Skip to content
/ CookieFarmExploiter Public

Lightweight Python decorator for automating exploit execution in Attack & Defense CTFs with CookieFarm integration.

License

MIT license
5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ByteTheCookies/CookieFarmExploiter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits
cookiefarm
cookiefarm
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

🍪 CookieFarm - Exploiter Manager

Language Keywords License

Python decorator for automating exploit execution in CTF Attack & Defense competitions

📦 What is it?

This package provides a @exploit_manager decorator designed to automate the parallel execution of exploits in CTF (Attack & Defense) settings, specifically for use with the CookieFarm project.

It handles:

  • Authentication with the central server
  • Retrieving team configuration
  • Automatic flag parsing from stdout

⚠️ Note: This package is not standalone. It must be used together with the CookieFarm client. The client provides the required APIs and team configurations.

📦 Installation

To install the package:

pip install cookiefarm

⚙️ How it works

The @exploit_manager decorator takes care of:

  • Calling your exploit(ip, port, name_service, flag_ids) function
  • Capturing your exploit's stdout
  • Parsing flags via regex
  • Logging the result in JSON format, including: team ID, port, service name, and the flag found

🚀 Example usage

from cookiefarm import exploit_manager
import requests

@exploit_manager
def exploit(ip, port, name_service, flag_ids):
    # Run your exploit here
    response = requests.get(f"http://{ip}:{port}/")

    # Just print the flag to stdout
    print(response.text)

# Run from the command line with arguments from CookieFarm
# python3 myexploit.py <ip_server> <password> <tick_time> <thread_number> <port> <name_service>

For execution, you have to pass the required arguments from the command line, which are provided by the CookieFarm client. The decorator will handle the rest.

python3 myexploit.py -s <server_address> -t <tick_time> -T <thread_number> -p <port> -n <name_service> -x [test mode]
Argument Description
-s or --server The address of the CookieFarm server
-t or --tick_time The time interval for the exploit execution
-T or --thread_number The number of threads to use for the exploit
-p or --port The port to target for the exploit
-n or --name_service The name of the service to exploit
-x or --test Run in test mode (does not execute the exploit)

🛠️ Requirements

  • Python ≥ 3.12
  • Working CookieFarm client installed

📝 License

Distributed under the MIT License. Feel free to use, modify, and contribute.

For any questions, suggestions, or issues, feel free to open a GitHub issue!

Created with ❤️ by ByteTheCookies (feat. @0xMatte)

About

Lightweight Python decorator for automating exploit execution in Attack & Defense CTFs with CookieFarm integration.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

5 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages