{"id":27426192,"url":"https://github.com/posgnu/pajero","last_synced_at":"2025-07-11T18:08:58.396Z","repository":{"id":46566010,"uuid":"143257605","full_name":"posgnu/pajero","owner":"posgnu","description":"Packet analyzer for attack \u0026 defense CTF","archived":false,"fork":false,"pushed_at":"2021-10-06T23:03:12.000Z","size":16873,"stargazers_count":8,"open_issues_count":13,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2023-08-04T19:07:51.314Z","etag":null,"topics":["ctf-tools","defcon26","defcon27"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/posgnu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-08-02T07:19:34.000Z","updated_at":"2023-08-04T19:07:51.314Z","dependencies_parsed_at":"2022-08-26T04:01:09.505Z","dependency_job_id":null,"html_url":"https://github.com/posgnu/pajero","commit_stats":null,"previous_names":[],"tags_count":1,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posgnu%2Fpajero","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posgnu%2Fpajero/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posgnu%2Fpajero/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posgnu%2Fpajero/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/posgnu","download_url":"https://codeload.github.com/posgnu/pajero/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248881568,"owners_count":21176875,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf-tools","defcon26","defcon27"],"created_at":"2025-04-14T12:31:34.801Z","updated_at":"2025-04-14T12:31:45.014Z","avatar_url":"https://github.com/posgnu.png","language":"Rust","readme":"# pajero\n\npajero is a packets analyzer for attack \u0026 defense CTF which can help you to systematically investigate packets your server received. There is no meaning in pajero. It was just generated by a random project name generator.\n\npajero is designed to analyze packet dumps that are usually provided from DEFCON organization during the CTF. Especially in DEFCON26, they provided packet dumps for each service we were running intermittently. These include communication between our services and other teams, abnormal usage of services which means attack payload from others, and also the flag of our team that was stolen. By classifying a bunch of packets into team by team and service by service we can easily grasp the overall situation of our services. Also by detecting our flag in the packet we can spot the attack payload which works on our services that also can be used to the same services on other teams' servers. We expect that by replaying this payload we can make somehow valid attacks on other servers. \n\n## How to use\n\nYou can find the most recent release of Mach-O 64-bit executable arm64 binary for the project [here](https://github.com/posgnu/pajero/releases). If you are using other types of OS then you need to clone the source code and need to compile it. For building a binary by yourself, check the [Building section](#Building).\n\n### Set up\n\nBefore all,  generate`./static/conf.json`. It should be filled with team information and service configurations following the template below. \n\n```json\n\"team\" : [\n  { \"name\" : \"PLUS\", \"ip\" : \"0.0.0.0\" } , \n],\n\"service\" : [\n  {\"name\" : \"bof\", \"flag\" : \"DEFCON{\", \"port\": 8888 }, \n]\n```\n\nAfter populating the team list with other competitors' information, list the services your team is running. The `flag` is an argument for finding an attack payload that leaks our flag so it does not have to be a completed sentence of the flag. Only keywords will be fine. `port` needs, though, some cautions since pajero differentiate packets by port.\n\n### Run\n\n```\n$./pajero run analyze [packet path] [round]\n```\n\nAnalyze packet with pre-defined filter (conf.json) and then we can see the results in the`./static/packets/` directory. Attack payload will be collected in `./static/packets/flag/`.\n\n### Design\n\n![model](https://github.com/GNUp/pajero/blob/master/model.png)\n\n### Target network\n\n![network](https://github.com/GNUp/pajero/blob/master/network.png)\n\n## Contribution\n\nIf you want to make some contributions to this project, here some basic instructions for you.\n\n### Building\n\nInstall rust via [rustup](https://rustup.rs/) and clone the repository.\n\n```shell\n$ git clone git@github.com:GNUp/pajero.git\n$ cd pajero\n```\n\nInstall libpcap\n\n```shell\n$ sudo apt-get install libpcap-dev\n```\n\nBuild in release mode\n\n```shell\n$ cargo build --release\n```\n\nThis will produce an executable in the `./target/release` directory.\n\n### Testing\n\n```\ncargo test -- --test-threads=1\n```\n\nBasically, we need to run all the tests synchronously before resolving [#16](https://github.com/GNUp/pajero/issues/26)\n\n## Formatting\n\nRun `rustfmt` before the pushing.\n\n```sh\n$ cargo fmt\n```\n\n## License\n\nThis project is licensed under GNU GPLv3 - see the `LICENSE.txt` for details\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fposgnu%2Fpajero","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fposgnu%2Fpajero","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fposgnu%2Fpajero/lists"}