diff --git a/Gemfile.lock b/Gemfile.lock index 86f09e5..b8e0204 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,6 +2,7 @@ PATH remote: . specs: ctf-party (1.3.5) + docopt (~> 0.6) GEM remote: https://rubygems.org/ @@ -10,6 +11,7 @@ GEM commonmarker (0.21.2) ruby-enum (~> 0.5) concurrent-ruby (1.1.8) + docopt (0.6.1) github-markup (4.0.0) i18n (1.8.8) concurrent-ruby (~> 1.0) diff --git a/README.md b/README.md index b4f9ef5..18c9e2a 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ ## What it is -A library to enhance and speed up script/exploit writing for CTF players (or +A CLI tool & library to enhance and speed up script/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but mostly focused on CTF) by patching the String class to add a short syntax of usual code patterns. The philosophy is also to keep the library to be pure ruby (no dependencies) @@ -41,6 +41,16 @@ myvar = 'string' myvar.to_b64! ``` +Most of the methods are available as commands CLI tool: + +``` +$ ctf-party 'security' to_hex +7365637572697479 + +$ ctf-party 'NzQ2Zjc0NmY=' from_b64 hex2str str2bin +01110100011011110111010001101111 +``` + ## Features - base64: `to_b64`, `from_b64`, `b64?` and bang versions diff --git a/bin/ctf-party b/bin/ctf-party new file mode 100644 index 0000000..b7b8596 --- /dev/null +++ b/bin/ctf-party @@ -0,0 +1,94 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# Ruby internal +require 'pp' +# Project internal +require 'ctf_party' +require 'ctf_party/version' +# External +require 'docopt' + +cmd_whitelist = { + alternatecase: 'Change one characte on two upcase and the other downcase', + bin2hex: 'Encode an binary string to a hexadecimal string', + bin2str: 'Alias for from_bin', + dec2hex: 'Encode an decimal string to a hexadecimal string', + dec2str: 'Alias for from_dec', + from_b64: 'Decode the string from base64', + from_bin: 'Decode a binary string', + from_dec: 'Decode a decimal string (decimal to hexadecimal then hexadecimal to string)', + from_hex: 'Decode a hexadecimal string', + from_hexip: 'Decode a hexadecimal IP string into a dotted decimal one', + hex2bin: 'Encode an hexadecimal string to a binary string', + hex2dec: 'Encode an hexadecimal string to a decimal string', + hex2str: 'Alias for from_hex', + htmlescape: 'HTML escape the string', + htmlunescape: 'HTML unescape the string', + leet: 'Transform into leet speak (l337 5p34k)', + md5: 'Calculate the md5 hash of the string', + randomcase: 'Change the case of characters randomly', + rmd160: 'Calculate the RIPEMD-160 hash of the string', + rot13: 'Encrypt / Decrypt the string with Caesar cipher with a shift of 13', + sha1: 'Calculate the sha1 hash of the string', + sha2: 'Calculate the sha2 hash of the string', + sha2_256: 'Alias for sha2 with bitlen of 256', + sha2_384: 'Alias for sha2 with bitlen of 384', + sha2_512: 'Alias for sha2 with bitlen of 512', + str2bin: 'Alias for to_bin', + str2dec: 'Alias for to_dec', + str2hex: 'Alias for to_hex', + to_b64: 'Encode the string into base64', + to_bin: 'Encode a string into binary', + to_dec: 'Encode a string into decimal (string to hexadecimal then hexadecimal to decimal)', + to_hex: 'Encode a string into hexadecimal', + to_hexip: 'Encode a dotted decimal IP into a hexadecimal one', + urldecode: 'URL-decode the string', + urlencode: 'URL-encode the string' +} + +doc = <<~DOCOPT + ctf-party by noraj + + Usage: + ctf-party ... [--debug] + ctf-party --list-commands [--debug] + ctf-party -h | --help + ctf-party --version + + Options: + -l, --list-commands List available commands (see https://noraj.github.io/ctf-party/yard/String.html) + --debug Display arguments + -h, --help Show this screen + --version Show version + + Examples: + ctf-party 'security' to_hex + ctf-party 'NzQ2Zjc0NmY=' from_b64 hex2str str2bin +DOCOPT + +begin + args = Docopt.docopt(doc, version: Version::VERSION) + # use case 1, using the tool + pp args if args['--debug'] + if args[''] + wrong_cmd = args[''] - cmd_whitelist.keys.map(&:to_s) + if wrong_cmd.empty? + output = args[''] + args[''].each do |cmd| + output = output.public_send(cmd) + end + puts output + else + abort "Those commands don't exist: #{wrong_cmd}" + end + elsif args['--list-commands'] + cmd_whitelist.each do |k, v| + puts "#{k.to_s.ljust(15)}#{v}" + end + end + # use case 2, help: already handled by docopt + # use case 3, version: already handled by docopt +rescue Docopt::Exit => e + puts e.message +end diff --git a/ctf_party.gemspec b/ctf_party.gemspec index edf09c3..8a161fe 100644 --- a/ctf_party.gemspec +++ b/ctf_party.gemspec @@ -6,13 +6,13 @@ Gem::Specification.new do |s| s.name = 'ctf-party' s.version = Version::VERSION s.platform = Gem::Platform::RUBY - s.summary = 'A library to enhance and speed up script/exploit writing'\ - ' for CTF players' - s.description = 'A library to enhance and speed up script/exploit writing'\ - 'for CTF players (or security researchers, bug bounty'\ + s.summary = 'A CLI tool & library to enhance and speed up script/exploit'\ + 'writing for CTF players' + s.description = 'A CLI tool & library to enhance and speed up script/exploit'\ + 'writing for CTF players (or security researchers, bug bounty'\ 'hunters, pentesters but mostly focused on CTF) by'\ 'patching the String class to add a short syntax of usual'\ - ' code patterns.' + 'code patterns.' s.authors = ['Alexandre ZANNI'] s.email = 'alexandre.zanni@engineer.com' s.homepage = 'https://noraj.github.io/ctf-party/' @@ -34,6 +34,8 @@ Gem::Specification.new do |s| s.required_ruby_version = '~> 2.7' + s.add_runtime_dependency('docopt', '~> 0.6') # for argument parsing of the CLI tool + s.add_development_dependency('bundler', '~> 2.1') s.add_development_dependency('commonmarker', '~> 0.20') # for GMF support in YARD s.add_development_dependency('github-markup', '~> 4.0') # for GMF support in YARD diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 7e56190..b3c2a81 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## [1.4.0] + +- `ctf-party` CLI tool release + ## [1.3.5] - new dec methods: diff --git a/docs/README.md b/docs/README.md index b7a911c..90efdfa 100644 --- a/docs/README.md +++ b/docs/README.md @@ -9,7 +9,7 @@ ## What it is -A library to enhance and speed up script/exploit writing for CTF players (or +A CLI tool & library to enhance and speed up script/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but mostly focused on CTF) by patching the String class to add a short syntax of usual code patterns. The philosophy is also to keep the library to be pure ruby (no dependencies) @@ -36,6 +36,16 @@ myvar = 'string' myvar.to_b64! ``` +Most of the methods are available as commands CLI tool: + +``` +$ ctf-party 'security' to_hex +7365637572697479 + +$ ctf-party 'NzQ2Zjc0NmY=' from_b64 hex2str str2bin +01110100011011110111010001101111 +``` + ## Features - base64: `to_b64`, `from_b64`, `b64?` and bang versions diff --git a/docs/_coverpage.md b/docs/_coverpage.md index 6739f0d..eea85c8 100644 --- a/docs/_coverpage.md +++ b/docs/_coverpage.md @@ -2,7 +2,7 @@ # ctf-party -A Ruby library to enhance and speed up script/exploit writing for CTF players. +A Ruby CLI tool & library to enhance and speed up script/exploit writing for CTF players. [GitHub](https://github.com/noraj/ctf-party/) [Get Started](pages/quick-start?id=quick-start) diff --git a/docs/pages/quick-start.md b/docs/pages/quick-start.md index b40331b..951bb09 100644 --- a/docs/pages/quick-start.md +++ b/docs/pages/quick-start.md @@ -13,6 +13,13 @@ require 'ctf_party' 'string'.to_b64 ``` +## CLI + +``` +$ ctf-party 'security' to_hex +7365637572697479 +``` + ## Console Launch `irb` with the library loaded. diff --git a/docs/pages/usage.md b/docs/pages/usage.md index 4544c90..c583565 100644 --- a/docs/pages/usage.md +++ b/docs/pages/usage.md @@ -1,6 +1,6 @@ # Usage -## Examples of usage +## Library For base64 encoding instead of writing: @@ -59,3 +59,24 @@ For generating a flag respecting a flag format: String.flag = {prefix: 'sigsegv', digest: 'md5'} 'this_1s_a_fl4g'.flag # => "sigsegv{a5bec9e2a86b6b70d288451eb38dfec8}" ``` + +## CLI + +Most of the methods are available as commands CLI tool: + +``` +$ ctf-party 'security' to_hex +7365637572697479 + +$ ctf-party 'NzQ2Zjc0NmY=' from_b64 hex2str str2bin +01110100011011110111010001101111 +``` + +## Console + +It launches `irb` with the library loaded. + +``` +$ ctf_party_console +irb(main):001:0> +```