JohnHammond/katana JohnHammond/katana

  • Stars
    star
    1,243
  • Rank 37,803 (Top 0.8 %)
  • Language
    Python
  • License
    Other
  • Created almost 5 years ago
  • Updated 9 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
JohnHammond/katana
github

JohnHammond

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Katana - Automatic CTF Challenge Solver in Python3

Run on Repl.it Katana

John Hammond | Caleb Stewart | February 18th, 2019

Documentation: https://ctf-katana.readthedocs.io

This repository attempts to offer code and material to automate "running through the check-list" or hitting the "low-hanging fruit" in a Capture the Flag challenge. It is meant to act as a utility to help an individual do things they might otherwise forget to do.

A lot of the context and ideas from this stem from the living document at https://github.com/JohnHammond/ctf-katana

Katana is written in Python 3.

Please note that this project is not heavily maintained.

DISCLAIMER

Katana will automatically run code and do potentially "malicious" things to its target. It may throw SQL injection, it may try test for local file inclusion, uploading web shells or finding a means of remote code execution. DO NOT, by any means, run this utility against ANYTHING that you do not have explicit permission and authorization to test.

We do not claim responsibility or involvement for anything you break or any trouble you may get into by using this tool.

Getting Started

We recommend running this with the latest version of Python and inside of a virtual environment.

On Ubuntu

sudo apt update
sudo apt-get install -y python-tk tk-dev libffi-dev libssl-dev pandoc \
	libgmp3-dev libzbar-dev tesseract-ocr xsel libpoppler-cpp-dev libmpc-dev \
	libdbus-glib-1-dev ruby libenchant-2-dev apktool nodejs groff binwalk \
	foremost tcpflow poppler-utils exiftool steghide stegsnow bison ffmpeg \
	libgd-dev less

Setup

python3.7 -m venv env
source env/bin/activate
python setup.py install

If things seemed to go wrong during your installation, and you just want a clean slate, you can tear down your virtual environment and start again. Note that you will need to run python setup.py install one more time.

If you're on a very old Ubuntu distribution and had to install Python 3.7 manually, you may need to install virtualenv manually, and use virtualenv vice python3.7 -m venv like so:

pip3.7 install virtualenv
virtualenv env
source env/bin/activate

After installation, Katana will still require multiple external dependencies. The installation of each of these depends on your distribution and package manager, so an easier solution is to run Katana through Docker. You can read more about this in the docker/ directory.

Usage

Whenever Katana runs, it creates a results directory where it stores its findings and artifacts (files et. al.) that may be generated from units.

Katana will not run if the results directory already exists. You can have Katana automatically remove the results directory before it runs with the --force command-line argument.

katana --force -f "FLAG{.*?}" "RkxBR3t0aGlzX2lzX2FfYmFzZTY0X2ZsYWd9"

Known issues

ModuleNotFoundError: No module named 'colorama' -- Run pip install colorama TypeError: init() got a unexpected keyword argument 'choices_method' -- Run `pip uninstall cmd2 && pip install cmd2=="1.0.1"

Framework Methodology

Katana works with a "boss -> worker" topology. One thread (the boss) spins off other threads (the workers) and returns the results once they have all completed. Each worker is called a "unit". The unit is what actually goes about and accomplishes the task.

To add functionality to Katana, you simply need to create units. The boss will then handle them appropriately.

You can read more about it in the docs directory.

Contributing

If you would like to contribute to Katana, please see CONTRIBUTING.md

Thank You and Credits

As we got further along in development, we asked members of my Discord server if they would like to assist in creating units. The following is a list of units that were contributions from these members and their names, to offer our kudos and thank you. This project would not be what it is without your help!

crypto.dna - voidUpdate, Zwedgy
crypto.t9 - Zwedgy, r4j
esoteric.ook - Liikt
esoteric.cow - Drnkn
stego.audio_spectrogram - Zwedgy
stego.dtmf_decoder - Zwedgy
stego.whitespace - l14ck3r0x01
hash.md5 - John Kazantzis
esoteric.jsfuck - Zwedgy
crypto.playfair - voidUpdate
crypto.nato_phonetic - voidUpdate

More Repositories

1

ctf-katana

This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.
2,499
star
2

msdt-follina

Codebase to generate an msdt-follina payload
Python
1,602
star
3

poor-mans-pentest

This a collection of the code that I have written for the Poor Man's Pentest presentation.
Shell
546
star
4

security-resources

A communal outpouring of online resources for learning different things in cybersecurity
406
star
5

CVE-2021-34527

PowerShell
247
star
6

vbe-decoder

A Python3 script to decode an encoded VBScript file, often seen with a .vbe file extension
Python
181
star
7

oscp-notetaking

This repository houses some of the small scripts I had used to quickly document throughout my OSCP course. This was referenced on YouTube, and should be made available to others!
Shell
175
star
8

ignition_key

This is a small BASH script to quickly setup all the tools I would want and need on a new machine.
Shell
143
star
9

labs

Free and publicly available training labs and exercises, for quick copy-and-paste demonstrations, learning and education.
116
star
10

active_directory

Notes and resources for the Active Directory YouTube series on https://youtube.com/JohnHammond010
PowerShell
114
star
11

johnhammond.org

The code and material for my personal open-source website. (Flask, Gunicorn, Certbot)
HTML
75
star
12

archlinux

These are my notes and setup scripts while installing and preparing my Arch Linux environment.
Shell
74
star
13

pyminify

Compress a Python script to a command-line one-liner
Python
72
star
14

intro2linux

This is a clone of the of Introduction To Linux repo that I developed for the class I taught at the US Coast Guard Academy.
Python
65
star
15

thm

My adhoc and abhorrent notes and work for TryHackMe machines. This repository is for personal use but is made public in case other somehow benefit from it.
PowerShell
59
star
16

binnim

Shitty Nim code that reads in a file and converts it into \x hex representation, for the use of shellcode binaries.
Nim
49
star
17

notes

An Obsidian vault to Github Pages workflow to hopefully make me take notes
41
star
18

CVE-2012-2982

A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution
Python
40
star
19

c2c2

My new C2 framework
39
star
20

htbbizctf2021

Code and notes for the 2021 HackTheBox Business CTF
PowerShell
39
star
21

qr2unicode

Crappy Python code to render a QR code as "plaintext" with Unicode
Python
33
star
22

wfi

Windows File Integrity -- an archive of information on installed Windows binaries.
29
star
23

misfortune-ctf-challenge

A small binary exploitation challenge to demonstrate a typical return2libc attack
Dockerfile
29
star
24

netstatgo

Crappy Golang code to list local listening ports and their associated processes.
Go
28
star
25

underthewire

These are notes and code from my experience working through the UnderTheWire wargames.
PowerShell
26
star
26

overthewire_natas_solutions

As requested on YouTube, this is an archive of my Python scripts and code that I've used to solve the Natas challenges from OverTheWire.
Python
25
star
27

hackersyntax

Shell
24
star
28

training_wheels-public

The teaching vessel and "interactive textbook" that I am building for the Intro to Linux class at the USCGA.
Python
23
star
29

fakemsf

Fake msfconsole for the use in demonstrations
Ruby
21
star
30

CVE-2020-35846

Python PoC for CVE-2020-35846 targeting Cockpit 0.11.1
Python
16
star
31

devops

16
star
32

CVE-2021-4034

Bash implementation of CVE-2021-4034
16
star
33

sshkeys

A weaponized technique for SSH to accept an inserted public/private key. Useful for red team effects.
15
star
34

pcdc2019

This is a repository to house convenient things for the 2019 PCDC competition.
Shell
14
star
35

cipherplane

This Python code will quickly find duplicates or similarities in sets of data.
Python
11
star
36

bbfuzzer

Nightmare code I wrote and used for the Cyberstakes 2016 Breaking Binaries challenge. Managed to crack a good 200+ programs, though, more than any other team! This is the catalyst to a better utility: peach.
Python
11
star
37

autoctfd

This is a poor-mans framework to automate the creation of a CTFd instance, dynamically recreating challenges and the interface.
10
star
38

sandbox

My 1/c Senior Design project (at least the first half of it), aiming to synthesize virtualization and automation. I take advantage of VMware vCenter and PowerCLI to automate the process of creating a dynamic network.
Python
10
star
39

stix-attack-flow

Crappy code to work with MITRE Attack Flows with the stix2 Python library
Python
7
star
40

pim

"...my own endeavor to learn low-level programming and develop a kernel or operating system". I have not touched this in years and I consider it inactive at the current moment.
Shell
7
star
41

primefac_fork

a crappy "hack" or fork of the Python module primefac, but with a different modular inverse function
Python
4
star
42

bearshop

The online "Cadet Store" that my classmates asked me to build
Python
4
star
43

fake_cdx_forum

This is the fake website forum I created in JavaScript before CDX 2017.
HTML
4
star
44

CVE-2036-69420

uwu
4
star
45

circle

This is a testbed for CircleCI
PowerShell
3
star
46

cdx_2016

Relics and artifacts from the CDX 2016 exercise that should help us prepare for the future
Python
3
star
47

go-for-blaine

2
star