Personal API endpoint to process write and read requests to message bins - perfect for (indirect) communication between computers.
At my university, the Intro CS class utilizes a code editor called Vocareum for editing/submitting HWs and Exams. Below is an example assignment:
Exploring the Vocareum terminal, I found there were no restrictions on curl commands. I ran a simple api call to ChatGPT and confirmed that students could access AI generated code during exams from the editor's terminal itself:
But that's quite the command to memorize (imagine writing that on your hand or the inside of your shirt).
I wanted something your average student could easily use, so I had the idea to set up my computer as an messaging endpoint to enable communication between students during exams. Here is the basic functionality:
- Students can create a message bin and write messages to it with POST requests:
- Students can read chat logs for a message bin with GET requests:
- Students can list all active message bins with a GET request:
This system was developed to demonstrate the potential for cheating and was never exploited for those purposes. All code was tested on the HW 1 assignment (which was already submitted) and never on an exam.
Additionally, my professor & Vocareum were notified of this flaw before its public release and, to mitigate the issue, Vocareum is disabling network access from code editor terminals + updating their systems.
Clone github repo (set admin_password & admin_name in .env) and run simple_server.py.
python3 simple_server.pySign up for ngrok (port forwarding) here and get authtoken (free), configure ngrok
ngrok config add-authtoken <authtoken>Portforwarding to port 8080. The 'Forwarding' link is essentially the url you use to make the curl commands.
ngrok http 8080Run curl $LINK to check the list of all commands + copy/paste templates. Where LINK is ^ forwarding link.