Cookie Clicker (#70)

* New Challenge * move files out of src folder + start deploy stuff * chall fixes * Dockerize + add solve script * Hide for now --------- Co-authored-by: mudasir <[email protected]> Co-authored-by: glacialcascade <[email protected]>
BCACTF · Jun 9, 2024 · 28163a4 · 28163a4
1 parent 8252ff8
commit 28163a4
Show file tree

Hide file tree

Showing 11 changed files with 1,190 additions and 0 deletions.
diff --git a/cookie-clicker/Dockerfile b/cookie-clicker/Dockerfile
@@ -0,0 +1,13 @@
+FROM node:20-bookworm
+
+WORKDIR /app/server
+
+COPY ./server .
+
+RUN npm ci
+
+ENV NODE_ENV production
+
+EXPOSE 3000
+
+ENTRYPOINT ["node", "app.js"]
diff --git a/cookie-clicker/chall.yaml b/cookie-clicker/chall.yaml
@@ -0,0 +1,18 @@
+name: Cookie Clicker
+categories:
+  - webex
+value: 100
+flag: bcactf{Y0u_W3renT_Supp0sE_t0_WIN_123}
+description: |-
+  You need to get 1e20 cookies, hope you have fun clicking!
+authors:
+  - Jack
+visible: false
+hints: []
+files:
+  - src: ./server/provided.js
+    dest: app.js
+deploy:
+  web:
+    build: .
+    expose: 3000/tcp
diff --git a/cookie-clicker/server/app.js b/cookie-clicker/server/app.js
@@ -0,0 +1,69 @@
+const express = require('express')
+const app = express();
+
+const http = require('http').Server(app);
+
+const port = 3000;
+
+const socketIo = require('socket.io');
+const io = socketIo(http);
+
+const { v4 } = require('uuid');
+
+let sessions = {}
+let errors = {}
+
+app.use(express.static(__dirname));
+
+app.get('/', (req, res) => {
+    res.sendFile("./index.html")
+})
+
+io.on('connection', (socket) => {
+    let id = v4();
+    sessions[id] = 0
+    errors[id] = 0
+
+    socket.on('disconnect', () => {
+        console.log('user disconnected');
+    });
+
+    socket.on('chat message', (msg) => {
+        io.emit('chat message', msg);
+    });
+
+    socket.on('receivedError', (msg) => {
+        sessions[id] = errors[id]
+        io.emit('recievedScore', JSON.stringify({"value":sessions[id]}));
+    });
+
+    socket.on('click', (msg) => {
+        let json = JSON.parse(msg)
+
+        if (sessions[id] > 1e20) {
+            console.log("TEST")
+            io.emit('recievedScore', JSON.stringify({"value":"bcactf{Y0u_W3renT_Supp0sE_t0_WIN_123}"}));
+            return;
+        }
+
+        if (json.value != sessions[id]) {
+            io.emit("error", "previous value does not match")
+        }
+
+        let oldValue = sessions[id]
+        let newValue = Math.floor(Math.random() * json.power) + 1 + oldValue
+
+        sessions[id] = newValue
+        io.emit('recievedScore', JSON.stringify({"value":newValue}));
+
+        if (json.power > 10) {
+            io.emit('error', JSON.stringify({"value":oldValue}));
+        }
+
+        errors[id] = oldValue;
+    });
+});
+
+http.listen(port, () => {
+    console.log(`App server listening on ${port}. (Go to http://localhost:${port})`);
+});
diff --git a/cookie-clicker/server/images/cookie.png b/cookie-clicker/server/images/cookie.png
diff --git a/cookie-clicker/server/index.html b/cookie-clicker/server/index.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Cookie Clicker</title>
+
+    <link rel="stylesheet" href="/styles/index.css">
+</head>
+<body>
+    <h1>Points: <span class="points"></span></h1>
+    <div class="cookie">
+        <img src="/images/cookie.png" alt="">
+    </div>
+
+    <script src="https://cdn.socket.io/4.7.5/socket.io.min.js" integrity="sha384-2huaZvOR9iDzHqslqwpR87isEmrfxqyWOF7hr7BY6KG0+hVKLoEXMPUJw3ynWuhO" crossorigin="anonymous"></script>
+    <script src="/scripts/index.js"></script>
+</body>
+</html>