README.md 2.53 KB
Newer Older
awe's avatar
awe committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# W3-BoT

`W3-BoT` is the W3Challs IRC bot, running on `irc.w3challs.com/6697#w3challs`
It tries to be modular enough to allow easy add/remove of modules.
W3-BoT is highly threaded, it is able to:
- connect to multiple servers
- join multiple channels
- execute multiple commands at the time for each server
- execute "slow" commands that may take minutes to finish

## Plugins

The following categories of modules can be implemented :
* **Plugins** in the `plugins/<category>` directories
  * Those are called by the `!<plugin> {<arg>, ...}` commands on channels or private messages with the bot
  * They are automatically loaded, and can be reloaded with `!reload`
  * You can get more information about a command with `!help command` (command usage) and `!man command` (short description)
* **Hooks** in the `hook/mods-enabled/` directory
  * Those are callbacks called upon every line received by the bot (_ex_: prints the youtube details if a youtube link is discovered)
  * Just do a symlink from `hook/mods-available/<module>.py` to enable the module
* **Cron jobs** in the `cron/mods-enabled/` directory
  * Those are jobs that run every `DELAY` seconds (_ex_: grab the latest tweets)
  * Just do a symlink from `crond/mods-available/<module>.py` to enable the module

## Challenge

There's – at least – one vulnerability in the source code. You have to audit the source code to find it, and then exploit it against `W3-BoT` **IN PRIVATE** on `irc.w3challs.com/6697`.
The BoT is on a secret channel, you have to find it and access it. FYI if you find it without exploiting the bot, you'll not be able to solve.

To solve the challenge, run: `/msg W3-BoT !solve w3-bot <channel_name>:<channel_password>`

Don't be afraid by the size of the code compared to other challs ; be clever and you'll quickly identify the potential attack vectors.

**Please follow the following rules:**
- DO NOT spoil the challenge
- DO NOT DoS the bot, that's not the point
- DO NOT try anything or show anything related to the chall on channels! **Only test your ideas in private with the bot.**
- We provide the source and a `Dockerfile` to get it running easily, use it!
- You DO NOT need to `PRIVMSG` the bot 1000 times or more ;)

## Installation

* You may have to fix the API keys (Twitter, Youtube, ...) in `botconfig.py` if you enabled said modules
* Edit the `configuration.xml` to change the IRC server address, bot nickname, etc.
* Easiest is just to run the bot with Docker:
```bash
$ docker build . -t ircbot:latest
$ docker run --rm -v $PWD:/home/ircbot -it --name ircbot ircbot:latest
```