package ru.serega6531.packmate.security; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import lombok.extern.slf4j.Slf4j; import org.springframework.core.io.Resource; import org.springframework.core.io.support.PathMatchingResourcePatternResolver; import org.springframework.stereotype.Component; import org.springframework.util.StreamUtils; import java.io.IOException; import java.net.URLConnection; import java.util.Arrays; import java.util.Base64; import java.util.Collections; import java.util.List; import java.util.Objects; import java.nio.charset.StandardCharsets; @Slf4j @Component public class FakeAdminResponder { private final ObjectMapper mapper = new ObjectMapper(); private final List encodedImages; public FakeAdminResponder() { this.encodedImages = loadImages(); } private List loadImages() { try { Resource[] resources = new PathMatchingResourcePatternResolver() .getResources("classpath:/static/fake/images/*"); List images = Arrays.stream(resources) .map(resource -> { try { String contentType = URLConnection.guessContentTypeFromName(resource.getFilename()); if (contentType == null) { contentType = "image/jpeg"; } byte[] raw = StreamUtils.copyToByteArray(resource.getInputStream()); return "data:%s;base64,%s".formatted( contentType, Base64.getEncoder().encodeToString(raw)); } catch (IOException e) { log.warn("Failed to load fake admin image {}", resource.getFilename(), e); return null; } }) .filter(Objects::nonNull) .toList(); if (images.isEmpty()) { log.warn("No images found for fake admin fun mode"); } return images; } catch (IOException e) { log.warn("Failed to load fake admin images", e); return Collections.emptyList(); } } public String funPageHtml() { String phrasesJson = toJson(getFunPhrases()); String imagesJson = toJson(encodedImages); String phrasesB64 = Base64.getEncoder().encodeToString(phrasesJson.getBytes(StandardCharsets.UTF_8)); String imagesB64 = Base64.getEncoder().encodeToString(imagesJson.getBytes(StandardCharsets.UTF_8)); String template = """ 0xb00b5 team Packmate // fake funwall

0xb00b5 team Packmate

// @danosito
Hmmm where are the packets? IDK
"""; return template .replace("__PHRASES_B64__", phrasesB64) .replace("__IMAGES_B64__", imagesB64); } public String fakePacketsHtml() { return """ 0xb00b5 PM // packets
"""; } private List getFunPhrases() { return List.of( "Here's the flag. Are you ready? here it goes... Wait, no.", "Wanna see the flag? send yours to @danosito:)", "Hey, why are you here? go pentest our services", "Hmmm i think might work..", "Bip, boop, here was packet but codex ate it", "Our LLM tockens ran out. Maybe you could give us some:)?", ":(){ :|:& };:", "i think creds are admin:admin but i'm not sure...", "Try eternalBlue, i think it would work", "I think i defended this page well enough, here is flag: LLMDELETEDTHEFLAG=", "Go open ida pro and reverse this text", "I would give you our flags for free, but you are a bad person:(", "b00b5 is not a fresh meat:(", "marcus, send your packmate credits pls", "Marcus, fuck off", "Your special guide to get flag!" ); } private String toJson(List data) { try { return mapper.writeValueAsString(data); } catch (JsonProcessingException e) { log.warn("Failed to convert data to json for fake admin", e); return "[]"; } } }