From 63d86fc92a9ddf3f28f90eef2ba2033256b31650 Mon Sep 17 00:00:00 2001
From: Nano <nanoapezlk@gmail.com>
Date: Sat, 24 Sep 2022 01:01:15 +0800
Subject: [PATCH] fix(leet): Remove symbols from LeetDictionary (#43)

* fix(leet): Remove symbols from LeetDictionary

* Use dictionary initializer and minor enhancement

* Dispose SHA256 eagerly

* wip: add more items to charmap

* wip: update placeholder

Co-authored-by: Steve <hez2010@outlook.com>
Co-authored-by: GZTime <Time.GZ@outlook.com>
---
 GZCTF/CTFServer.csproj                        |  2 +-
 .../src/components/ChallengeDetailModal.tsx   | 33 ++++++++++++++++++-
 GZCTF/Repositories/FileRepository.cs          |  7 ++--
 GZCTF/Utils/Codec.cs                          | 28 ++++++++--------
 4 files changed, 50 insertions(+), 20 deletions(-)

diff --git a/GZCTF/CTFServer.csproj b/GZCTF/CTFServer.csproj
index 5fde4ae36..2a0b77c14 100644
--- a/GZCTF/CTFServer.csproj
+++ b/GZCTF/CTFServer.csproj
@@ -25,7 +25,7 @@
   <ItemGroup>
     <PackageReference Include="AspNetCoreRateLimit" Version="4.0.2" />
     <PackageReference Include="Docker.DotNet" Version="3.125.12" />
-    <PackageReference Include="KubernetesClient" Version="8.0.68" />
+    <PackageReference Include="KubernetesClient" Version="9.0.25" />
     <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.9" />
     <PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.Json" Version="6.0.9" />
     <PackageReference Include="Microsoft.AspNetCore.SpaProxy" Version="6.0.9" />
diff --git a/GZCTF/ClientApp/src/components/ChallengeDetailModal.tsx b/GZCTF/ClientApp/src/components/ChallengeDetailModal.tsx
index a0256b333..6c8fc28e1 100644
--- a/GZCTF/ClientApp/src/components/ChallengeDetailModal.tsx
+++ b/GZCTF/ClientApp/src/components/ChallengeDetailModal.tsx
@@ -28,6 +28,7 @@ import { useTypographyStyles } from '@Utils/useTypographyStyles'
 import api, { AnswerResult, ChallengeType } from '@Api'
 import { ChallengeTagItemProps } from '../utils/ChallengeItem'
 import MarkdownRender from './MarkdownRender'
+import { useRef } from 'react'
 
 interface ChallengeDetailModalProps extends ModalProps {
   gameId: number
@@ -60,6 +61,30 @@ const Countdown: FC<{ time: string }> = ({ time }) => {
   )
 }
 
+const FlagPlaceholders: string[] = [
+  '横看成岭侧成峰，flag 高低各不同',
+  'flag 当关，万夫莫开',
+  '寻寻觅觅，冷冷清清，flag 惨惨戚戚',
+  '问君能有几多愁？恰似一江 flag 向东流',
+  '人生得意须尽欢，莫使 flag 空对月',
+  '汉皇重色思 flag，御宇多年求不得',
+  'flag 几时有？把酒问青天',
+  '羽扇纶巾，谈笑间，flag 灰飞烟灭',
+  '浊酒一杯家万里，flag 未勒归无计',
+  '孤帆远影碧空尽，唯见 flag 天际流',
+  '安得 flag 千万间，大庇天下 ctfer 俱欢颜！',
+  '两个黄鹂鸣翠柳，一行 flag 上青天',
+  'flag 一场大梦，人生几度秋凉？',
+  '剪不断，理还乱，是 flag',
+  '蓦然回首，flag 却在，灯火阑珊处',
+  '稻花香里说丰年，听取 flag 一片',
+  '采菊东篱下，悠然见 flag',
+  '不畏 flag 遮望眼，自缘身在最高层',
+  '便纵有千种 flag，更与何人说？',
+  '人生自古谁无死？留取 flag 照汗青',
+  '借问 flag 何处有？牧童遥指杏花村'
+]
+
 const ChallengeDetailModal: FC<ChallengeDetailModalProps> = (props) => {
   const { gameId, challengeId, tagData, title, score, solved, ...modalProps } = props
   const [downloadOpened, { close: downloadClose, open: downloadOpen }] = useDisclosure(false)
@@ -234,6 +259,12 @@ const ChallengeDetailModal: FC<ChallengeDetailModalProps> = (props) => {
     }
   }
 
+  const placeholder = useRef('')
+
+  if (props.opened) {
+    placeholder.current = FlagPlaceholders[Math.floor(Math.random() * FlagPlaceholders.length)]
+  }
+
   return (
     <Modal
       {...modalProps}
@@ -372,7 +403,7 @@ const ChallengeDetailModal: FC<ChallengeDetailModalProps> = (props) => {
         ) : (
           <form onSubmit={onSubmit}>
             <TextInput
-              placeholder="flag{...}"
+              placeholder={placeholder.current}
               value={flag}
               onChange={setFlag}
               styles={{
diff --git a/GZCTF/Repositories/FileRepository.cs b/GZCTF/Repositories/FileRepository.cs
index 6718fa542..a5cb502f9 100644
--- a/GZCTF/Repositories/FileRepository.cs
+++ b/GZCTF/Repositories/FileRepository.cs
@@ -30,8 +30,9 @@ public async Task<LocalFile> CreateOrUpdateFile(IFormFile file, string? fileName
         await file.CopyToAsync(tmp, token);
 
         tmp.Position = 0;
-        var hash = await SHA256.Create().ComputeHashAsync(tmp, token);
-        var fileHash = BitConverter.ToString(hash).Replace("-", "").ToLower();
+        using SHA256 sha256 = SHA256.Create();
+        var hash = await sha256.ComputeHashAsync(tmp, token); // TODO: change to use SHA256.HashDataAsync in .NET 7
+        var fileHash = BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
 
         var localFile = await GetFileByHash(fileHash, token);
 
@@ -110,4 +111,4 @@ public async Task<TaskStatus> DeleteFileByHash(string fileHash, CancellationToke
 
     public Task<List<LocalFile>> GetFiles(int count, int skip, CancellationToken token = default)
         => context.Files.OrderBy(e => e.Name).Skip(skip).Take(count).ToListAsync(token);
-}
\ No newline at end of file
+}
diff --git a/GZCTF/Utils/Codec.cs b/GZCTF/Utils/Codec.cs
index c32343dda..6a38c062e 100644
--- a/GZCTF/Utils/Codec.cs
+++ b/GZCTF/Utils/Codec.cs
@@ -79,12 +79,12 @@ public static class Leet
     {
         private readonly static Dictionary<char, string> CharMap = new()
         {
-            { 'A', "Aa4@" }, { 'B', "Bb68" }, { 'C', "Cc" }, { 'D', "Dd" }, { 'E', "Ee3" }, { 'F', "Ff1" },
-            { 'G', "Gg69" }, { 'H', "Hh" }, { 'I', "Ii1l!" }, { 'J', "Jj" }, { 'K', "Kk" }, { 'L', "Ll1I" },
-            { 'M', "Mm" }, { 'N', "Nn" }, { 'O', "Oo0" }, { 'P', "Pp" }, { 'Q', "Qq9" }, { 'R', "Rr" },
-            { 'S', "Ss5$" }, { 'T', "Tt7" }, { 'U', "Uu" }, { 'V', "Vv" }, { 'W', "Ww" }, { 'X', "Xx" },
-            { 'Y', "Yy" }, { 'Z', "Zz2" }, { '0', "0oO" }, { '1', "1!lI" }, { '2', "2zZ" }, { '3', "3eE" },
-            { '4', "4aA" }, { '5', "5Ss" }, { '6', "6G" }, { '9', "9g" }
+            ['A'] = "Aa4", ['B'] = "Bb68", ['C'] = "Cc", ['D'] = "Dd", ['E'] = "Ee3", ['F'] = "Ff1",
+            ['G'] = "Gg69", ['H'] = "Hh", ['I'] = "Ii1l", ['J'] = "Jj", ['K'] = "Kk", ['L'] = "Ll1I",
+            ['M'] = "Mm", ['N'] = "Nn", ['O'] = "Oo0", ['P'] = "Pp", ['Q'] = "Qq9", ['R'] = "Rr",
+            ['S'] = "Ss5", ['T'] = "Tt7", ['U'] = "Uu", ['V'] = "Vv", ['W'] = "Ww", ['X'] = "Xx",
+            ['Y'] = "Yy", ['Z'] = "Zz2", ['0'] = "0oO", ['1'] = "1lI", ['2'] = "2zZ", ['3'] = "3eE",
+            ['4'] = "4aA", ['5'] = "5Ss", ['6'] = "6Gb", ['7'] = "7T", ['8'] = "8bB", ['9'] = "9g"
         };
 
         public static double LeetEntropy(string flag)
@@ -118,7 +118,7 @@ public static string LeetFlag(string original)
                     doLeet = false;
                 else if (doLeet && CharMap.TryGetValue(char.ToUpperInvariant(c), out string? table) && table is not null)
                 {
-                    var nc = table.ElementAt(random.Next(table.Length));
+                    var nc = table[random.Next(table.Length)];
                     sb.Append(nc);
                     continue;
                 }
@@ -160,7 +160,7 @@ public static string RandomPassword(int length)
     public static string BytesToHex(byte[] bytes, bool useLower = true)
     {
         string output = BitConverter.ToString(bytes).Replace("-", "");
-        return useLower ? output.ToLower() : output.ToUpper();
+        return useLower ? output.ToLowerInvariant() : output.ToUpperInvariant();
     }
 
     /// <summary>
@@ -222,8 +222,7 @@ public static string Reverse(string s)
     /// <returns></returns>
     public static string StrMD5(string str, bool useBase64 = false)
     {
-        MD5 md5 = MD5.Create();
-        byte[] output = md5.ComputeHash(Encoding.Default.GetBytes(str));
+        byte[] output = MD5.HashData(Encoding.Default.GetBytes(str));
         if (useBase64)
             return Convert.ToBase64String(output);
         else
@@ -238,8 +237,7 @@ public static string StrMD5(string str, bool useBase64 = false)
     /// <returns></returns>
     public static string StrSHA256(string str, bool useBase64 = false)
     {
-        SHA256 sha256 = SHA256.Create();
-        byte[] output = sha256.ComputeHash(Encoding.Default.GetBytes(str));
+        byte[] output = SHA256.HashData(Encoding.Default.GetBytes(str));
         if (useBase64)
             return Convert.ToBase64String(output);
         else
@@ -252,7 +250,7 @@ public static string StrSHA256(string str, bool useBase64 = false)
     /// <param name="str">原始字符串</param>
     /// <returns></returns>
     public static byte[] BytesMD5(string str)
-        => MD5.Create().ComputeHash(Encoding.Default.GetBytes(str));
+        => MD5.HashData(Encoding.Default.GetBytes(str));
 
     /// <summary>
     /// 获取SHA256哈希字节摘要
@@ -260,5 +258,5 @@ public static byte[] BytesMD5(string str)
     /// <param name="str">原始字符串</param>
     /// <returns></returns>
     public static byte[] BytesSHA256(string str)
-        => SHA256.Create().ComputeHash(Encoding.Default.GetBytes(str));
-}
\ No newline at end of file
+        => SHA256.HashData(Encoding.Default.GetBytes(str));
+}