Skip to main content

Challenge Notebook Architecture

For simplicity, let’s break down the structure of a challenge notebook with the coolest one around, “test”. This is an example to validate your API key. Think of this like a tutorial in a video game when you have to look up and jump.
  1. The notebook first contains a code cell to execute the storing of your Crucible API key and some other variables for you to authenticate to the Crucible API and structure your later requests to the correct challenge. 
    DREADNODE_API_KEY = "YOUR_API_KEY"  # Replace with your actual API key

CHALLENGE = "test"
CRUCIBLE_URL = "https://platform.dreadnode.io"
CHALLENGE_URL = "https://test.platform.dreadnode.io"
  2. Challenges will always come shipped with dependencies so ensure to install them via pip: 
    %pip install requests --quiet
  3. Now we have our environment loaded, we can interact with the challenge API. This is a simple request using python to make transmit a HTTP POST request to the endpoint. 
    import requests

def query(input_data):
    response = requests.post(
        f"{CHALLENGE_URL}/score",
        headers={"X-API-Key": DREADNODE_API_KEY},
        json={"data": input_data}
    )
    return response.json()

query("send your text inputs here")
  4. Yargh mateys! Flags for everyone! test challenge flag
  5. Since we have our unique flag for this challenge, let’s submit it to the endpoint for some sweet kudos: 
    import requests

def submit_flag(flag):
    url = f"{CRUCIBLE_URL}/api/challenges/{CHALLENGE}/submit-flag"
    headers = {"X-API-Key": DREADNODE_API_KEY}
    payload = {"challenge": CHALLENGE, "flag": flag}
    response = requests.post(url, headers=headers, json=payload)
    if response.status_code == 200:
        if response.json().get("correct") is True:
            print("The flag was correct. Congrats!")
        else:
            print("The flag was incorrect. Keep trying!")
    else:
        print("There was an error submitting your flag")
        print(response.text)

flag = "gAAAAABnJreQ5YYJ9x9m4oFdFMXUsbmH0_FmG5trWTGzVXI-TIvB9APjquiIdv8HJzRWP56Qkm1L3ef8qXf5J6Q0s3D_-d21N2r_FMjlTbtYdXwLl4IM5wD60ut5kstqsD4k0NgNzJqxVJb7Llm1QrIAHXkL54jxgcmORWlNw9t-fKvTxoQGy0g="  # Replace with the flag once you find it
submit_flag(flag)
test challenge submit flag