pentesting 0.24.2 → 0.24.3

package/dist/prompts/ctf-mode.md

@@ -1,22 +1,221 @@
-# CTF Mode — Flag Tracking Active
+# CTF Mode — Competitive Flag Hunting Protocol
 
-CTF mode enables **automatic flag detection and tracking** in all tool output.
+CTF mode enables **automatic flag detection, time-aware strategy, and aggressive exploitation** optimized for competitive CTF environments.
 
-## What CTF Mode Does
+## 🏁 Flag Detection (Auto-Active)
 
-- **Flag detection**: All tool output is scanned for known flag patterns
-  (HTB, THM, picoCTF, DEF CON OOO, CSAW, Google CTF, and generic `FLAG{...}` formats)
-- **Auto-recording**: Detected flags are automatically saved via `add_loot`
-- **Multiple flags**: Some challenges have multiple flags — keep hunting after the first
+- **All tool output** is scanned for known flag patterns (50+ formats)
+- Detected flags are **auto-recorded** via `add_loot`
+- **Decode suspicious strings**: base64, hex, rot13, URL encoding, binary
+- Proof files (`user.txt`, `root.txt`) contain hex hashes — these ARE flags
+- Multiple flags per challenge are common — **keep hunting after the first**
+- **Environment variables** and **database entries** often contain flags
 
-## Flag Submission
+## ⏱️ Time Management Protocol
 
-When a flag is detected:
-- Check if a scoreboard URL exists — submit if so
-- Flags may be encoded (base64, hex, rot13) — decode suspicious strings
-- Proof files (user.txt, root.txt) may contain hex hashes — these ARE flags
+CTF = time-constrained. Every second counts. Follow this decision framework:
+
+```
+FIRST 10 MINUTES (Survey Phase):
+├── Full port scan (-Pn -p- --min-rate=5000)
+├── Quick service version detection on open ports
+├── Identify challenge category (web/pwn/crypto/forensics/reversing/misc)
+├── Check for low-hanging fruit: default creds, exposed files, known CVEs
+└── Record ALL findings → update_mission immediately
+
+10-30 MINUTES (Targeted Attack):
+├── Focus on highest-probability attack vector
+├── Version+service → web_search("{service} {version} exploit CVE") IMMEDIATELY
+├── Web: directory fuzzing + injection probes in parallel
+├── If stuck after 15 min on one vector → SWITCH to next
+└── Background: hash cracking, brute force if applicable
+
+30-60 MINUTES (Deep Exploitation):
+├── Chain findings: LFI→RCE, SQLi→file write→shell, SSRF→internal
+├── Custom exploit development: write_file → run_cmd
+├── Source code analysis if .git, .bak, .swp found
+└── Multiple attack paths simultaneously (background processes)
+
+60+ MINUTES (Pivot & Escalate):
+├── Privilege escalation: ALL categories systematically
+├── Lateral movement if internal network exists
+├── Creative hunting: unusual files, hidden services, config secrets
+└── Re-examine ALL earlier findings with new context/access
+
+FINAL 15 MINUTES:
+├── Submit any discovered flags NOT yet submitted
+├── Re-check flag search on all accessible systems
+├── Document proof of exploitation
+└── Check for flags in non-obvious locations (env vars, DBs, binary strings)
+```
+
+### Time-Boxing Rule
+**If stuck on ONE vector for more than 15 minutes → SWITCH.**
+- Record what you tried in `update_mission`
+- Move to next highest-probability vector
+- Come back later with new information/tools
+- **Never tunnel-vision on a single approach**
+
+## 🏆 Competition Type Strategies
+
+### Jeopardy-Style CTF (Most Common)
+```
+Category priorities (by typical point efficiency):
+1. Web → Usually most familiar, quickest solves
+2. Misc/Scripting → Often simple but creative
+3. Forensics → Methodical, tools-driven
+4. Crypto → Formula-based, can be automated
+5. Pwn → Time-intensive, high points
+6. Reversing → Most time-intensive
+
+Strategy:
+├── Solve ALL easy challenges first (100-200pt)
+├── Then attack medium challenges in strongest category
+├── Only attempt hard challenges if time remains
+├── Dynamic scoring: popular challenges = less points, rare = more
+└── First bloods matter: speed on new challenges
+```
+
+### Attack-Defense CTF
+```
+DUAL-MODE: Attack opponents while defending your own services
+├── DEFEND FIRST (10 min): patch obvious vulns in your services
+│   ├── Identify service source code → read quickly
+│   ├── Fix: SQLi, command injection, hardcoded creds, path traversal
+│   ├── Don't break functionality (SLA checks!)
+│   └── Set up traffic monitoring on your services
+├── ATTACK: exploit same vulns in other teams
+│   ├── Your patches tell you WHAT the vulns are → exploit those in opponents
+│   ├── Automate: write exploit scripts that run against all team IPs
+│   ├── Flag submission API: automate submission after each round
+│   └── Rotate exploits — teams will patch, need new vectors
+└── MONITOR: watch for attacks against you
+    ├── tcpdump on service ports → detect incoming exploits
+    ├── Read opponent exploit traffic → learn new attack vectors
+    └── Patch what they're exploiting
+```
+
+### King-of-the-Hill (KOTH)
+```
+├── Speed is everything → fastest to root keeps the crown
+├── Persistence: SSH key, cron job, hidden web shell
+├── Monitor for other players resetting the box
+├── Multiple persistence mechanisms (they'll remove some)
+└── OPSEC: don't leave obvious traces that show your method
+```
+
+### Infrastructure/Boot2Root (HTB/THM-style)
+```
+├── Linear path: Recon → Foothold → User → Root
+├── Usually ONE intended path (sometimes alternate)
+├── user.txt = user-level flag, root.txt = root-level flag
+├── Enumerate EVERYTHING before exploiting
+└── If stuck → web_search("{box_name} walkthrough hints")
+```
+
+## 🧠 Challenge Type Quick-Start Protocols
+
+### Web Challenges
+```
+1. whatweb + curl headers → technology fingerprint
+2. Directory/file discovery (ffuf/gobuster with common.txt)
+3. Source code review (view-source, .js files, comments)
+4. Input point mapping → test ALL of: SQLi, SSTI, XSS, CMDi, SSRF, LFI, XXE
+5. robots.txt, .git/HEAD, .env, sitemap.xml, backup files
+6. Cookie/session analysis → JWT decode, session fixation
+7. API endpoints → parameter fuzzing, IDOR, mass assignment
+```
+
+### Pwn (Binary Exploitation) Challenges
+```
+1. file + checksec → identify protections (NX, PIE, Canary, RELRO)
+2. Run binary locally → understand normal behavior
+3. Decompile (Ghidra/r2) → find vulnerability
+4. Classify: buffer overflow / format string / heap / use-after-free
+5. Develop exploit with pwntools
+6. Remote: adapt offsets for remote libc (libc database lookup)
+7. Common patterns: ret2libc, ROP chain, ret2win, shellcode
+```
+
+### Crypto Challenges
+```
+1. Identify the cryptosystem (RSA, AES, XOR, custom)
+2. Check for known weaknesses:
+   ├── RSA: small e, shared factor, Wiener, Hastad, Franklin-Reiter
+   ├── AES: ECB mode detection, padding oracle, IV reuse, bit-flipping
+   ├── XOR: known-plaintext, frequency analysis, key length detection
+   ├── Hash: length extension, collision, rainbow table
+   └── Custom: analyze algorithm logic for mathematical weakness
+3. Use tools: SageMath, RsaCtfTool, PyCryptodome, hashcat
+4. web_search("{specific_crypto} CTF attack")
+```
+
+### Forensics Challenges
+```
+1. file command → identify file type
+2. binwalk → check for embedded files
+3. exiftool → metadata analysis
+4. strings / hexdump → look for flags or clues
+5. By file type:
+   ├── PCAP: Wireshark, tshark filters, follow TCP stream, HTTP objects
+   ├── Memory dump: volatility3 (pslist, filescan, dumpfiles, hashdump)
+   ├── Disk image: mount, autopsy, sleuthkit
+   ├── Image: steghide, zsteg, stegsolve, LSB analysis
+   ├── PDF: pdftotext, embedded JS, streams
+   └── Archive: nested archives, password brute-force (fcrackzip, john)
+```
+
+### Reversing Challenges
+```
+1. file → identify architecture and format
+2. strings → quick flag check, interesting strings
+3. ltrace/strace → runtime behavior analysis
+4. Ghidra/r2/IDA → decompile main function
+5. Identify check logic → extract/bypass:
+   ├── Simple comparison → extract expected value
+   ├── Transformation → reverse the algorithm
+   ├── Anti-debug → patch or bypass (ptrace check, timing)
+   ├── Obfuscated → de-obfuscate layer by layer
+   └── Constraint solving → angr or z3 for automatic solving
+6. web_search("{binary_behavior} CTF reverse engineering")
+```
+
+### Misc Challenges
+```
+├── Scripting: pyjail escape, restricted shell bypass, calc jail
+│   ├── Python: __builtins__, __import__, eval, exec bypass
+│   ├── Bash: restricted shell escape (vi, awk, find -exec)
+│   └── PHP: disable_functions bypass
+├── OSINT: use dorking, wayback machine, social media
+├── Encoding: multi-layer decode (base64→hex→rot13→morse)
+├── Programming: automation scripts for brute-force/calculation
+└── Network: unusual protocols, custom services, raw socket interaction
+```
+
+## 🔥 CTF-Specific Aggression Rules
+
+1. **No scope restrictions in CTF** — everything provided is fair game
+2. **Don't be gentle** — aggressive scanning, brute force, destructive testing OK
+3. **Speed over stealth** — no IDS/IPS concern in CTF
+4. **Tool everything** — `nmap -T5`, `ffuf -mc all`, `sqlmap --batch --level=5 --risk=3`
+5. **Custom scripting** — if a tool doesn't exist, write it (Python/Bash)
+6. **Read ALL source code** — comments often contain hints
+7. **Check EVERYTHING twice** — with different tools/perspectives
+8. **Parallel execution** — background processes for slow tasks, foreground for interactive
+
+## 📊 Score Optimization
+
+```
+Point maximization strategy:
+├── Easy challenges (100-200pt): Solve in 5-15 min → HIGH ROI
+├── Medium challenges (300-500pt): Solve in 30-60 min → MEDIUM ROI
+├── Hard challenges (500-1000pt): Solve in 60-120 min → LOW ROI (but prestige)
+├── First blood bonus: Prioritize NEW challenges released during competition
+├── Hint system: Use hints if available — partial points > no points
+└── Partial flags: Some challenges accept partial progress — submit what you have
+```
 
 ## Everything Else
 
-Strategy, speed, aggression, proof collection, clue detection, time management —
+Strategy, speed, aggression, proof collection, clue detection —
 these are **always active** regardless of CTF mode. See `strategy.md`.

package/dist/prompts/strategy.md

@@ -372,3 +372,54 @@ When JWT tokens are discovered:
 ├── Brute force secret: hashcat -m 16500 jwt.txt rockyou.txt
 └── web_search("JWT attack techniques {year}")
 ```
+
+## ⚙️ Context Digest — "Raw Output Is Data. Digested Output Is Intelligence."
+
+### Core Philosophy
+```
+Long tool output is the #1 threat to agent effectiveness.
+A 200KB nmap scan where 199KB is noise and 1KB is critical findings
+will drown your context window and make you FORGET earlier discoveries.
+
+THE SOLUTION: 3-Layer Context Digest
+─────────────────────────────────────
+Layer 1 — Pattern Extraction (cost: 0ms)
+  Regex-based. Knows nmap, linpeas, enum4linux, gobuster, sqlmap, hashes.
+  Extracts open ports, CVEs, credentials, SUID binaries, discovered paths.
+
+Layer 2 — Structural Reduction (cost: ~1ms)
+  Strips ANSI escapes, progress bars, duplicate lines.
+  1000x "404 Not Found" → "[1000 similar lines collapsed]"
+  Signal lines (errors, credentials, CVEs, flags) are NEVER removed.
+
+Layer 3 — Semantic Digest (cost: ~2-5s, separate LLM call)
+  Only fires for truly massive outputs (>50K after Layer 1+2).
+  Produces a focused 30-line intelligence summary.
+  Full output is ALWAYS saved to ~/.pentesting/outputs/ for reference.
+```
+
+### Agent Behavioral Rules for Output Handling
+```
+1. TRUST THE DIGEST — The intelligence summary at the top of tool output
+   contains the critical findings. Start your analysis there.
+
+2. READ THE FULL OUTPUT WHEN:
+   - The summary says "No actionable findings" but you expected results
+   - You need exact values (full hash, exact file content, raw headers)
+   - The summary mentions something you want to verify
+   → Use read_file on the saved output path shown at the bottom
+
+3. NEVER re-run a tool just because the output was compressed.
+   The full output is SAVED. Read the file instead.
+
+4. When output is truncated, the TAIL may be missing.
+   Check the saved file for anything that was cut off.
+
+5. Signal lines are ALWAYS preserved through compression:
+   - Error messages, warnings
+   - Credentials, hashes, tokens, keys
+   - CVE references
+   - Open ports, interesting paths
+   - CTF flags
+```
+

package/dist/prompts/techniques/crypto.md

@@ -155,3 +155,142 @@ Side-channel (rare but appears at DEF CON):
 └── Cache timing: Flush+Reload on shared libraries
 ```
 
+## Hash Attacks (Beyond Cracking)
+
+```
+Length Extension Attack:
+├── Vulnerable: MD5, SHA1, SHA256 (Merkle-Damgård construction)
+├── NOT vulnerable: SHA3, HMAC, truncated hashes
+├── Tool: hash_extender or HashPump
+│   hash_extender --data "known" --secret-len 16 --append "admin=true" --signature <hash>
+├── When to use: MAC = H(secret || user_data) → append data without knowing secret
+└── Result: valid MAC for extended message
+
+Collision Attack:
+├── MD5: Generate two files with same MD5 hash
+│   Tool: fastcoll or HashClash
+│   Use: bypass file comparison, forge certificates
+├── SHA1: SHAttered (practical collision exists)
+└── When: "if md5(file1) == md5(file2)" type checks
+
+Rainbow Table:
+├── CrackStation: crackstation.net for quick lookups
+├── hashes.org: community hash lookup
+├── For custom charsets: rtgen from RainbowCrack project
+└── Limited to unsalted hashes
+```
+
+## RSA — Extended Attack Catalog
+
+```
+═══════════════════════════════════════
+Franklin-Reiter Related Message:
+═══════════════════════════════════════
+├── Two messages with known relationship: m2 = a*m1 + b
+├── Same RSA key → gcd of polynomials → recover both messages
+├── Common: m2 = m1 + padding_difference
+└── SageMath: gcd of (x^e - c1) and ((a*x+b)^e - c2) in Z_n[x]
+
+═══════════════════════════════════════
+Boneh-Durfee:
+═══════════════════════════════════════
+├── Small private exponent (d < n^0.292)
+├── Stronger than Wiener's (which requires d < n^0.25)
+├── Lattice-based: construct lattice → LLL → factor n
+└── Tool: web_search("boneh durfee RSA CTF implementation")
+
+═══════════════════════════════════════
+Multi-prime RSA:
+═══════════════════════════════════════
+├── n = p * q * r (or more primes)
+├── phi = (p-1)(q-1)(r-1)
+├── Each extra prime → easier to factor
+├── factordb.com often factors multi-prime n
+└── Lambda function: lcm(p-1, q-1, r-1) — may be needed for d
+
+═══════════════════════════════════════
+Chinese Remainder Theorem (CRT):
+═══════════════════════════════════════
+├── When: m^e < n (small message, large modulus)
+│   Direct e-th root: m = iroot(c, e) (integer root)
+├── Hastad improved with CRT:
+│   Multiple (n_i, c_i) with same e → CRT → then e-th root
+├── When: same message encrypted with different moduli
+└── SageMath: CRT_list(remainders, moduli)
+
+═══════════════════════════════════════
+RSA with known bits:
+═══════════════════════════════════════
+├── Partial p/q known → Coppersmith small_roots
+├── Partial d known → Coppersmith on d
+├── Example: "p starts with AAAA..." → known MSB → Coppersmith
+└── SageMath: f.small_roots(X=2^unknown_bits, beta=0.5)
+```
+
+## Automated Crypto Solving Strategy
+
+```
+CTF crypto decision tree:
+1. Check: is it a KNOWN cipher? (RSA, AES, XOR, custom)
+2. Extract all parameters from challenge
+3. For RSA:
+   ├── Try RsaCtfTool first (covers 40+ attacks automatically!)
+   │   python3 RsaCtfTool.py -n <n> -e <e> --uncipher <c> --attack all
+   ├── Try factordb.com for n
+   ├── Check e: small e → Hastad/cube root, large e → Wiener/Boneh-Durfee
+   ├── Multiple ciphertexts? → CRT / Franklin-Reiter
+   └── Weird parameters? → web_search("RSA CTF <description>")
+4. For AES:
+   ├── ECB? → byte-at-a-time or ECB penguin
+   ├── CBC? → padding oracle or bit-flip
+   ├── CTR? → nonce reuse → XOR
+   └── Custom mode? → analyze and find weakness
+5. For custom cipher:
+   ├── Read the code CAREFULLY
+   ├── Look for: weak randomness, reused key, algebraic weakness
+   ├── Z3 solver for constraint problems
+   └── Brute-force if keyspace < 2^32
+6. For encoding puzzles:
+   ├── CyberChef Magic (auto-detect)
+   ├── Multi-layer decode: base64 → hex → XOR → rot13
+   └── dcode.fr for classical ciphers
+
+Essential tools:
+├── RsaCtfTool: github.com/RsaCtfTool/RsaCtfTool
+├── SageMath: for all mathematical crypto
+├── CyberChef: gchq.github.io/CyberChef
+├── PyCryptodome: python crypto library
+├── z3-solver: constraint solving
+├── factordb.com: integer factorization
+└── dcode.fr: classical cipher solver
+```
+
+## SageMath Essential Patterns
+
+```python
+# RSA decryption
+n, e, c = ...
+p, q = factor(n)  # or from factordb
+phi = (p-1)*(q-1)
+d = inverse_mod(e, phi)
+m = pow(c, d, n)
+bytes.fromhex(hex(m)[2:])
+
+# Coppersmith (small roots)
+P.<x> = PolynomialRing(Zmod(n))
+f = x + known_prefix
+roots = f.small_roots(X=2^64, beta=0.5)
+
+# Lattice reduction (LLL)
+M = matrix(ZZ, [...])
+M_reduced = M.LLL()
+
+# ECC discrete log
+E = EllipticCurve(GF(p), [a, b])
+G = E(Gx, Gy)
+P = E(Px, Py)
+d = discrete_log(P, G, G.order(), operation='+')
+
+# CRT
+x = crt([r1, r2, r3], [m1, m2, m3])
+```