317 lines
12 KiB
Python
317 lines
12 KiB
Python
"""
|
|
Scoreboard Injector for ForcAD
|
|
Monitors WebSocket for attacks and alerts on critical situations
|
|
"""
|
|
import os
|
|
import json
|
|
import asyncio
|
|
from datetime import datetime, timedelta
|
|
from typing import Optional, Dict, Any
|
|
import aiohttp
|
|
from fastapi import FastAPI, HTTPException, Depends, Header
|
|
from pydantic import BaseModel
|
|
import asyncpg
|
|
from contextlib import asynccontextmanager
|
|
|
|
# Configuration
|
|
DATABASE_URL = os.getenv("DATABASE_URL", "postgresql://adctrl:adctrl@postgres:5432/adctrl")
|
|
SECRET_TOKEN = os.getenv("SECRET_TOKEN", "change-me-in-production")
|
|
SCOREBOARD_WS_URL = os.getenv("SCOREBOARD_WS_URL", "ws://scoreboard:8080/api/events")
|
|
OUR_TEAM_ID = int(os.getenv("OUR_TEAM_ID", "1"))
|
|
ALERT_THRESHOLD_POINTS = float(os.getenv("ALERT_THRESHOLD_POINTS", "100"))
|
|
ALERT_THRESHOLD_TIME = int(os.getenv("ALERT_THRESHOLD_TIME", "300")) # seconds
|
|
TELEGRAM_API_URL = os.getenv("TELEGRAM_API_URL", "http://tg-bot:8003/send")
|
|
|
|
# Database pool
|
|
db_pool = None
|
|
ws_task = None
|
|
|
|
class AttackStats(BaseModel):
|
|
total_attacks: int
|
|
attacks_by_us: int
|
|
attacks_to_us: int
|
|
recent_attacks: int
|
|
critical_alerts: int
|
|
|
|
# Auth dependency
|
|
async def verify_token(authorization: str = Header(None)):
|
|
if not authorization or not authorization.startswith("Bearer "):
|
|
raise HTTPException(status_code=401, detail="Missing or invalid authorization header")
|
|
|
|
token = authorization.replace("Bearer ", "")
|
|
if token != SECRET_TOKEN:
|
|
raise HTTPException(status_code=403, detail="Invalid token")
|
|
return token
|
|
|
|
# Database functions
|
|
async def get_db():
|
|
return await db_pool.acquire()
|
|
|
|
async def release_db(conn):
|
|
await db_pool.release(conn)
|
|
|
|
async def process_attack_event(event: Dict[str, Any]):
|
|
"""Process attack event from scoreboard"""
|
|
conn = await db_pool.acquire()
|
|
try:
|
|
# Extract attack information from event
|
|
# Adjust fields based on actual ForcAD event structure
|
|
attack_id = event.get('id') or f"{event.get('round')}_{event.get('attacker_id')}_{event.get('victim_id')}_{event.get('service')}"
|
|
attacker_id = event.get('attacker_id') or event.get('team_id')
|
|
victim_id = event.get('victim_id') or event.get('target_id')
|
|
service_name = event.get('service') or event.get('service_name')
|
|
flag = event.get('flag', '')
|
|
timestamp = datetime.fromisoformat(event.get('time', datetime.utcnow().isoformat()))
|
|
points = float(event.get('points', 0))
|
|
|
|
is_our_attack = attacker_id == OUR_TEAM_ID
|
|
is_attack_to_us = victim_id == OUR_TEAM_ID
|
|
|
|
# Store attack in database
|
|
await conn.execute("""
|
|
INSERT INTO attacks (attack_id, attacker_team_id, victim_team_id, service_name, flag, timestamp, points, is_our_attack, is_attack_to_us)
|
|
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
|
|
ON CONFLICT (attack_id) DO NOTHING
|
|
""", attack_id, attacker_id, victim_id, service_name, flag, timestamp, points, is_our_attack, is_attack_to_us)
|
|
|
|
# Check for alert conditions if attack is against us
|
|
if is_attack_to_us:
|
|
await check_and_create_alerts(conn, attacker_id, service_name)
|
|
|
|
finally:
|
|
await db_pool.release(conn)
|
|
|
|
async def check_and_create_alerts(conn, attacker_id: int, service_name: str):
|
|
"""Check if we should create an alert for attacks against us"""
|
|
threshold_time = datetime.utcnow() - timedelta(seconds=ALERT_THRESHOLD_TIME)
|
|
|
|
# Check total points lost from this attacker in threshold time
|
|
result = await conn.fetchrow("""
|
|
SELECT COUNT(*) as attack_count, COALESCE(SUM(points), 0) as total_points
|
|
FROM attacks
|
|
WHERE is_attack_to_us = true
|
|
AND attacker_team_id = $1
|
|
AND service_name = $2
|
|
AND timestamp > $3
|
|
""", attacker_id, service_name, threshold_time)
|
|
|
|
if result and result['total_points'] >= ALERT_THRESHOLD_POINTS:
|
|
# Create alert
|
|
alert_message = f"CRITICAL: Team {attacker_id} has stolen {result['total_points']:.2f} points from service {service_name} in the last {ALERT_THRESHOLD_TIME}s ({result['attack_count']} attacks)"
|
|
|
|
# Check if we already alerted recently
|
|
recent_alert = await conn.fetchrow("""
|
|
SELECT id FROM attack_alerts
|
|
WHERE alert_type = 'high_point_loss'
|
|
AND message LIKE $1
|
|
AND created_at > $2
|
|
""", f"%Team {attacker_id}%{service_name}%", threshold_time)
|
|
|
|
if not recent_alert:
|
|
alert_id = await conn.fetchval("""
|
|
INSERT INTO attack_alerts (attack_id, alert_type, severity, message)
|
|
VALUES (
|
|
(SELECT id FROM attacks WHERE attacker_team_id = $1 AND service_name = $2 ORDER BY timestamp DESC LIMIT 1),
|
|
'high_point_loss',
|
|
'critical',
|
|
$3
|
|
)
|
|
RETURNING id
|
|
""", attacker_id, service_name, alert_message)
|
|
|
|
# Send to telegram
|
|
await send_telegram_alert(alert_message)
|
|
|
|
# Mark as notified
|
|
await conn.execute("UPDATE attack_alerts SET notified = true WHERE id = $1", alert_id)
|
|
|
|
async def send_telegram_alert(message: str):
|
|
"""Send alert to telegram bot"""
|
|
try:
|
|
async with aiohttp.ClientSession() as session:
|
|
async with session.post(
|
|
TELEGRAM_API_URL,
|
|
json={"message": message},
|
|
headers={"Authorization": f"Bearer {SECRET_TOKEN}"}
|
|
) as resp:
|
|
if resp.status != 200:
|
|
print(f"Failed to send telegram alert: {await resp.text()}")
|
|
except Exception as e:
|
|
print(f"Error sending telegram alert: {e}")
|
|
|
|
async def websocket_listener():
|
|
"""Listen to scoreboard WebSocket for events"""
|
|
while True:
|
|
try:
|
|
async with aiohttp.ClientSession() as session:
|
|
async with session.ws_connect(SCOREBOARD_WS_URL) as ws:
|
|
print(f"Connected to scoreboard WebSocket: {SCOREBOARD_WS_URL}")
|
|
|
|
async for msg in ws:
|
|
if msg.type == aiohttp.WSMsgType.TEXT:
|
|
try:
|
|
event = json.loads(msg.data)
|
|
# Process different event types
|
|
if event.get('type') in ['attack', 'flag_stolen', 'service_status']:
|
|
await process_attack_event(event)
|
|
except json.JSONDecodeError:
|
|
print(f"Failed to decode WebSocket message: {msg.data}")
|
|
except Exception as e:
|
|
print(f"Error processing event: {e}")
|
|
elif msg.type == aiohttp.WSMsgType.ERROR:
|
|
print(f"WebSocket error: {ws.exception()}")
|
|
break
|
|
except Exception as e:
|
|
print(f"WebSocket connection error: {e}")
|
|
print("Reconnecting in 5 seconds...")
|
|
await asyncio.sleep(5)
|
|
|
|
# Lifespan context
|
|
@asynccontextmanager
|
|
async def lifespan(app: FastAPI):
|
|
global db_pool, ws_task
|
|
db_pool = await asyncpg.create_pool(DATABASE_URL, min_size=2, max_size=10)
|
|
|
|
# Start WebSocket listener
|
|
ws_task = asyncio.create_task(websocket_listener())
|
|
|
|
yield
|
|
|
|
# Cleanup
|
|
if ws_task:
|
|
ws_task.cancel()
|
|
try:
|
|
await ws_task
|
|
except asyncio.CancelledError:
|
|
pass
|
|
|
|
await db_pool.close()
|
|
|
|
app = FastAPI(title="Scoreboard Injector", lifespan=lifespan)
|
|
|
|
# API Endpoints
|
|
@app.get("/health")
|
|
async def health_check():
|
|
return {"status": "ok", "timestamp": datetime.utcnow().isoformat()}
|
|
|
|
@app.get("/stats", dependencies=[Depends(verify_token)])
|
|
async def get_stats():
|
|
"""Get attack statistics"""
|
|
conn = await get_db()
|
|
try:
|
|
total = await conn.fetchval("SELECT COUNT(*) FROM attacks")
|
|
attacks_by_us = await conn.fetchval("SELECT COUNT(*) FROM attacks WHERE is_our_attack = true")
|
|
attacks_to_us = await conn.fetchval("SELECT COUNT(*) FROM attacks WHERE is_attack_to_us = true")
|
|
|
|
threshold_time = datetime.utcnow() - timedelta(minutes=5)
|
|
recent = await conn.fetchval("SELECT COUNT(*) FROM attacks WHERE timestamp > $1", threshold_time)
|
|
|
|
critical_alerts = await conn.fetchval(
|
|
"SELECT COUNT(*) FROM attack_alerts WHERE severity = 'critical' AND created_at > $1",
|
|
threshold_time
|
|
)
|
|
|
|
return {
|
|
"total_attacks": total,
|
|
"attacks_by_us": attacks_by_us,
|
|
"attacks_to_us": attacks_to_us,
|
|
"recent_attacks_5min": recent,
|
|
"critical_alerts_5min": critical_alerts
|
|
}
|
|
finally:
|
|
await release_db(conn)
|
|
|
|
@app.get("/attacks", dependencies=[Depends(verify_token)])
|
|
async def get_attacks(limit: int = 100, our_attacks: Optional[bool] = None, attacks_to_us: Optional[bool] = None):
|
|
"""Get recent attacks"""
|
|
conn = await get_db()
|
|
try:
|
|
query = "SELECT * FROM attacks WHERE 1=1"
|
|
params = []
|
|
param_count = 0
|
|
|
|
if our_attacks is not None:
|
|
param_count += 1
|
|
query += f" AND is_our_attack = ${param_count}"
|
|
params.append(our_attacks)
|
|
|
|
if attacks_to_us is not None:
|
|
param_count += 1
|
|
query += f" AND is_attack_to_us = ${param_count}"
|
|
params.append(attacks_to_us)
|
|
|
|
param_count += 1
|
|
query += f" ORDER BY timestamp DESC LIMIT ${param_count}"
|
|
params.append(limit)
|
|
|
|
rows = await conn.fetch(query, *params)
|
|
return [dict(row) for row in rows]
|
|
finally:
|
|
await release_db(conn)
|
|
|
|
@app.get("/alerts", dependencies=[Depends(verify_token)])
|
|
async def get_alerts(limit: int = 50, unnotified: bool = False):
|
|
"""Get alerts"""
|
|
conn = await get_db()
|
|
try:
|
|
if unnotified:
|
|
query = "SELECT * FROM attack_alerts WHERE notified = false ORDER BY created_at DESC LIMIT $1"
|
|
else:
|
|
query = "SELECT * FROM attack_alerts ORDER BY created_at DESC LIMIT $1"
|
|
|
|
rows = await conn.fetch(query, limit)
|
|
return [dict(row) for row in rows]
|
|
finally:
|
|
await release_db(conn)
|
|
|
|
@app.post("/alerts/{alert_id}/acknowledge", dependencies=[Depends(verify_token)])
|
|
async def acknowledge_alert(alert_id: int):
|
|
"""Mark alert as acknowledged"""
|
|
conn = await get_db()
|
|
try:
|
|
await conn.execute("UPDATE attack_alerts SET notified = true WHERE id = $1", alert_id)
|
|
return {"status": "acknowledged", "alert_id": alert_id}
|
|
finally:
|
|
await release_db(conn)
|
|
|
|
@app.get("/attacks/by-service", dependencies=[Depends(verify_token)])
|
|
async def get_attacks_by_service():
|
|
"""Get attack statistics grouped by service"""
|
|
conn = await get_db()
|
|
try:
|
|
rows = await conn.fetch("""
|
|
SELECT
|
|
service_name,
|
|
COUNT(*) as total_attacks,
|
|
COUNT(*) FILTER (WHERE is_our_attack = true) as our_attacks,
|
|
COUNT(*) FILTER (WHERE is_attack_to_us = true) as attacks_to_us,
|
|
COALESCE(SUM(points) FILTER (WHERE is_our_attack = true), 0) as points_gained,
|
|
COALESCE(SUM(points) FILTER (WHERE is_attack_to_us = true), 0) as points_lost
|
|
FROM attacks
|
|
GROUP BY service_name
|
|
ORDER BY total_attacks DESC
|
|
""")
|
|
return [dict(row) for row in rows]
|
|
finally:
|
|
await release_db(conn)
|
|
|
|
@app.post("/settings/team-id", dependencies=[Depends(verify_token)])
|
|
async def set_team_id(team_id: int):
|
|
"""Update our team ID"""
|
|
global OUR_TEAM_ID
|
|
OUR_TEAM_ID = team_id
|
|
|
|
conn = await get_db()
|
|
try:
|
|
await conn.execute(
|
|
"INSERT INTO settings (key, value) VALUES ('our_team_id', $1) ON CONFLICT (key) DO UPDATE SET value = $1",
|
|
str(team_id)
|
|
)
|
|
return {"team_id": team_id}
|
|
finally:
|
|
await release_db(conn)
|
|
|
|
if __name__ == "__main__":
|
|
import uvicorn
|
|
uvicorn.run(app, host="0.0.0.0", port=8002)
|