ctf-party 2.3.0 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/ctf-party +36 -29
- data/lib/ctf_party/base64.rb +9 -9
- data/lib/ctf_party/binary.rb +28 -0
- data/lib/ctf_party/cgi.rb +48 -20
- data/lib/ctf_party/dec.rb +18 -16
- data/lib/ctf_party/defang.rb +11 -0
- data/lib/ctf_party/hex.rb +65 -22
- data/lib/ctf_party/version.rb +1 -1
- metadata +26 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d68a7baddadfc1c9adb8db3c60d0fce83aa75017f49d6168d3e03139f9f9e85
|
4
|
+
data.tar.gz: c4f749b9f7ef10f876c3289f759e7f378736b825652b980220fc2bc039faf3bc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 54ee6f0a6b99ae3c9c3fc1cda10cfb28c58f8afcd4d49bb60ec114296412035e328ab4e8d16ffabcb0478ef54e7b6f401b3847d1301e4aaa4f9c00e478bd897e
|
7
|
+
data.tar.gz: 4dddeed3a7f78f6ead11406dbca55969e69f7a371d29751dfb01cfd26b23b55ac52dca4c3fd8ccfbdd2c1198ee6510c43a53b487cdc6c4234f7b0f27ac4e1396
|
data/bin/ctf-party
CHANGED
@@ -12,8 +12,10 @@ require 'docopt'
|
|
12
12
|
cmd_whitelist = {
|
13
13
|
# ctf-party commands
|
14
14
|
alternatecase: 'Change one characte on two upcase and the other downcase',
|
15
|
+
bin2dec: 'Convert a binary string to decimal',
|
15
16
|
bin2hex: 'Encode an binary string to a hexadecimal string',
|
16
17
|
bin2str: 'Alias for from_bin',
|
18
|
+
dec2bin: 'Convert a decimal string to binary',
|
17
19
|
dec2hex: 'Encode an decimal string to a hexadecimal string',
|
18
20
|
dec2str: 'Alias for from_dec',
|
19
21
|
defang_domain: 'Defang domain name',
|
@@ -24,7 +26,9 @@ cmd_whitelist = {
|
|
24
26
|
from_bin: 'Decode a binary string',
|
25
27
|
from_dec: 'Decode a decimal string (decimal to hexadecimal then hexadecimal to string)',
|
26
28
|
from_hex: 'Decode a hexadecimal string',
|
27
|
-
from_hexip: 'Decode a hexadecimal
|
29
|
+
from_hexip: 'Decode a hexadecimal IPv4 string into a dotted decimal one',
|
30
|
+
from_hexipv4: 'Decode a hexadecimal IPv4 string into a dotted decimal one',
|
31
|
+
from_hexipv6: 'Decode a hexadecimal IPv6 string into a the double-dotted hexadecimal format',
|
28
32
|
hex2bin: 'Encode an hexadecimal string to a binary string',
|
29
33
|
hex2dec: 'Encode an hexadecimal string to a decimal string',
|
30
34
|
hex2str: 'Alias for from_hex',
|
@@ -52,34 +56,37 @@ cmd_whitelist = {
|
|
52
56
|
to_bin: 'Encode a string into binary',
|
53
57
|
to_dec: 'Encode a string into decimal (string to hexadecimal then hexadecimal to decimal)',
|
54
58
|
to_hex: 'Encode a string into hexadecimal',
|
55
|
-
to_hexip: 'Encode a dotted decimal
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
59
|
+
to_hexip: 'Encode a dotted decimal IPv4 into a hexadecimal one',
|
60
|
+
to_hexipv4: 'Encode a dotted decimal IPv4 into a hexadecimal one',
|
61
|
+
urldecode: 'URL-decode the string (RFC 2396)',
|
62
|
+
urldecode_component: 'URL-decode the URL component string (RFC 3986)',
|
63
|
+
urldecode_data: 'URL-decode the form data (application/x-www-form-urlencoded) string',
|
64
|
+
urlencode: 'URL-encode the string (RFC 2396)',
|
65
|
+
urlencode_component: 'URL-encode the URL component string (RFC 3986)',
|
66
|
+
urlencode_data: 'URL-encode form data (application/x-www-form-urlencoded) string',
|
60
67
|
# native string commands
|
61
|
-
bytesize: 'https://rubyapi.org/3.
|
62
|
-
capitalize: 'https://rubyapi.org/3.
|
63
|
-
chomp: 'https://rubyapi.org/3.
|
64
|
-
chop: 'https://rubyapi.org/3.
|
65
|
-
downcase: 'https://rubyapi.org/3.
|
66
|
-
dump: 'https://rubyapi.org/3.
|
67
|
-
hex: 'https://rubyapi.org/3.
|
68
|
-
inspect: 'https://rubyapi.org/3.
|
69
|
-
length: 'https://rubyapi.org/3.
|
70
|
-
lstrip: 'https://rubyapi.org/3.
|
71
|
-
reverse: 'https://rubyapi.org/3.
|
72
|
-
rstrip: 'https://rubyapi.org/3.
|
73
|
-
scrub: 'https://rubyapi.org/3.
|
74
|
-
shellescape: 'https://rubyapi.org/3.
|
75
|
-
size: 'https://rubyapi.org/3.
|
76
|
-
squeeze: 'https://rubyapi.org/3.
|
77
|
-
strip: 'https://rubyapi.org/3.
|
78
|
-
succ: 'https://rubyapi.org/3.
|
79
|
-
swapcase: 'https://rubyapi.org/3.
|
80
|
-
undump: 'https://rubyapi.org/3.
|
81
|
-
unicode_normalize: 'https://rubyapi.org/3.
|
82
|
-
upcase: 'https://rubyapi.org/3.
|
68
|
+
bytesize: 'https://rubyapi.org/3.2/o/string#method-i-bytesize',
|
69
|
+
capitalize: 'https://rubyapi.org/3.2/o/string#method-i-capitalize',
|
70
|
+
chomp: 'https://rubyapi.org/3.2/o/string#method-i-chomp',
|
71
|
+
chop: 'https://rubyapi.org/3.2/o/string#method-i-chop',
|
72
|
+
downcase: 'https://rubyapi.org/3.2/o/string#method-i-downcase',
|
73
|
+
dump: 'https://rubyapi.org/3.2/o/string#method-i-dump',
|
74
|
+
hex: 'https://rubyapi.org/3.2/o/string#method-i-hex',
|
75
|
+
inspect: 'https://rubyapi.org/3.2/o/string#method-i-inspect',
|
76
|
+
length: 'https://rubyapi.org/3.2/o/string#method-i-length',
|
77
|
+
lstrip: 'https://rubyapi.org/3.2/o/string#method-i-lstrip',
|
78
|
+
reverse: 'https://rubyapi.org/3.2/o/string#method-i-reverse',
|
79
|
+
rstrip: 'https://rubyapi.org/3.2/o/string#method-i-rstrip',
|
80
|
+
scrub: 'https://rubyapi.org/3.2/o/string#method-i-scrub',
|
81
|
+
shellescape: 'https://rubyapi.org/3.2/o/string#method-i-shellescape',
|
82
|
+
size: 'https://rubyapi.org/3.2/o/string#method-i-size',
|
83
|
+
squeeze: 'https://rubyapi.org/3.2/o/string#method-i-squeeze',
|
84
|
+
strip: 'https://rubyapi.org/3.2/o/string#method-i-strip',
|
85
|
+
succ: 'https://rubyapi.org/3.2/o/string#method-i-succ',
|
86
|
+
swapcase: 'https://rubyapi.org/3.2/o/string#method-i-swapcase',
|
87
|
+
undump: 'https://rubyapi.org/3.2/o/string#method-i-undump',
|
88
|
+
unicode_normalize: 'https://rubyapi.org/3.2/o/string#method-i-unicode_normalize',
|
89
|
+
upcase: 'https://rubyapi.org/3.2/o/string#method-i-upcase'
|
83
90
|
}
|
84
91
|
|
85
92
|
doc = <<~DOCOPT
|
@@ -115,7 +122,7 @@ DOCOPT
|
|
115
122
|
begin
|
116
123
|
args = Docopt.docopt(doc, version: Version::VERSION)
|
117
124
|
# use case 1, using the tool
|
118
|
-
|
125
|
+
puts args if args['--debug']
|
119
126
|
if args['<string>']
|
120
127
|
args['<string>'] = $stdin.read.chomp if args['<string>'] == '-'
|
121
128
|
args['<string>'] = File.read(args['<string>']) if args['--file'] && File.exist?(args['<string>'])
|
data/lib/ctf_party/base64.rb
CHANGED
@@ -6,9 +6,9 @@ require 'base64'
|
|
6
6
|
class String
|
7
7
|
# Encode the string into base64
|
8
8
|
# @param opts [Hash] optional parameters
|
9
|
-
# @option opts [Symbol] :mode Default value: `:strict
|
10
|
-
# Other values are `:
|
11
|
-
# @see https://ruby-doc.org/
|
9
|
+
# @option opts [Symbol] :mode Default value: `:strict` (`:rfc4648`).
|
10
|
+
# Other values are `:rfc2045` or `:urlsafe`.
|
11
|
+
# @see https://ruby-doc.org/3.2.2/stdlibs/base64/Base64.html
|
12
12
|
# @return [String] the Base64 encoded string
|
13
13
|
# @example
|
14
14
|
# 'Super lib!'.to_b64 # => "U3VwZXIgbGliIQ=="
|
@@ -32,9 +32,9 @@ class String
|
|
32
32
|
|
33
33
|
# Decode the string from base64
|
34
34
|
# @param opts [Hash] optional parameters
|
35
|
-
# @option opts [Symbol] :mode Default value: `:strict
|
36
|
-
# Other values are `:
|
37
|
-
# @see https://ruby-doc.org/
|
35
|
+
# @option opts [Symbol] :mode Default value: `:strict` (`:rfc4648`).
|
36
|
+
# Other values are `:rfc2045` or `:urlsafe`.
|
37
|
+
# @see https://ruby-doc.org/3.2.2/stdlibs/base64/Base64.html
|
38
38
|
# @return [String] the Base64 decoded string
|
39
39
|
# @example
|
40
40
|
# 'UnVieQ=='.from_b64 # => "Ruby"
|
@@ -58,9 +58,9 @@ class String
|
|
58
58
|
|
59
59
|
# Is the string encoded in base64?
|
60
60
|
# @param opts [Hash] optional parameters
|
61
|
-
# @option opts [Symbol] :mode Default value: `:strict
|
62
|
-
# Other values are `:
|
63
|
-
# @see https://ruby-doc.org/
|
61
|
+
# @option opts [Symbol] :mode Default value: `:strict` (`:rfc4648`).
|
62
|
+
# Other values are `:rfc2045` or `:urlsafe`.
|
63
|
+
# @see https://ruby-doc.org/3.2.2/stdlibs/base64/Base64.html
|
64
64
|
# @return [Boolean] `true` if the string is a valid base64 string, `false`
|
65
65
|
# else.
|
66
66
|
# @example
|
data/lib/ctf_party/binary.rb
CHANGED
@@ -74,4 +74,32 @@ class String
|
|
74
74
|
def bin2str!(opts = {})
|
75
75
|
from_bin!(opts)
|
76
76
|
end
|
77
|
+
|
78
|
+
# Convert a binary string to decimal (binary to hexadecimal then hexadecimal to decimal)
|
79
|
+
# @param opts [Hash] optional parameters (see {String#bin2hex} and {String#hex2dec})
|
80
|
+
# @return [String] the decimal encoded string
|
81
|
+
# @example
|
82
|
+
# '011000100110100101101110011000010111001001111001'.bin2dec # => "108204962968185"
|
83
|
+
def bin2dec(opts = {})
|
84
|
+
bin2hex(opts).hex2dec(opts)
|
85
|
+
end
|
86
|
+
|
87
|
+
# Convert a binary string to decimal in place as described for {String#bin2dec}.
|
88
|
+
def bin2dec!(opts = {})
|
89
|
+
replace(bin2dec(opts))
|
90
|
+
end
|
91
|
+
|
92
|
+
# Convert a decimal string to binary (decimal to hexadecimal then hexadecimal to binary)
|
93
|
+
# @param opts [Hash] optional parameters (see {String#dec2hex} and {String#hex2bin})
|
94
|
+
# @return [String] the binary encoded string
|
95
|
+
# @example
|
96
|
+
# '474316169578'.dec2bin # => "0110111001101111011100100110000101101010"
|
97
|
+
def dec2bin(opts = {})
|
98
|
+
dec2hex(opts).hex2bin(opts)
|
99
|
+
end
|
100
|
+
|
101
|
+
# Convert a decimal string to binary in place as described for {String#dec2bin}.
|
102
|
+
def dec2bin!(opts = {})
|
103
|
+
replace(dec2bin(opts))
|
104
|
+
end
|
77
105
|
end
|
data/lib/ctf_party/cgi.rb
CHANGED
@@ -5,11 +5,11 @@ require 'cgi'
|
|
5
5
|
require 'uri'
|
6
6
|
|
7
7
|
class String
|
8
|
-
# URL-encode the URL string (
|
8
|
+
# URL-encode the URL string (RFC 2396)
|
9
9
|
# @return [String] the URL-encoded string
|
10
10
|
# @example
|
11
11
|
# 'http://vulnerable.site/search.aspx?txt="><script>alert(/Rubyfu/.source)</script>'.urlencode # => "http://vulnerable.site/search.aspx?txt=%22%3E%3Cscript%3Ealert(/Rubyfu/.source)%3C/script%3E"
|
12
|
-
# "'Stop!' said Fred" # => "'Stop!'%20said%20Fred"
|
12
|
+
# "'Stop!' said Fred".urlencode # => "'Stop!'%20said%20Fred"
|
13
13
|
def urlencode
|
14
14
|
URI::Parser.new.escape self
|
15
15
|
end
|
@@ -19,21 +19,21 @@ class String
|
|
19
19
|
replace(urlencode)
|
20
20
|
end
|
21
21
|
|
22
|
-
# URL-encode
|
23
|
-
# @return [String] the URL-encoded
|
22
|
+
# URL-encode form data (`application/x-www-form-urlencoded`) string
|
23
|
+
# @return [String] the URL-encoded data
|
24
24
|
# @example
|
25
|
-
# "'Stop!' said Fred".
|
26
|
-
# 'http://vulnerable.site/search.aspx?txt="><script>alert(/Rubyfu/.source)</script>'.
|
27
|
-
def
|
25
|
+
# "'Stop!' said Fred".urlencode_data # => "%27Stop%21%27+said+Fred"
|
26
|
+
# 'http://vulnerable.site/search.aspx?txt="><script>alert(/Rubyfu/.source)</script>'.urlencode_data # => "http%3A%2F%2Fvulnerable.site%2Fsearch.aspx%3Ftxt%3D%22%3E%3Cscript%3Ealert%28%2FRubyfu%2F.source%29%3C%2Fscript%3E"
|
27
|
+
def urlencode_data
|
28
28
|
CGI.escape self
|
29
29
|
end
|
30
30
|
|
31
|
-
# URL-encode the
|
32
|
-
def
|
33
|
-
replace(
|
31
|
+
# URL-encode the data in place as described for {String#urlencode_data}.
|
32
|
+
def urlencode_data!
|
33
|
+
replace(urlencode_data)
|
34
34
|
end
|
35
35
|
|
36
|
-
# URL-decode the URL string (
|
36
|
+
# URL-decode the URL string (RFC 2396)
|
37
37
|
# @return [String] the URL-decoded string
|
38
38
|
# @example
|
39
39
|
# 'http://vulnerable.site/search.aspx?txt=%22%3E%3Cscript%3Ealert(/Rubyfu/.source)%3C/script%3E'.urldecode # => "http://vulnerable.site/search.aspx?txt=\"><script>alert(/Rubyfu/.source)</script>"
|
@@ -49,20 +49,20 @@ class String
|
|
49
49
|
replace(urldecode)
|
50
50
|
end
|
51
51
|
|
52
|
-
# URL-decode the
|
52
|
+
# URL-decode the form data (`application/x-www-form-urlencoded`) string
|
53
53
|
# @return [String] the URL-decoded string
|
54
54
|
# @example
|
55
|
-
# 'http://vulnerable.site/search.aspx?txt=%22%3E%3Cscript%3Ealert(/Rubyfu/.source)%3C/script%3E'.
|
56
|
-
# 'http%3A%2F%2Fvulnerable.site%2Fsearch.aspx%3Ftxt%3D%22%3E%3Cscript%3Ealert%28%2FRubyfu%2F.source%29%3C%2Fscript%3E'.
|
57
|
-
# "'Stop!'%20said%20Fred".
|
58
|
-
# '%27Stop%21%27+said+Fred'.
|
59
|
-
def
|
55
|
+
# 'http://vulnerable.site/search.aspx?txt=%22%3E%3Cscript%3Ealert(/Rubyfu/.source)%3C/script%3E'.urldecode_data # => "http://vulnerable.site/search.aspx?txt=\"><script>alert(/Rubyfu/.source)</script>"
|
56
|
+
# 'http%3A%2F%2Fvulnerable.site%2Fsearch.aspx%3Ftxt%3D%22%3E%3Cscript%3Ealert%28%2FRubyfu%2F.source%29%3C%2Fscript%3E'.urldecode_data # => "http://vulnerable.site/search.aspx?txt=\"><script>alert(/Rubyfu/.source)</script>"
|
57
|
+
# "'Stop!'%20said%20Fred".urldecode_data => "'Stop!' said Fred"
|
58
|
+
# '%27Stop%21%27+said+Fred'.urldecode_data # => "'Stop!' said Fred"
|
59
|
+
def urldecode_data
|
60
60
|
CGI.unescape self
|
61
61
|
end
|
62
62
|
|
63
|
-
# URL-decode the string in place as described for {String#
|
64
|
-
def
|
65
|
-
replace(
|
63
|
+
# URL-decode the string in place as described for {String#urldecode_data}.
|
64
|
+
def urldecode_data!
|
65
|
+
replace(urldecode_data)
|
66
66
|
end
|
67
67
|
|
68
68
|
# HTML escape the string
|
@@ -90,4 +90,32 @@ class String
|
|
90
90
|
def htmlunescape!
|
91
91
|
replace(htmlunescape)
|
92
92
|
end
|
93
|
+
|
94
|
+
# URL-encode the URL component string (RFC 3986)
|
95
|
+
# @return [String] URL-encoded component string
|
96
|
+
# @example
|
97
|
+
# 'http://vulnerable.site/search.aspx?txt="><script>alert(/Rubyfu/.source)</script>'.urlencode_component # => "http%3A%2F%2Fvulnerable.site%2Fsearch.aspx%3Ftxt%3D%22%3E%3Cscript%3Ealert%28%2FRubyfu%2F.source%29%3C%2Fscript%3E"
|
98
|
+
# "'Stop!' said Fred".urlencode_component # => "%27Stop%21%27%20said%20Fred"
|
99
|
+
def urlencode_component
|
100
|
+
CGI.escapeURIComponent self
|
101
|
+
end
|
102
|
+
|
103
|
+
# URL-encode the URL component string (RFC 3986) as described for {String#urlencode_component}.
|
104
|
+
def urlencode_component!
|
105
|
+
replace(urlencode_component)
|
106
|
+
end
|
107
|
+
|
108
|
+
# URL-decode the URL component string (RFC 3986)
|
109
|
+
# @return [String] URL-decoded component string
|
110
|
+
# @example
|
111
|
+
# 'http%3A%2F%2Fvulnerable.site%2Fsearch.aspx%3Ftxt%3D%22%3E%3Cscript%3Ealert%28%2FRubyfu%2F.source%29%3C%2Fscript%3E'.urldecode_component # => "http://vulnerable.site/search.aspx?txt=\"><script>alert(/Rubyfu/.source)</script>"
|
112
|
+
# '%27Stop%21%27%20said%20Fred'.urldecode_component # => "'Stop!' said Fred"
|
113
|
+
def urldecode_component
|
114
|
+
CGI.unescapeURIComponent self
|
115
|
+
end
|
116
|
+
|
117
|
+
# URL-decode the URL component string (RFC 3986) as described for {String#urldecode_component}.
|
118
|
+
def urldecode_component!
|
119
|
+
replace(urldecode_component)
|
120
|
+
end
|
93
121
|
end
|
data/lib/ctf_party/dec.rb
CHANGED
@@ -2,48 +2,50 @@
|
|
2
2
|
|
3
3
|
class String
|
4
4
|
# Encode a string into decimal (string to hexadecimal then hexadecimal to decimal)
|
5
|
+
# @param opts [Hash] optional parameters (see {String#to_hex} and {String#hex2dec})
|
5
6
|
# @return [String] the decimal encoded string
|
6
7
|
# @example
|
7
8
|
# 'noraj'.to_dec # => "474316169578"
|
8
|
-
def to_dec
|
9
|
-
|
9
|
+
def to_dec(opts = {})
|
10
|
+
to_hex(opts).hex2dec(opts)
|
10
11
|
end
|
11
12
|
|
12
13
|
# Encode a string into decimal in place as described for {String#to_dec}.
|
13
|
-
def to_dec!
|
14
|
-
replace(to_dec)
|
14
|
+
def to_dec!(opts = {})
|
15
|
+
replace(to_dec(opts))
|
15
16
|
end
|
16
17
|
|
17
18
|
# Decode a decimal string (decimal to hexadecimal then hexadecimal to string)
|
19
|
+
# @param opts [Hash] optional parameters (see {String#dec2hex} and {String#from_hex})
|
18
20
|
# @return [String] the decimal decoded string
|
19
21
|
# @example
|
20
22
|
# '1834615104613964215417'.from_dec # => "ctf-party"
|
21
|
-
def from_dec
|
22
|
-
dec2hex.
|
23
|
+
def from_dec(opts = {})
|
24
|
+
dec2hex(opts).from_hex(opts)
|
23
25
|
end
|
24
26
|
|
25
27
|
# Decode a decimal string in place as described for {String#from_dec}.
|
26
|
-
def from_dec!
|
27
|
-
replace(from_dec)
|
28
|
+
def from_dec!(opts = {})
|
29
|
+
replace(from_dec(opts))
|
28
30
|
end
|
29
31
|
|
30
32
|
# Alias for {String#to_dec}.
|
31
|
-
def str2dec
|
32
|
-
to_dec
|
33
|
+
def str2dec(opts = {})
|
34
|
+
to_dec(opts)
|
33
35
|
end
|
34
36
|
|
35
37
|
# Alias for {String#to_dec!}.
|
36
|
-
def str2dec!
|
37
|
-
replace(str2dec)
|
38
|
+
def str2dec!(opts = {})
|
39
|
+
replace(str2dec(opts))
|
38
40
|
end
|
39
41
|
|
40
42
|
# Alias for {String#from_dec}.
|
41
|
-
def dec2str
|
42
|
-
from_dec
|
43
|
+
def dec2str(opts = {})
|
44
|
+
from_dec(opts)
|
43
45
|
end
|
44
46
|
|
45
47
|
# Alias for {String#from_dec!}.
|
46
|
-
def dec2str!
|
47
|
-
replace(dec2str)
|
48
|
+
def dec2str!(opts = {})
|
49
|
+
replace(dec2str(opts))
|
48
50
|
end
|
49
51
|
end
|
data/lib/ctf_party/defang.rb
CHANGED
@@ -80,6 +80,17 @@ class String
|
|
80
80
|
puts e
|
81
81
|
return gsub('.', '[.]')
|
82
82
|
end
|
83
|
+
begin
|
84
|
+
# temporary fix until backport for ruby 3.0 https://github.com/ruby/ruby/pull/7260
|
85
|
+
# rubocop:disable Lint/Void
|
86
|
+
URI::WS
|
87
|
+
URI::WSS
|
88
|
+
# rubocop:enable Lint/Void
|
89
|
+
rescue NameError => e
|
90
|
+
puts e
|
91
|
+
require 'uri/ws'
|
92
|
+
require 'uri/wss'
|
93
|
+
end
|
83
94
|
case uri
|
84
95
|
when URI::HTTP, URI::HTTPS, URI::FTP
|
85
96
|
uri.scheme = uri.scheme.gsub(/t/i, 'x')
|
data/lib/ctf_party/hex.rb
CHANGED
@@ -59,7 +59,7 @@ class String
|
|
59
59
|
out = ('0' * (opts[:padding] - out.size)) + out if out.size < opts[:padding]
|
60
60
|
# char case management
|
61
61
|
out = out.upcase if opts[:case] == :upper
|
62
|
-
# adding prefix must be done after case change, complex conditional to avoid cropping when odd byte
|
62
|
+
# adding prefix must be done after case change, complex conditional to avoid cropping when odd byte length
|
63
63
|
out = (out.size.odd? ? [out[0]] + out[1..].scan(/.{1,2}/) : out.scan(/.{2}/)).map do |x|
|
64
64
|
opts[:prefixall] + x
|
65
65
|
end.join
|
@@ -181,6 +181,8 @@ class String
|
|
181
181
|
# @param opts [Hash] optional parameters
|
182
182
|
# @option opts [String] :prefix Prefix of the input. Default value is a void
|
183
183
|
# string. Example of values: `0x`, `\x`, `\\x`.
|
184
|
+
# @option opts [Integer] :even Returns an even number of chars (pad with `0`). Default value is a 1.
|
185
|
+
# `0` for false and `1` for true.
|
184
186
|
# @return [String] the binary encoded string
|
185
187
|
# @example
|
186
188
|
# 'ab'.hex2bin # => "10101011"
|
@@ -188,10 +190,14 @@ class String
|
|
188
190
|
# '\\x6e\\x6f\\x72\\x61\\x6a'.hex2bin(prefix: '\\x') # => "110111001101111011100100110000101101010"
|
189
191
|
def hex2bin(opts = {})
|
190
192
|
opts[:prefix] ||= ''
|
193
|
+
opts[:even] ||= 1
|
191
194
|
# remove prefix
|
192
195
|
out = gsub(opts[:prefix], '')
|
193
196
|
# convert
|
194
|
-
|
197
|
+
out = out.to_i(16).to_s(2)
|
198
|
+
# padding
|
199
|
+
out = "0#{out}" if out.size.odd? && opts[:even] == 1
|
200
|
+
return out
|
195
201
|
end
|
196
202
|
|
197
203
|
# Encode an hexadecimal string to a binary string in place as described
|
@@ -225,8 +231,10 @@ class String
|
|
225
231
|
out = to_i(2).to_s(16)
|
226
232
|
# char case management
|
227
233
|
out = out.upcase if opts[:case] == :upper
|
228
|
-
# adding prefix must be done after case change
|
229
|
-
out = out.scan(/.{2}/).map
|
234
|
+
# adding prefix must be done after case change, complex conditional to avoid cropping when odd byte length
|
235
|
+
out = (out.size.odd? ? [out[0]] + out[1..].scan(/.{1,2}/) : out.scan(/.{2}/)).map do |x|
|
236
|
+
opts[:prefixall] + x
|
237
|
+
end.join
|
230
238
|
return opts[:prefix] + out
|
231
239
|
end
|
232
240
|
|
@@ -240,7 +248,7 @@ class String
|
|
240
248
|
replace(bin2hex(opts))
|
241
249
|
end
|
242
250
|
|
243
|
-
# Decode a hexadecimal
|
251
|
+
# Decode a hexadecimal IPv4 string into a dotted decimal one
|
244
252
|
# @param opts [Hash] optional parameters
|
245
253
|
# @option opts [String] :prefix Prefix of the input. Default value is a void
|
246
254
|
# string. Example of values: `0x`, `\x`, '\\x'.
|
@@ -248,10 +256,10 @@ class String
|
|
248
256
|
# (`:high` default) or low nibble first (`:low`, used on Unix `/proc/net/tcp`).
|
249
257
|
# @return [String] the dotted decimal IP
|
250
258
|
# @example
|
251
|
-
# '0100007F'.
|
252
|
-
# '0x7f000001'.
|
253
|
-
# '\\x7f\\x00\\x00\\x01'.
|
254
|
-
def
|
259
|
+
# '0100007F'.from_hexipv4(nibble: :low) # => "127.0.0.1"
|
260
|
+
# '0x7f000001'.from_hexipv4(prefix: '0x') # => "127.0.0.1"
|
261
|
+
# '\\x7f\\x00\\x00\\x01'.from_hexipv4(prefix: '\\x') # => "127.0.0.1"
|
262
|
+
def from_hexipv4(opts = {})
|
255
263
|
opts[:prefix] ||= ''
|
256
264
|
opts[:nibble] ||= :high
|
257
265
|
# remove prefix
|
@@ -262,13 +270,44 @@ class String
|
|
262
270
|
out.join('.')
|
263
271
|
end
|
264
272
|
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
273
|
+
alias from_hexip from_hexipv4
|
274
|
+
|
275
|
+
# Decode a hexadecimal IPv4 string into a dotted decimal one in place as described
|
276
|
+
# for {String#from_hexipv4}.
|
277
|
+
def from_hexipv4!(opts = {})
|
278
|
+
replace(from_hexipv4(opts))
|
279
|
+
end
|
280
|
+
|
281
|
+
alias from_hexip! from_hexipv4!
|
282
|
+
|
283
|
+
# Decode a hexadecimal IPv6 string into a the double-dotted hexadecimal format
|
284
|
+
# @param opts [Hash] optional parameters
|
285
|
+
# @option opts [String] :prefix Prefix of the input. Default value is a void
|
286
|
+
# string. Example of values: `0x`, `\x`, '\\x'.
|
287
|
+
# @return [String] the double-dotted hexadecimal format
|
288
|
+
# @example
|
289
|
+
# '000080FE00000000FF005450B6AD1DFE'.from_hexipv6 # => "[fe80::5054:ff:fe1d:adb6]"
|
290
|
+
# '0x000080FE00000000FF005450B6AD1DFE'.from_hexipv6(prefix: '0x') # => "[fe80::5054:ff:fe1d:adb6]"
|
291
|
+
# '00000000000000000000000000000000'.from_hexipv6 # => "[::]"
|
292
|
+
def from_hexipv6(opts = {})
|
293
|
+
opts[:prefix] ||= ''
|
294
|
+
# remove prefix
|
295
|
+
out = gsub(opts[:prefix], '')
|
296
|
+
# convert
|
297
|
+
out = out.scan(/.{2}/).reverse.join
|
298
|
+
out = out.scan(/.{8}/).reverse.join
|
299
|
+
out = out.scan(/.{4}/).map { |x| x.sub(/^0+/, '') }.join(':')
|
300
|
+
out = out.sub(/:{3,}/, '::').downcase
|
301
|
+
"[#{out}]"
|
302
|
+
end
|
303
|
+
|
304
|
+
# Decode a hexadecimal IPv6 string into a the double-dotted hexadecimal format in place as described
|
305
|
+
# for {String#from_hexipv6}.
|
306
|
+
def from_hexipv6!(opts = {})
|
307
|
+
replace(from_hexipv6(opts))
|
269
308
|
end
|
270
309
|
|
271
|
-
# Encode a dotted decimal
|
310
|
+
# Encode a dotted decimal IPv4 into a hexadecimal one
|
272
311
|
# @param opts [Hash] optional parameters
|
273
312
|
# @option opts [String] :prefix Prefix of the output. Default value is a void
|
274
313
|
# string. Example of values: `0x`, `\x`.
|
@@ -280,10 +319,10 @@ class String
|
|
280
319
|
# (`:high` default) or low nibble first (`:low`, used on Unix `/proc/net/tcp`).
|
281
320
|
# @return [String] the hexadecimal encoded IP
|
282
321
|
# @example
|
283
|
-
# '127.0.0.1'.
|
284
|
-
# '127.0.0.1'.
|
285
|
-
# '127.0.0.1'.
|
286
|
-
def
|
322
|
+
# '127.0.0.1'.to_hexipv4 # => "7f000001"
|
323
|
+
# '127.0.0.1'.to_hexipv4(nibble: :low) # => "0100007f"
|
324
|
+
# '127.0.0.1'.to_hexipv4(prefixall: '\\x') # => "\\x7f\\x00\\x00\\x01"
|
325
|
+
def to_hexipv4(opts = {})
|
287
326
|
opts[:prefix] ||= ''
|
288
327
|
opts[:prefixall] ||= ''
|
289
328
|
opts[:case] ||= :lower
|
@@ -299,9 +338,13 @@ class String
|
|
299
338
|
return opts[:prefix] + out
|
300
339
|
end
|
301
340
|
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
341
|
+
alias to_hexip to_hexipv4
|
342
|
+
|
343
|
+
# Encode a dotted decimal IPv4 into a hexadecimal one in place as described
|
344
|
+
# for {String#to_hexipv4}.
|
345
|
+
def to_hexipv4!(opts = {})
|
346
|
+
replace(to_hexipv4(opts))
|
306
347
|
end
|
348
|
+
|
349
|
+
alias to_hexip! to_hexipv4!
|
307
350
|
end
|
data/lib/ctf_party/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ctf-party
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Alexandre ZANNI
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-01-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: docopt
|
@@ -24,12 +24,32 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0.6'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: uri
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 0.12.1
|
34
|
+
- - "<"
|
35
|
+
- !ruby/object:Gem::Version
|
36
|
+
version: 0.14.0
|
37
|
+
type: :runtime
|
38
|
+
prerelease: false
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
40
|
+
requirements:
|
41
|
+
- - ">="
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: 0.12.1
|
44
|
+
- - "<"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: 0.14.0
|
27
47
|
description: A CLI tool & library to enhance and speed up script/exploit writing for
|
28
48
|
CTF players (or security researchers, bug bounty hunters, pentesters but mostly
|
29
49
|
focused on CTF) by patching the String class to add a short syntax of usual code
|
30
50
|
patterns. Methods for base64, digest (hash), flag, rot (Caesar), hexadecimal, case,
|
31
51
|
cgi (URL encoding/decoding, HTML escaping/unescaping), binary, leet (1337), decimal,
|
32
|
-
XOR, whitespace strip.
|
52
|
+
XOR, whitespace strip, IP/URI/domain/email defang/refang.
|
33
53
|
email: alexandre.zanni@engineer.com
|
34
54
|
executables:
|
35
55
|
- ctf-party
|
@@ -75,17 +95,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
75
95
|
requirements:
|
76
96
|
- - ">="
|
77
97
|
- !ruby/object:Gem::Version
|
78
|
-
version:
|
98
|
+
version: 3.0.0
|
79
99
|
- - "<"
|
80
100
|
- !ruby/object:Gem::Version
|
81
|
-
version: '
|
101
|
+
version: '4.0'
|
82
102
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
83
103
|
requirements:
|
84
104
|
- - ">="
|
85
105
|
- !ruby/object:Gem::Version
|
86
106
|
version: '0'
|
87
107
|
requirements: []
|
88
|
-
rubygems_version: 3.
|
108
|
+
rubygems_version: 3.5.3
|
89
109
|
signing_key:
|
90
110
|
specification_version: 4
|
91
111
|
summary: A CLI tool & library to enhance and speed up script/exploit writing with
|