shellphish · Lukas-Dresel · Aug 22, 2022 · Aug 22, 2022
diff --git a/ares/docker/logs_register_teams_services.txt b/ares/docker/logs_register_teams_services.txt
diff --git a/database/api/brand_new_scoring.py b/database/api/brand_new_scoring.py
@@ -58,10 +58,10 @@ def scores_get(tick_id=None):
 
     if tick_id is None:
         tick_id, _, _, _ = get_current_tick(cursor=mysql.cursor())
-    scores_new = scoring.get_scores_for_tick(tick_id - 1)
+    scores_new = scoring.get_scores_for_tick((tick_id - 1) if tick_id > 0 else 0)
 
     if scores_new != scores_old:
         print("OLD: {}" + str(scores_old))
         print("NEW: {}" + str(scores_new))
 
-    return json.dumps({"scores": scores_new})
+    return json.dumps({"scores": scores_new})
diff --git a/database/provisioning/create_services.py b/database/provisioning/create_services.py
@@ -20,7 +20,11 @@ def register_service(db_api_url_base, db_secret, service_name, service_info):
 
     result = requests.post(db_api_url_base + "/upload/new", data=data, params={'secret': db_secret})
 
-    response = result.json()
+    try:
+        response = result.json()
+    except Exception as ex:
+        raise Exception("Invalid JSON returned from /upload/new endpoint: {}".format(result.content)) from ex
+    #response = result.json()
 
     if response['result'] == 'success':
         # print("successfully uploaded bundle")
@@ -47,7 +51,7 @@ def register_service(db_api_url_base, db_secret, service_name, service_info):
                     script_type = os.path.basename(script)
 
                     if script_type in {'setflag', 'getflag', 'benign', 'exploit'}:
-                        print (f"Uploading script {filename} [{script_type}]")
+                        print (f"Uploading script {script} [{script_type}]")
                         data = {"upload_id": upload_id, "filename": script, "type": script_type,
                                 "state":     service_info['state'], "service_id": service_id}
                         result = requests.post(db_api_url_base + "/script/new", data=data, params={'secret': db_secret})
@@ -71,7 +75,7 @@ def create_service(db_api_url_base, db_secret, service_path, service_state):
     service_yaml = os.path.abspath(os.path.join(service_path, './info.yaml'))
     if not os.path.isfile(service_yaml):
         raise Exception("Could not find service file for %s, tried %s. Skipping." % (service_path, service_yaml))
-    service_info = yaml.load(open(service_yaml, 'r'))
+    service_info = yaml.load(open(service_yaml, 'r'), Loader=yaml.Loader)
 
     # Check that the service path matches the name in info.yaml
 

diff --git a/database/provisioning/create_teams.py b/database/provisioning/create_teams.py
@@ -6,6 +6,7 @@
 import string
 import yaml
 import json
+import time
 
 rnd = random.SystemRandom()
 
@@ -91,6 +92,8 @@ def add_teams_info(db_api_base_url, db_secret, game_config):
 
 
 if __name__== "__main__":
+    print("Waiting for database container to finish startup.")
+    time.sleep(10)
     game_config = json.load(open(sys.argv[2], 'r'))
     db_api = sys.argv[1] # passed from terraform script
     database_api_secret_path = SECRETS_FOLDER+"database-api/secret"
@@ -102,10 +105,3 @@ def add_teams_info(db_api_base_url, db_secret, game_config):
         add_teams_info('http://' + db_api, db_secret, game_config)
     else:
         raise Exception("Missing database secrets!")
-
-
-
-
-
-
-
diff --git a/database/requirements.txt b/database/requirements.txt
@@ -7,7 +7,7 @@ ndg-httpsclient
 pyasn1
 setuptools-rust
 wheel
-Flask==0.12.2
+Flask==2.2.2
 uWSGI==2.0.15
 PyYAML==3.12
 boto3==1.4.8

diff --git a/gamebot/scripts_facade.py b/gamebot/scripts_facade.py
@@ -224,7 +224,7 @@ def update_scripts_to_run(self, tick_id, num_benign, num_exploit, num_get_flags)
                     benign_scripts.extend(list(random.choice(non_exploit_scripts[curr_service]["benign"])
                                           for _ in range(num_benign)))
                 # Get all exploit scripts for this service, not submitted from current team
-                curr_service_exploit_script.extend(value[curr_service]["exploit"] for key, value in exploit_scripts.iteritems()
+                curr_service_exploit_script.extend(value[curr_service]["exploit"] for key, value in exploit_scripts.items()
                                                    if key != curr_team and (curr_service in value))
                 # Flatten the list
                 curr_service_exploit_script = flatten_list(curr_service_exploit_script)