{ "info": { "author": "Matt Gerst", "author_email": "mattgerst@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 1 - Planning", "License :: OSI Approved :: MIT License", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6" ], "description": "Flag Slurper\n============\nUtility for grabbing CDC flags from machines.\n\nAuto PWN\n========\nFlag slurper contains a utility for automatically attempting default credentials against team's SSH hosts. This works by\ngrabbing the team list from IScorE and a list of all the services. The default credentials it uses are:\n\n- `root:cdc`\n- `cdc:cdc`\n\nRequirements\n------------\nAutoPWN requires a database. For many cases sqlite will do, but in order to use parallel AutoPWN a server-based database\n(such as postgres) is required. This is due to sqlite only allowing one writer at a time. The database can be configured\nin your flagrc file:\n\n```ini\n[database]\n; For sqlite (default)\nurl=sqlite:///{{ project }}/db.sqlite\n\n; For postgres\nurl=postgres:///slurper\n```\n\nThe ``{{ project }}`` variable is the file path to the current project and is optional.\n\nUsage\n-----\nYou first need to create a project and result database:\n\n```bash\nflag-slurper project init -b ~/cdcs/isu2-18 --name \"ISU2 2018\"\nflag-slurper project create_db\n```\n\nTo generate the team and service list you can simply run:\n\n```bash\nflag-slurper autopwn generate\n```\n\nThis will cache the team an service lists into the database. This will be used by other ``autopwn`` commands so they\ndon't need to keep hitting the IScorE API during the attack phase when the API is getting hammered.\n\nAfter generating the local files, you can then pwn all the things!\n\n```bash\nflag-slurper autopwn pwn\n```\n\nThis will print out what credentials worked on which machines and any flags found. These results are recorded in the\ndatabase and can be viewed like this:\n\n```bash\nflag-slurper autopwn results\n```\n\nProjects\n========\nFlag slurper has the concept of \"projects\". These projects tell flag slurper where to find various files such as the\n``teams.yml`` and ``services.yml`` files. It may also contain other configuration options such as where flags are\nlocated. The primary purpose of the project system is to keep data from different CDCs separate.\n\nTo create a project run:\n\n```bash\nflag-slurper project init --base ~/cdcs/isu2-18 --name \"ISU2 2018\"\n```\n\nThis will create a project named \"ISU2 2018\" in the folder `~/cdcs/isu2-18`. You can then run the following command to\nactivate the project.\n\n```bash\neval $(flag-slurper project env ~/cdcs/isu2-18)\n```\n\nWhen you want to deactivate a project, run the `unslurp` command.\n\nAlternatively, you can specify `--project PATH` on each command. For example:\n\n```bash\nflag-slurper --project ~/cdcs/isu2-18/ autopwn generate\n```\n\nThe above command will generate the local cache data and store it in the project.\n\nFlags\n-----\nThe Auto PWN feature will automatically look in common directories for flags that look like a flag. You can also specify\nlocations to check. The following project file defines the \"Web /root flag\"\n\n```yaml\n_version: \"1.0\"\nproject: ISU2 2018\nbase: ~/cdcs/isu2-18\nflags:\n - service: WWW SSH\n type: blue\n location: /root\n name: team{{ num }}_www_root.flag\n search: yes\n```\n\nYou can specify as many flags as you want. All of the following fields are required:\n\n- **service**: The name of the service this flag is associated with. Auto PWN matches against this when determining what\n flags it should look for when attacking a service.\n- **type**: Which flag type this is `blue` (read) or `red` (write). Currently only `blue` is supported.\n- **location**: The directory the flag is supposed to be located in.\n- **name**: The expected file name of the flag. Pay close attention to `{{ num }}`. This is a placeholder that will be\n replaced with the team number during the attack.\n- **search**: Whether Auto PWN should search `location` for any files that are roughly the correct file size. A search\n is only performed if the flag is not found at it's exact name `{{ location }}/{{ name }}`.\n\nHere's an example of an Auto PWN run that obtained flags:\n\n[![asciicast](https://asciinema.org/a/SZK8Ma0lUzX8H1CE02sLOjVIT.png)](https://asciinema.org/a/SZK8Ma0lUzX8H1CE02sLOjVIT)\n\nCredentials\n-----------\nCredentials can be managed through the ``creds`` subcommand. To add a credential:\n\n```bash\nflag-slurper creds add root cdc\n```\n\nList credentials:\n\n```bash\nflag-slurper creds ls\n```\n\nRemove credential:\n\n```bash\nflag-slurper creds rm root cdc\n```\n\nShow details for a credential:\n\n```bash\nflag-slurper creds show root:cdc\n```\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "", "keywords": "", "license": "MIT", "maintainer": "", "maintainer_email": "", "name": "flag-slurper", "package_url": "https://pypi.org/project/flag-slurper/", "platform": "", "project_url": "https://pypi.org/project/flag-slurper/", "project_urls": null, "release_url": "https://pypi.org/project/flag-slurper/0.9.0/", "requires_dist": [ "requests (>=2.20.0)", "click (==6.7)", "pyyaml (>=4.2b1)", "schema (==0.6.7)", "jinja2 (==2.10.1)", "peewee (==3.9.5)", "terminaltables (==3.1.0)", "dnspython (==1.15.0)", "Faker (==1.0.7)", "bumpversion (==0.5.3) ; extra == 'dev'", "twine (==1.10.0) ; extra == 'dev'", "sphinx ; extra == 'docs'", "sphinx-autobuild ; extra == 'docs'", "sphinx-rtd-theme ; extra == 'docs'", "psycopg2-binary (==2.7.4) ; extra == 'parallel'", "paramiko (==2.6.0) ; extra == 'remote'", "pytest (==3.4.2) ; extra == 'tests'", "pytest-cov (==2.5.1) ; extra == 'tests'", "pytest-sugar (==0.9.1) ; extra == 'tests'", "pytest-mock (==1.7.1) ; extra == 'tests'", "tox (==2.9.1) ; extra == 'tests'", "vcrpy (==1.11.1) ; extra == 'tests'", "responses (==0.8.1) ; extra == 'tests'", "pretend (==1.0.8) ; extra == 'tests'", "hypothesis (==3.57.0) ; extra == 'tests'" ], "requires_python": "", "summary": "Tool for getting flags from CDC machines", "version": "0.9.0" }, "last_serial": 5864384, "releases": { "0.6.1": [ { "comment_text": "", "digests": { "md5": "3f861680bb39286d1e78e92425912d78", "sha256": "07a5f52f82ea7da2825b1a92062c344eea0a5a64ee991cb8efddca188402e388" }, "downloads": -1, "filename": "flag_slurper-0.6.1-py3-none-any.whl", "has_sig": false, "md5_digest": "3f861680bb39286d1e78e92425912d78", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 49743, "upload_time": "2018-11-02T04:33:31", "url": "https://files.pythonhosted.org/packages/60/cd/2cd072c78813991629d16d7d6761f52ce1cf389c7eb74af06f9a566d1acc/flag_slurper-0.6.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "f6411c095fd0bfcddaaf2aabe04a56b3", "sha256": "972cd3ea7768d242682a442c8399c50803bc205a0ddec24943d49613558146ff" }, "downloads": -1, "filename": "flag_slurper-0.6.1.tar.gz", "has_sig": false, "md5_digest": "f6411c095fd0bfcddaaf2aabe04a56b3", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 38808, "upload_time": "2018-11-02T04:33:33", "url": "https://files.pythonhosted.org/packages/cd/53/838404ecdf89f65e9401c44bf1dfbb769e4d4973510e631701ced24061f4/flag_slurper-0.6.1.tar.gz" } ], "0.7.0": [ { "comment_text": "", "digests": { "md5": "7d77cc6550e45dd3be632a4142396771", "sha256": "d8fd6b681fdada6a2114f87be6a1ec60cb7f69f59bd662d62a8d3ff96008b465" }, "downloads": -1, "filename": "flag_slurper-0.7.0-py3-none-any.whl", "has_sig": false, "md5_digest": "7d77cc6550e45dd3be632a4142396771", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 48296, "upload_time": "2019-02-18T05:30:18", "url": "https://files.pythonhosted.org/packages/c1/30/97a16c1886e5bd6ef1ecbce1201bcf126c15f84606494e1df4a76d0449eb/flag_slurper-0.7.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "ec655b2da0d70e9c3b3fb25f24d0cdea", "sha256": "c2bb7c960d0add5a6b3cfeaf36ec033809fbbad423fd364d2931e7555e04bc11" }, "downloads": -1, "filename": "flag_slurper-0.7.0.tar.gz", "has_sig": false, "md5_digest": "ec655b2da0d70e9c3b3fb25f24d0cdea", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6090878, "upload_time": "2019-02-18T05:30:21", "url": "https://files.pythonhosted.org/packages/c6/6d/257497325a524e54371a93d2628c5a1e5358b2fdf498cd60c0b19f545de6/flag_slurper-0.7.0.tar.gz" } ], "0.8.0": [ { "comment_text": "", "digests": { "md5": "59a58ceb630b75a029b7d8c8b4d43472", "sha256": "fdc665dd0a6119a36e28be5887eca25cd6db260fa6bf43d4f207b108f3060922" }, "downloads": -1, "filename": "flag_slurper-0.8.0-py3-none-any.whl", "has_sig": false, "md5_digest": "59a58ceb630b75a029b7d8c8b4d43472", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 51167, "upload_time": "2019-04-27T04:45:12", "url": "https://files.pythonhosted.org/packages/2f/f6/eb37ca2f813fa26c23402e38ebbf47e4042e5287337d3c201cd1444424c4/flag_slurper-0.8.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "415c103258e16e1e9b4105e0038923fc", "sha256": "dce82e70214655e6aecc724dfde0b5cf6b2f6cba630e17a0af88e7fc566c8744" }, "downloads": -1, "filename": "flag_slurper-0.8.0.tar.gz", "has_sig": false, "md5_digest": "415c103258e16e1e9b4105e0038923fc", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6092812, "upload_time": "2019-04-27T04:45:16", "url": "https://files.pythonhosted.org/packages/dc/3a/3ad4884dc545f240ebedefd660b2f69541b345bdf68373a3b682b3c6cf50/flag_slurper-0.8.0.tar.gz" } ], "0.9.0": [ { "comment_text": "", "digests": { "md5": "7f10e1cd52c0aa1f970166d2efad3ba4", "sha256": "fc090c79669297c3be44761835be4da09628014c065ad4e42ec94480984b5721" }, "downloads": -1, "filename": "flag_slurper-0.9.0-py3-none-any.whl", "has_sig": false, "md5_digest": "7f10e1cd52c0aa1f970166d2efad3ba4", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 52282, "upload_time": "2019-09-20T22:11:08", "url": "https://files.pythonhosted.org/packages/ce/4a/3f99b4b93d55611c688e3727cb7a0952b42596a1e65fe878f8b5d930b7ed/flag_slurper-0.9.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "771006d25e49f1cdb97fea1b0cdb6dc5", "sha256": "7154351e9c5a60aa7d54b893b4adce680bce6f7f501b77055eb19a7a4b269c33" }, "downloads": -1, "filename": "flag_slurper-0.9.0.tar.gz", "has_sig": false, "md5_digest": "771006d25e49f1cdb97fea1b0cdb6dc5", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6829133, "upload_time": "2019-09-20T22:11:22", "url": "https://files.pythonhosted.org/packages/9a/05/17ef4da8a255d41f971dd5a1bd8c967de9467ca8315a5b938e09bb581d6a/flag_slurper-0.9.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "7f10e1cd52c0aa1f970166d2efad3ba4", "sha256": "fc090c79669297c3be44761835be4da09628014c065ad4e42ec94480984b5721" }, "downloads": -1, "filename": "flag_slurper-0.9.0-py3-none-any.whl", "has_sig": false, "md5_digest": "7f10e1cd52c0aa1f970166d2efad3ba4", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 52282, "upload_time": "2019-09-20T22:11:08", "url": "https://files.pythonhosted.org/packages/ce/4a/3f99b4b93d55611c688e3727cb7a0952b42596a1e65fe878f8b5d930b7ed/flag_slurper-0.9.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "771006d25e49f1cdb97fea1b0cdb6dc5", "sha256": "7154351e9c5a60aa7d54b893b4adce680bce6f7f501b77055eb19a7a4b269c33" }, "downloads": -1, "filename": "flag_slurper-0.9.0.tar.gz", "has_sig": false, "md5_digest": "771006d25e49f1cdb97fea1b0cdb6dc5", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6829133, "upload_time": "2019-09-20T22:11:22", "url": "https://files.pythonhosted.org/packages/9a/05/17ef4da8a255d41f971dd5a1bd8c967de9467ca8315a5b938e09bb581d6a/flag_slurper-0.9.0.tar.gz" } ] }