit = function()
    local malicous_code_executed = false

    local malicous_metatable = {
        __metatable = {},
        __index = function(og_table, index)
            print("[SCRIPT EXECUTING]")
            malicous_code_executed = true
            local variables = {}
            local idx = 1
            while true do
                local ln, lv = debug.getlocal(2, idx)
                if ln ~= nil then
                    variables[ln] = lv
                else
                    break
                end
                idx = 1 + idx
            end

            og_table.recieving_payload = variables["secret_key"]

            return "Get PWNED"
        end
    }

    local odd_request = { { source = "Legit link", image = nil }, nil, { source = "Another legit link", image = nil } }
    local malicous_metatable = setmetatable(odd_request, malicous_metatable)
    local result = code.generate_bmps(malicous_metatable)

    if type(result) == "table" and result.recieving_payload ~= nil then
        print("Malicous payload recieved: ", result.recieving_payload)
    end

    print(not malicous_code_executed)
end

local lengthHookExploit = function()
    local malicous_code_executed = false

    local malicous_metatable = {
        __metatable = {},
        __len = function(og_table)
            print("[SCRIPT EXECUTING]")
            malicous_code_executed = true
            local variables = {}
            local idx = 1
            while true do
                local ln, lv = debug.getlocal(2, idx)
                if ln ~= nil then
                    variables[ln] = lv
                else
                    break
                end
                idx = 1 + idx
            end

            og_table.recieving_payload = variables["secret_key"]

            return 3
        end
    }

    local odd_request = {
        { source = "Legit link",                image = nil },
        { source = "Another legit link",        image = nil },
        { source = "Another legit boring link", image = nil }
    }
    local malicous_metatable = setmetatable(odd_request, malicous_metatable)
    local result = code.generate_bmps(malicous_metatable)

    if type(result) == "table" and result.recieving_payload ~= nil then
        print("Malicous payload recieved: ", result.recieving_payload)
    end

    print(not malicous_code_executed)
end


local does_it_return_cats = function()
    local our_normal_request = {
        { source = "Legit link",                image = nil },
        { source = "Another legit link",        image = nil },
        { source = "Another legit boring link", image = nil }
    }

    local expected_result = {
        { source = "Legit link",                image = "Cat pictures" },
        { source = "Another legit link",        image = "Cat pictures" },
        { source = "Another legit boring link", image = "Cat pictures" }
    }

    local result = code.generate_bmps(our_normal_request)

    local isValid = true


    for key, value in pairs(result) do
        if not (value.source == expected_result[key].source and value.image == expected_result[key].image) then
            isValid = false
        end
    end

    print(isValid)
end

local does_it_hanlde_malformed_requests = function()
    local our_normal_request = {
        { source = "Legit link",        image = nil },
        { source = 1,                   image = nil },
        { source = "legit boring link", image = nil }
    }

    local expected_result = {
        { source = "Legit link",        image = "Cat pictures" },
        { source = "Bad request",       image = "Error Image" },
        { source = "legit boring link", image = "Cat pictures" }
    }

    local result = code.generate_bmps(our_normal_request)

    local isValid = true


    for key, value in pairs(result) do
        if not (value.source == expected_result[key].source and value.image == expected_result[key].image) then
            isValid = false
        end
    end

    print(isValid)
end

does_it_return_cats()
does_it_hanlde_malformed_requests()

lengthHookExploit()
indexHookExploit()