1
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
For the server code, can you explain which abuses you're trying to protect against?
from pprint import pprint
import threading
import uuid
import os
from collections import defaultdict
import re
import random
import time
from flask import request
from flask import Flask
app = Flask(__name__, static_url_path='')
botPath = 'bots/'
ipBotCounts = defaultdict(int)
# We allow adjustments back to zero slowly per IP, but not fast enough to cause abuse
def background_decay_ipCount():
global ipBotCounts
while True:
time.sleep(60)
for ip in ipBotCounts:
if ipBotCounts[ip] > 0:
print("removing 1 from " + ip)
ipBotCounts[ip] -= 1
if ipBotCounts[ip] < 0:
print("adding 1 to " + ip)
ipBotCounts[ip] += 1
decay_ip_thread = threading.Thread(target=background_decay_ipCount)
decay_ip_thread.start()
@app.route('/<world>', methods=['GET', 'PUT', 'POST'])
def handleRequest(world):
pprint(ipBotCounts)
path = request.path.split('/')[1]
remoteIp = request.headers.get('X-Forwarded-For', request.remote_addr)
if not re.match(r"[a-zA-Z0-9_]", path): #Someone is doing something dodgy
return '', 400
if not os.path.isdir(botPath + path):
os.mkdir(botPath + path)
if request.method == 'PUT':
if ipBotCounts[remoteIp] >= 10:
# Sent too many bots
return '', 429
ipBotCounts[remoteIp] += 1
with open(botPath + path + '/' + str(uuid.uuid4()),'wb') as f:
f.write(request.data)
return ''
if request.method == 'GET':
if not len(os.listdir(botPath + path)) > 200: #not enough bots to give one out
return '', 404
if ipBotCounts[remoteIp] <= -10:
# Sent too little bots to us
return '', 429
ipBotCounts[remoteIp] -= 1
fileToSend = random.choice(os.listdir(botPath + path))
fileToSend = botPath + path + '/' + fileToSend
filedata = open(fileToSend, 'rb').read(100000)
os.remove(fileToSend)
return filedata
app.run(host='0.0.0.0', port=80, threaded=True)
while :; do for bot in $(ls *dbo | shuf | head -n1); do curl -T$bot https://dbim.theblazehen.com/anythinggoes && rm $bot; done; rm *stats; sleep 1; done
import requests
import time
import random
while True:
time.sleep(0.5)
try:
print("getting bot")
r = requests.get('https://dbim.theblazehen.com/anythinggoes')
botData = r.content
if r.ok:
with open(str(random.randrange(0,1000)) + '.dbo', 'wb') as f:
f.write(botData)
f.close()
except:
print("failed to get bot")
python3 /cygdrive/c/path/to/im_incoming.py
two people download a file at once or getting your own bot back.
Would you mind just walking me through setting it up? I'd like to have at least some idea of what's changed so when it breaks I vaguely know what to poke The server is just a linux box.
At the moment/historically it's first-come-first-serve, and there's nothing to prevent either duplication of bots when two people download a file at once or getting your own bot back. But we can certainly do something smarter, especially if it's only a little bit of code to enable. But my first priority would just be getting something set up.So what I've been thinking is to have a URL that you can use for different environments, eg im.darwinbots.com/zerobots or a private im.darwinbots.com/myownpersonalsim732187
Can you issue login credentials to people? That would prevent at least some sorts of abuses I'm concerned with. If we could tie it in the forum authentication that would be even better, but that might be tricky.Should be possible, will be a bit tricky to do it with the forum details though
dang i just looked at your profile posts and you haven't been on in almost 2 years... welcome back