npm - icoa-cli - Versions diffs - 2.5.3 → 2.6.1 - Mend

icoa-cli 2.5.3 → 2.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/commands/exam.js CHANGED Viewed

@@ -296,10 +296,43 @@ export function registerExamCommand(program) {
         const proceed = await confirm({ message: msg, default: false });
         if (!proceed)
             return;
+        console.log();
+        // Demo exam: grade locally
+        if (state.session.examId === 'demo-free') {
+            try {
+                const { DEMO_ANSWERS } = await import('../lib/demo-exam.js');
+                drawProgress(0, 'Grading...');
+                await sleep(300);
+                let score = 0;
+                for (const [qn, ans] of Object.entries(state.answers)) {
+                    if (DEMO_ANSWERS[Number(qn)] === ans)
+                        score++;
+                }
+                drawProgress(100, 'Complete!');
+                console.log();
+                clearExamState();
+                const percentage = Math.round(score / total * 100);
+                console.log();
+                printHeader('Demo Exam Result');
+                printKeyValue('Score', chalk.bold(`${score}/${total}`));
+                printKeyValue('Percentage', chalk.bold(`${percentage}%`));
+                printKeyValue('Status', percentage >= 60 ? chalk.green.bold('PASSED') : chalk.red.bold('NOT PASSED'));
+                console.log();
+                console.log(chalk.gray('  This was a free practice exam.'));
+                console.log(chalk.gray('  For the real exam, contact your national organizer.'));
+                console.log(chalk.white('  Ready? Use: join <url>'));
+                console.log();
+            }
+            catch (err) {
+                console.log();
+                printError(err.message);
+            }
+            return;
+        }
+        // Real exam: submit to server
         const client = requireExamConnection();
         if (!client)
             return;
-        console.log();
         try {
             drawProgress(0, 'Uploading answers...');
             const result = await client.submitExam(state.session.examId, state.answers);
@@ -357,6 +390,63 @@ export function registerExamCommand(program) {
             printError(err.message);
         }
     });
+    // ─── exam demo ───
+    exam
+        .command('demo')
+        .description('Try a free practice exam (no account needed)')
+        .action(async () => {
+        logCommand('exam demo');
+        const { DEMO_SESSION, DEMO_QUESTIONS } = await import('../lib/demo-exam.js');
+        const existing = getExamState();
+        if (existing) {
+            if (existing.session.examId === 'demo-free') {
+                printInfo('Demo exam already in progress.');
+                printInfo('Use "exam q 1" to continue, or "exam submit" to finish.');
+                return;
+            }
+            printWarning(`Exam "${existing.session.examName}" is in progress.`);
+            printInfo('Submit it first: exam submit');
+            return;
+        }
+        console.log();
+        printHeader('ICOA Demo Exam — Free Practice');
+        console.log();
+        console.log(chalk.white('  This is a free practice exam to help you prepare.'));
+        console.log(chalk.white('  30 questions · 30 minutes · English'));
+        console.log(chalk.white('  No account or login required.'));
+        console.log();
+        console.log(chalk.gray('  ┌─────────────────────────────────────────────────┐'));
+        console.log(chalk.gray('  │') + chalk.yellow('  For real exams, your proctor will provide:       ') + chalk.gray('│'));
+        console.log(chalk.gray('  │') + chalk.white('    · Server URL                                   ') + chalk.gray('│'));
+        console.log(chalk.gray('  │') + chalk.white('    · Username & Password                          ') + chalk.gray('│'));
+        console.log(chalk.gray('  │') + chalk.white('    · Exam ID                                     ') + chalk.gray('│'));
+        console.log(chalk.gray('  └─────────────────────────────────────────────────┘'));
+        console.log();
+        const proceed = await confirm({
+            message: 'Start demo exam now?',
+            default: true,
+        });
+        if (!proceed)
+            return;
+        const session = { ...DEMO_SESSION, startedAt: new Date().toISOString() };
+        console.log();
+        drawProgress(0, 'Preparing questions...');
+        await sleep(200);
+        drawProgress(40, 'Setting up timer...');
+        await sleep(200);
+        drawProgress(80, 'Almost ready...');
+        await sleep(150);
+        drawProgress(100, 'Ready!');
+        console.log();
+        saveExamState({ session, questions: DEMO_QUESTIONS, answers: {} });
+        console.log();
+        printKeyValue('Questions', '30');
+        printKeyValue('Duration', '30 minutes');
+        printTimeRemaining();
+        // Show first question
+        printQuestion(DEMO_QUESTIONS[0]);
+        console.log(chalk.gray('  Commands: exam q <n> | exam answer <n> <A-D> | exam review | exam submit'));
+    });
     // Default action: show status or help
     exam.action(() => {
         logCommand('exam');
@@ -370,7 +460,12 @@ export function registerExamCommand(program) {
             console.log(chalk.gray('  exam q [n]  | exam answer <n> <A-D> | exam review | exam submit'));
         }
         else {
-            printInfo('No exam in progress. Use "exam list" to see available exams.');
+            console.log();
+            console.log(chalk.white('  No exam in progress.'));
+            console.log();
+            console.log(chalk.white('    exam demo       ') + chalk.gray('Try free practice exam (no account needed)'));
+            console.log(chalk.white('    exam list       ') + chalk.gray('View exams (requires login)'));
+            console.log();
         }
     });
 }

package/dist/index.js CHANGED Viewed

@@ -38,7 +38,7 @@ ${LINE}
    ${chalk.white('Sydney, Australia')}  ${chalk.gray('Jun 27 - Jul 2, 2026')}
    ${chalk.cyan.underline('https://icoa2026.au')}
-   ${chalk.gray('CLI-Native Competition Terminal  v2.5.3')}
+   ${chalk.gray('CLI-Native Competition Terminal  v2.6.1')}
 ${LINE}
 `;

package/dist/lib/demo-exam.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { ExamQuestion, ExamSession } from '../types/index.js';
+export declare const DEMO_SESSION: ExamSession;
+export declare const DEMO_ANSWERS: Record<number, string>;
+export declare const DEMO_QUESTIONS: ExamQuestion[];

package/dist/lib/demo-exam.js ADDED Viewed

@@ -0,0 +1,75 @@
+export const DEMO_SESSION = {
+    examId: 'demo-free',
+    examName: 'ICOA Demo Exam — Free Practice',
+    startedAt: '',
+    durationMinutes: 30,
+    questionCount: 30,
+    country: 'ALL',
+};
+export const DEMO_ANSWERS = {
+    1: 'B', 2: 'B', 3: 'C', 4: 'B', 5: 'C', 6: 'B', 7: 'B', 8: 'C', 9: 'C', 10: 'B',
+    11: 'C', 12: 'B', 13: 'B', 14: 'B', 15: 'B', 16: 'B', 17: 'B', 18: 'B', 19: 'C', 20: 'B',
+    21: 'A', 22: 'B', 23: 'B', 24: 'B', 25: 'B', 26: 'B', 27: 'B', 28: 'B', 29: 'A', 30: 'C',
+};
+export const DEMO_QUESTIONS = [
+    { number: 1, text: 'Which algorithm is NOT a symmetric cipher?', category: 'Cryptography',
+        options: { A: 'AES', B: 'RSA', C: 'DES', D: 'Blowfish' } },
+    { number: 2, text: 'What does SQL injection exploit?', category: 'Web Security',
+        options: { A: 'Buffer overflow in web server', B: 'Unsanitized user input in database queries', C: 'Weak encryption algorithms', D: 'Misconfigured firewall rules' } },
+    { number: 3, text: 'Which HTTP status code indicates "Forbidden"?', category: 'Web Security',
+        options: { A: '401', B: '404', C: '403', D: '500' } },
+    { number: 4, text: 'What is the primary purpose of a nonce in cryptography?', category: 'Cryptography',
+        options: { A: 'Encrypt data at rest', B: 'Prevent replay attacks', C: 'Generate random passwords', D: 'Compress data before encryption' } },
+    { number: 5, text: 'Which tool is commonly used for network packet capture?', category: 'Network',
+        options: { A: 'Burp Suite', B: 'Ghidra', C: 'Wireshark', D: 'John the Ripper' } },
+    { number: 6, text: 'What does XSS stand for in cybersecurity?', category: 'Web Security',
+        options: { A: 'Extended Security System', B: 'Cross-Site Scripting', C: 'XML Secure Socket', D: 'Cross-Server Sharing' } },
+    { number: 7, text: 'What is the primary function of a firewall?', category: 'Network',
+        options: { A: 'Encrypt network data', B: 'Filter network traffic based on security rules', C: 'Detect viruses in files', D: 'Speed up internet connection' } },
+    { number: 8, text: 'Which type of malware disguises itself as legitimate software?', category: 'Malware',
+        options: { A: 'Worm', B: 'Ransomware', C: 'Trojan', D: 'Adware' } },
+    { number: 9, text: 'Which protocol provides secure communication on the web?', category: 'Network',
+        options: { A: 'HTTP', B: 'FTP', C: 'HTTPS', D: 'SMTP' } },
+    { number: 10, text: 'What is a cryptographic hash?', category: 'Cryptography',
+        options: { A: 'A reversible encryption key', B: 'A one-way function producing a fixed-size digest', C: 'An authentication protocol', D: 'A type of digital signature' } },
+    { number: 11, text: 'Which tool is used for binary analysis?', category: 'Reverse Engineering',
+        options: { A: 'Nmap', B: 'SQLMap', C: 'Ghidra', D: 'Nikto' } },
+    { number: 12, text: 'Which attack manipulates DNS requests to redirect traffic?', category: 'Network',
+        options: { A: 'Phishing', B: 'DNS Spoofing', C: 'SQL Injection', D: 'Brute Force' } },
+    { number: 13, text: 'What is the standard port for SSH?', category: 'Network',
+        options: { A: '21', B: '22', C: '80', D: '443' } },
+    { number: 14, text: 'What is two-factor authentication (2FA)?', category: 'Authentication',
+        options: { A: 'Using two different passwords', B: 'Verifying identity with two distinct types of credentials', C: 'Encrypting data twice', D: 'Connecting through two networks' } },
+    { number: 15, text: 'Which Linux command shows open ports on a system?', category: 'Linux',
+        options: { A: 'ls -la', B: 'netstat -tulpn', C: 'chmod 777', D: 'cat /etc/passwd' } },
+    { number: 16, text: 'What is a Man-in-the-Middle (MitM) attack?', category: 'Network',
+        options: { A: 'Accessing a server without authorization', B: 'Intercepting and modifying communications between two parties', C: 'Sending multiple requests to overload a server', D: 'Guessing passwords by brute force' } },
+    { number: 17, text: 'Which of these is a hash algorithm?', category: 'Cryptography',
+        options: { A: 'AES-256', B: 'SHA-256', C: 'RSA-2048', D: 'Diffie-Hellman' } },
+    { number: 18, text: 'What is the principle of least privilege?', category: 'Security',
+        options: { A: 'Give root access to all users', B: 'Grant only the permissions necessary to perform a task', C: 'Use the shortest password possible', D: 'Disable all firewalls' } },
+    { number: 19, text: 'Which tool is commonly used for port scanning?', category: 'Network',
+        options: { A: 'Wireshark', B: 'Metasploit', C: 'Nmap', D: 'Hashcat' } },
+    { number: 20, text: 'What is ransomware?', category: 'Malware',
+        options: { A: 'Software that shows unwanted ads', B: 'Software that encrypts files and demands payment to decrypt', C: 'Software that records keystrokes', D: 'Software that replicates across networks' } },
+    { number: 21, text: 'What is the difference between symmetric and asymmetric encryption?', category: 'Cryptography',
+        options: { A: 'Symmetric uses the same key to encrypt and decrypt; asymmetric uses two different keys', B: 'Symmetric is slower than asymmetric', C: 'Asymmetric only works with small files', D: 'There is no significant difference' } },
+    { number: 22, text: 'Which vulnerability allows arbitrary code execution on a web server?', category: 'Web Security',
+        options: { A: 'CSRF', B: 'Remote Code Execution (RCE)', C: 'Clickjacking', D: 'Open Redirect' } },
+    { number: 23, text: 'What is OWASP?', category: 'Security',
+        options: { A: 'A security operating system', B: 'An organization that publishes web security standards and guides', C: 'A type of firewall', D: 'A programming language for security' } },
+    { number: 24, text: 'Which Linux command changes file permissions?', category: 'Linux',
+        options: { A: 'chown', B: 'chmod', C: 'chgrp', D: 'passwd' } },
+    { number: 25, text: 'What is an SSL/TLS certificate?', category: 'Cryptography',
+        options: { A: 'A file containing malware', B: 'A digital document that verifies a website\'s identity', C: 'A private key for SSH', D: 'A type of encrypted database' } },
+    { number: 26, text: 'Which of the following is a social engineering attack?', category: 'Security',
+        options: { A: 'Buffer overflow', B: 'Phishing', C: 'SQL Injection', D: 'Port scanning' } },
+    { number: 27, text: 'What does the Linux command "grep" do?', category: 'Linux',
+        options: { A: 'Compresses files', B: 'Searches for text patterns in files', C: 'Shows active processes', D: 'Configures the network' } },
+    { number: 28, text: 'What is a VPN?', category: 'Network',
+        options: { A: 'A type of virus', B: 'A virtual private network that encrypts internet traffic', C: 'A file transfer protocol', D: 'A vulnerability scanner' } },
+    { number: 29, text: 'What is CSRF (Cross-Site Request Forgery)?', category: 'Web Security',
+        options: { A: 'An attack that forces a user\'s browser to perform unauthorized actions', B: 'A data encryption method', C: 'A type of network scanner', D: 'A file compression technique' } },
+    { number: 30, text: 'What is the best practice for storing passwords in a database?', category: 'Security',
+        options: { A: 'Plain text', B: 'Encrypted with AES', C: 'Hashed with salt', D: 'Encoded in Base64' } },
+];

package/dist/repl.js CHANGED Viewed

@@ -128,17 +128,26 @@ export async function startRepl(program, resumeMode) {
         if (connected) {
             console.log(chalk.green(`   Welcome back, ${config.userName}!`) + '  ' + modeLabel);
             console.log(chalk.gray(`   Connected to ${config.ctfdUrl}`));
-            console.log(chalk.gray('   Switch mode: setup'));
+            console.log();
+            console.log(chalk.gray('   ─────────────────────────────────'));
+            console.log(chalk.white('   exam list     ') + chalk.gray('View available exams'));
+            console.log(chalk.white('   exam demo     ') + chalk.gray('Free practice (no login)'));
+            console.log(chalk.white('   help          ') + chalk.gray('All commands'));
+            console.log(chalk.gray('   ─────────────────────────────────'));
             console.log();
         }
         else {
-            console.log('   ' + modeLabel + chalk.gray('  (switch via: setup)'));
+            console.log('   ' + modeLabel);
             console.log();
-            console.log(chalk.gray('   Quick Start'));
-            console.log(chalk.gray('   ─────────────'));
-            console.log(chalk.white('   join <url>       ') + chalk.gray('Connect to exam server'));
-            console.log(chalk.white('   exam list        ') + chalk.gray('View available exams'));
-            console.log(chalk.white('   help             ') + chalk.gray('All commands'));
+            console.log(chalk.gray('   ─────────────────────────────────────────────'));
+            console.log(chalk.white('   Welcome! Type a command to get started:'));
+            console.log();
+            console.log(chalk.bold.cyan('     demo') + chalk.gray('            Free practice exam (30 questions)'));
+            console.log(chalk.gray('                     No account needed. Try it now!'));
+            console.log();
+            console.log(chalk.white('     join <url>') + chalk.gray('      Connect to real exam server'));
+            console.log(chalk.gray('                     Your proctor will provide credentials.'));
+            console.log(chalk.gray('   ─────────────────────────────────────────────'));
             console.log();
         }
     }
@@ -264,8 +273,8 @@ export async function startRepl(program, resumeMode) {
         }
         const cmd = input.split(/\s+/)[0].toLowerCase();
         // ─── Mode-based command filtering ───
-        const selectionCommands = ['join', 'exam', 'setup', 'lang', 'ref', 'ctf'];
-        const organizerCommands = ['join', 'exam', 'setup', 'lang', 'ref', 'ctf'];
+        const selectionCommands = ['join', 'exam', 'demo', 'setup', 'lang', 'ref', 'ctf'];
+        const organizerCommands = ['join', 'exam', 'demo', 'setup', 'lang', 'ref', 'ctf'];
         if (mode === 'selection' && !selectionCommands.includes(cmd)) {
             console.log(chalk.gray('  Not available in Selection mode. Switch via: setup'));
             console.log();
@@ -294,7 +303,7 @@ export async function startRepl(program, resumeMode) {
             'scoreboard', 'sb', 'status', 'time', 'hint', 'hint-b', 'hint-c',
             'hint-budget', 'ref', 'shell', 'files', 'connect', 'note',
             'log', 'lang', 'setup', 'env', 'ai4ctf', 'model', 'ctf',
-            'exam',
+            'exam', 'demo',
         ];
         if (!knownCommands.includes(cmd)) {
             // Block dangerous commands
@@ -428,6 +437,7 @@ function mapCommand(input) {
     const cmd = parts[0].toLowerCase();
     const rest = parts.slice(1);
     const ctfShortcuts = {
+        'demo': ['exam', 'demo'],
         'join': ['ctf', 'join', ...rest],
         'activate': ['ctf', 'activate', ...rest],
         'challenges': ['ctf', 'challenges'],

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "icoa-cli",
-  "version": "2.5.3",
+  "version": "2.6.1",
   "description": "ICOA CLI — The world's first CLI-native CTF competition terminal",
   "type": "module",
   "bin": {