Saturday, December 2, 2017

SANS Holiday Hack 2017 Alert

It's that wonderful time of year again... SANS Holiday Hack 2017 will soon be released.  Those of us who share a love of solving puzzles will be shut in our rooms and up late nights trying to solve this challenge.

I wanted to practice writing some more Powershell code, so I thought of a program that has a reference index of the SANS Holiday Hack site, compares it to a newly downloaded version, and emails or texts me if there have been any changes.  I could then schedule it to run every hour in Task Manager in a Windows VM, so hopefully I'll have a good indication of when I can start on the challenge.

I Googled it.  Sources:

https://learn-powershell.net/2011/02/11/using-powershell-to-query-web-site-information/
https://blogs.msdn.microsoft.com/koteshb/2010/02/12/powershell-how-to-create-a-pscredential-object/
https://www.pdq.com/blog/powershell-send-mailmessage-gmail/

I stitched the pieces together to come up with the following.  Note:  I am new to Powershell, so there is likely a better way to do this.:

**WARNING**

Please do not under any circumstances run this kind of thing in a production environment.  Having plain text credentials in a program is a sure fire way of being pwned.

**END WARNING**

Here's the code:

#sets the $username variable to test
$username = "test"

#sets the $password variable to test password
$password = "testpassword"

# Can Convert the $password value to a more secure version, however, I told it to use Plain 
#Text.
$secpassword = ConvertTo-SecureString -String $password -AsPlainText -Force

#Creates a $PSCredential Object that can be piped into Cmdlets that have a -Credential 
#Parameter
$mycreds = New-Object System.Management.Automation.PSCredential $username, $secpassword

#Create a new web client object
$web = New-Object Net.WebClient

#get the index page of the holidayhackchallenge website
$index = $web.DownloadString("https://www.holidayhackchallenge.com")

Try{

    #tries to get the index page of the holidayhackchallenge website and output the source to    
    a file.
    $index | Out-File -FilePath 'C:\Users\Me\new.html'  

}
Catch{

    #returns an error message if the $index try block doesn't succeed.
    Write-Host -ForegroundColor Red -NoNewLine "The website may be down or your access is down."

}
Try{

    #tries to compare the new.html file created in the $index | Out-File... line to the reference 
    #index.html that I downloaded to begin with.
    $change = Diff -ReferenceObject $(Get-Content 'C:\Users\Me\index.html') -DifferenceObject $(Get-Content 'C:\Users\Me\new.html')

}
Catch{

    #returns an error message if the $change try block doesn't succeed.
    Write-Host -ForegroundColor Red -NoNewLine "Something went wrong."

}

if ($change) {

    #if $change is true, i.e., there's a difference, I get an e-mail saying that the challenge may 
    #be live.
    Send-MailMessage -To "<Insert User Here> <Insert Email Here>" -From "<Insert User Here> <Insert Email Here>" -Subject "Holiday Hack 2017 may be live!" -SMTPServer "<Gmail SMTP Server Here>" -Port "<Gmail SMTP Port Here>" -UseSsl -Credential $mycreds



There may be a problem with the logic...  Not exactly sure how the pipeline would work if I can't connect to the website for some reason.  If the website is down, it might still create the "new.html" file, but it would be empty, meaning that there would be a change.  However, the Diff (an alias for Compare-Object) throws an error if the difference object is null, so that should not be a problem for my purposes.  Others may want more robust code.