Skip to content

Commit

Permalink
Merge pull request #5 from r4ulcl/dev
Browse files Browse the repository at this point in the history 
Merge dev into main for v2.0.4 release
  • Loading branch information
@r4ulcl
r4ulcl authored Jul 24, 2024
2 parents a68e994 + 41dc109 commit 70eee6d
Show file tree
Hide file tree
Showing 42 changed files with 765 additions and 6,500 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/docker-image-aps-dev.yml
100644 → 100755
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,6 @@ jobs:
uses: docker/build-push-action@v2
with:
context: ./APs
platforms: linux/amd64
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/wifichallengelab-aps:dev
9 changes: 1 addition & 8 deletions .github/workflows/docker-image-aps.yml
100644 → 100755
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,6 @@ name: Docker Image CI APs

on:
push:
branches:
- 'master'
tags:
- 'v*'
pull_request:
branches:
- 'master'
tags:
- 'v*'

Expand Down Expand Up @@ -42,7 +35,7 @@ jobs:
uses: docker/build-push-action@v2
with:
context: ./APs
platforms: linux/amd64
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
2 changes: 1 addition & 1 deletion .github/workflows/docker-image-clients-dev.yml
100644 → 100755
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,6 @@ jobs:
uses: docker/build-push-action@v2
with:
context: ./Clients
platforms: linux/amd64
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/wifichallengelab-clients:dev
9 changes: 1 addition & 8 deletions .github/workflows/docker-image-clients.yml
100644 → 100755
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,6 @@ name: Docker Image CI Clients

on:
push:
branches:
- 'master'
tags:
- 'v*'
pull_request:
branches:
- 'master'
tags:
- 'v*'

Expand Down Expand Up @@ -42,7 +35,7 @@ jobs:
uses: docker/build-push-action@v2
with:
context: ./Clients
platforms: linux/amd64
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
232 changes: 137 additions & 95 deletions APs/config/html/index.php
View file
Original file line number Diff line number Diff line change
@@ -1,120 +1,158 @@
<?php session_start(); /* Starts the session */
if(!isset($_SESSION['UserData']['Username'])){
header("location:login.php");
exit;
if (!isset($_SESSION['UserData']['Username'])) {
header("location:login.php");
exit;
}
?>

<?php
echo "Welcome ", $_SESSION["Username"];
echo "<br><br>";
echo "<br><br>";
<!DOCTYPE html>
<html>

if ($_SESSION["Username"] == "GLOBAL\GlobalAdmin") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.8.') !== false) { //only TLS
echo "flag{B7OXb7KhFHQCz6WHUMf2}";
} else {
echo "Your Princess Is in Another Castle!";
<head>
<title>WiFi Router Configuration</title>
<link rel="stylesheet" href="style.css">
</head>

<body>

<?php
echo "Welcome ", $_SESSION["Username"];
echo "<br><br>";
echo "<br><br>";

if ($_SESSION["Username"] == "GLOBAL\GlobalAdmin") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.8.') !== false) { //only TLS
echo "flag{948e68a05011d8733b6e80300538c6abcdc20ebd}";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}

if ($_SESSION["Username"] == "CONTOSO\Administrator") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT
echo "flag{RgDOC9yrcRHMAKxgK1PJ}";
} else {
echo "Your Princess Is in Another Castle!";
if ($_SESSION["Username"] == "CONTOSO\Administrator") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT 1
echo "flag{04e474a4826cf10ba9f60da7ce07105ea2716aac}";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.6.') !== false) { //only MGT 2
echo "flag{04e474a4826cf10ba9f60da7ce07105ea2716aac}";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}

if ($_SESSION["Username"] == "admin") {
if ($_SESSION["Username"] == "admin") {


if (strpos($_SERVER['REMOTE_ADDR'], '192.168.6.') !== false) { //only MGT Relay
echo "Hello";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.1.') !== false) { //only HIDDEN
echo "flag{iAYcxpe6N2A98zhglx6E}";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.3.') !== false) { //only WPS
echo "flag{KD5TaejRFIDgIQwjgUfB}";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.16.') !== false) { //only WPS
echo "flag{W5ri9DXRJZCTBpFFxXBM}";
} else {
echo "No FLAG, try logging in with another user ;)";

if (strpos($_SERVER['REMOTE_ADDR'], '192.168.6.') !== false) { //only MGT Relay
echo "Hello";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.1.') !== false) { //only wep
echo "flag{c342fe657870020a1b164f2075f447564fdd1c3d}";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.3.') !== false) { //only WPS
echo "flag{850e63f13f6c5e9a423670671a08b912c78fadc9}";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.16.') !== false) { //only WPS
echo "flag{680efaa62f7e953c24667285173711bc6bb6d3ff}";
} else {
echo "No FLAG, try logging in with another user ;)";
}
}
}

#ALL: and strpos($_SERVER['REMOTE_ADDR'], '192.168.X.') !== false to only use users in each network
#ALL: and strpos($_SERVER['REMOTE_ADDR'], '192.168.X.') !== false to only use users in each network

if ($_SESSION["Username"] == "CONTOSO\juan.tr") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT
echo "flag{3407a6e0ad77965731da8357c4270ecce8b642e4}";
echo "<br><br>";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.6.') !== false) { //only MGT 2
echo "flag{3407a6e0ad77965731da8357c4270ecce8b642e4}";
echo "<br><br>";
} else {
echo "Your Princess Is in Another Castle!";
}
}

if ($_SESSION["Username"] == "CONTOSO\juan.tr") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT
echo "flag{hGDSm8oltjM9q217iJYu}";
echo "<br><br>";
} else {
echo "Your Princess Is in Another Castle!";
if ($_SESSION["Username"] == 'CONTOSO\test') {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT 1
echo "flag{14ddfbfcc90f80bd40287537d19b0aefdb5a0058}";
echo "<br><br>";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.6.') !== false) { //only MGT 2
echo "flag{14ddfbfcc90f80bd40287537d19b0aefdb5a0058}";
echo "<br><br>";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}

if ($_SESSION["Username"] == "test1") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.2.') !== false) { //only PSK
echo "flag{feL9kV3oMemAJiEDQLBA}";
} else {
echo "Your Princess Is in Another Castle!";
if ($_SESSION["Username"] == 'CONTOSO\ftp') {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT
echo "flag{004b3aef9bbbf24cdd55a4e13e384a40dc996848}";
echo "<br><br>";
} elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.6.') !== false) { //only MGT 2
echo "flag{004b3aef9bbbf24cdd55a4e13e384a40dc996848}";
echo "<br><br>";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}

if ($_SESSION["Username"] == "test2") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.2.') !== false) { //only PSK
echo "flag{feL9kV3oMemAJiEDQLBA}";
} else {
echo "Your Princess Is in Another Castle!";
if ($_SESSION["Username"] == "test1") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.2.') !== false) { //only PSK
echo "flag{2d5931f342c034a7e9d69f97fe23d13121898bc8}";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}

if ($_SESSION["Username"] == "free1") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.10.') !== false) { //only OPN
echo "flag{2VphtQyGxsHmRoxGV05a}";
} else {
echo "Your Princess Is in Another Castle!";
if ($_SESSION["Username"] == "test2") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.2.') !== false) { //only PSK
echo "flag{2d5931f342c034a7e9d69f97fe23d13121898bc8}";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}

if ($_SESSION["Username"] == "free2") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.10.') !== false) { //only OPN
echo "flag{2VphtQyGxsHmRoxGV05a}";
} else {
echo "Your Princess Is in Another Castle!";
if ($_SESSION["Username"] == "free1") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.10.') !== false) { //only OPN
echo "flag{561004e3f4fd9fe640ecc0c411ac3129a4e08629}";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}

if ($_SESSION["Username"] == "anon1") {
# NO AP LOGIN
echo "flag{b7UP2psiy5LJiShuFZGD}";
}
if ($_SESSION["Username"] == "free2") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.10.') !== false) { //only OPN
echo "flag{561004e3f4fd9fe640ecc0c411ac3129a4e08629}";
} else {
echo "Your Princess Is in Another Castle!";
}
}

if ($_SESSION["Username"] == "administrator") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.1.') !== false) { //only WEP
echo "flag{g9Ywbxflpye7P0sVAgRQ}";
} else {
echo "Your Princess Is in Another Castle!";
if ($_SESSION["Username"] == "anon1") {
# NO AP LOGIN
echo "flag{2f0ca3e56d79b7ece0b881e4f501a238bd23705d}";
}
}

#relay user
if ($_SESSION["Username"] == "CONTOSOREG\luis.da") { # RELAY
echo "flag{NBLvyxgwckKnyGup6HNj}";
echo "<br><br>";
echo "<br><br>";
}
if ($_SESSION["Username"] == "administrator") {
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.1.') !== false) { //only WEP
echo "flag{c342fe657870020a1b164f2075f447564fdd1c3d}";
} else {
echo "Your Princess Is in Another Castle!";
}
}

if ($_SESSION["Username"] == "CORPO\god") { # RELAY creds stolen in responder in regional network
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.7.') !== false) { //only WEP
echo "flag{3v1GXNkW0dh3T57ppoP1}";
echo "<br><br>";
echo "<br><br>";
#relay user
if ($_SESSION["Username"] == "CONTOSOREG\luis.da") { # RELAY
echo "flag{3ddc7691df2591decd6ae75b30c4b917cedf6bd2}";
echo "<br><br>";
echo "AP CONFIG:";
echo "<br><br>";
echo "
}

if ($_SESSION["Username"] == "CORPO\god") { # RELAY creds stolen in responder in regional network
if (strpos($_SERVER['REMOTE_ADDR'], '192.168.7.') !== false) { //only WEP
echo "flag{04b15d196d8a89d1fd32e75dafcdcfd43e1b4588}";
echo "<br><br>";
echo "<br><br>";
echo "<br><br>";
echo "AP CONFIG:";
echo "<br><br>";
echo "
eap_user_file=/root/mgt/hostapd_wpe.eap_user<br>
ca_cert=/root/mgt/certs/ca.crt<br>
server_cert=/root/mgt/certs/server.crt<br>
Expand All @@ -125,17 +163,21 @@
# 802.11 Options<br>
ssid=wifi-corp<br>
channel=6<br>";
echo "Certificate Authority: <a href=\"/.internalCA/\"> http://", $_SERVER['SERVER_ADDR'], "/.internalCA/ </a>";
} else {
echo "Your Princess Is in Another Castle!";
echo "Certificate Authority: <a href=\"/.internalCA/\"> http://", $_SERVER['SERVER_ADDR'], "/.internalCA/ </a>";
} else {
echo "Your Princess Is in Another Castle!";
}
}
}




echo "<br><br>";
echo "<br><br>";
?>
echo "<br><br>";
echo "<br><br>";
?>

Congratulation! You have logged into password protected page. <a href="logout.php">Click here</a> to Logout.

</body>

Congratulation! You have logged into password protected page. <a href="logout.php">Click here</a> to Logout.
</html>
32 changes: 23 additions & 9 deletions APs/config/html/lab.php
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,30 @@
<?php session_start(); /* Starts the session */
if(!isset($_SESSION['UserData']['Username'])){
header("location:login.php");
exit;
if (!isset($_SESSION['UserData']['Username'])) {
header("location:login.php");
exit;
}
?>

<?php
echo "Welcome ", $_SESSION["Username"];
echo "<br><br>";
echo "<br><br>";

?>
<!DOCTYPE html>
<html>

<head>
<title>WiFi Router Configuration</title>
<link rel="stylesheet" href="style.css">
</head>

<body>

<?php
echo "Welcome ", $_SESSION["Username"];
echo "<br><br>";
echo "<br><br>";

?>

Congratulation! You have logged into password protected page. <a href="index.php">Click here</a> to go to index.php to get the flag.

Congratulation! You have logged into password protected page. <a href="index.php">Click here</a> to go to index.php to get the flag.
</body>

</html>
Loading

0 comments on commit 70eee6d

Please sign in to comment.