{"id":9129,"date":"2020-02-18T17:24:54","date_gmt":"2020-02-18T11:54:54","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=9129"},"modified":"2020-02-18T17:24:54","modified_gmt":"2020-02-18T11:54:54","slug":"ctftool","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/ctftool\/","title":{"rendered":"CTFTool : Interactive CTF Exploration Tool"},"content":{"rendered":"\n<p>This is <code><strong>ctftool<\/strong><\/code>, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services. This might be useful for studying Windows internals, debugging complex issues with Text Input Processors and analyzing Windows security.<\/p>\n\n\n\n<p>It is possible to write simple scripts with <code><strong>ctftool<\/strong><\/code> for automating interaction with CTF clients or servers, or perform simple fuzzing.<\/p>\n\n\n\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<div class=\"youtube-embed\" data-video_id=\"r3vrzzDpmhc\"><iframe loading=\"lazy\" title=\"Microsoft CTF Exploitation Demo (Windows 10 x64 1903)\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/r3vrzzDpmhc?feature=oembed&#038;enablejsapi=1&#038;enablejsapi=1\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/div>\n<\/div><\/figure>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Usage<\/strong><\/p>\n\n\n\n<p><code>ctftool<\/code> has been tested on Windows 7, Windows 8 and Windows 10. Both 32-bit\nand x64 versions are supported, but x64 has been tested more extensively.<\/p>\n\n\n\n<p>There is online help for most commands, simply type <code>help<\/code> to see a list of commands, and <code>help &lt;command&gt;<\/code> to see detailed help for a particular command.<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">$ .\/ctftool.exe<br> An interactive ctf exploration tool by @taviso.<br> Type &#8220;help&#8221; for available commands.<br> Most commands require a connection, see &#8220;help connect&#8221;.<br> ctf&gt; help<br> Type <code>help &lt;command&gt;<\/code> for help with a specific command.<br> Any line beginning with # is considered a comment.<br> <br>help            &#8211; List available commands.<br> exit            &#8211; Exit the shell.<br> connect         &#8211; Connect to CTF ALPC Port.<br> info            &#8211; Query server informaiton.<br> scan            &#8211; Enumerate connected clients.<br> callstub        &#8211; Ask a client to invoke a function.<br> createstub      &#8211; Ask a client to instantiate CLSID.<br> hijack          &#8211; Attempt to hijack an ALPC server path.<br> sendinput       &#8211; Send keystrokes to thread.<br> setarg          &#8211; Marshal a parameter.<br> getarg          &#8211; Unmarshal a parameter.<br> wait            &#8211; Wait for a process and set it as the default thread.<br> thread          &#8211; Set the default thread.<br> sleep           &#8211; Sleep for specified milliseconds.<br> forget          &#8211; Forget all known stubs.<br> stack           &#8211; Print the last leaked stack ptr.<br> marshal         &#8211; Send command with marshalled parameters.<br> proxy           &#8211; Send command with proxy parameters.<br> call            &#8211; Send command without appended data.<br> window          &#8211; Create and register a message window.<br> patch           &#8211; Patch a marshalled parameter.<br> module          &#8211; Print the base address of a module.<br> module64        &#8211; Print the base address of a 64bit module.<br> editarg         &#8211; Change the type of a marshalled parameter.<br> symbol          &#8211; Lookup a symbol offset from ImageBase.<br> set             &#8211; Change or dump various ctftool parameters.<br> show            &#8211; Show the value of special variables you can use.<br> lock            &#8211; Lock the workstation, switch to Winlogon desktop.<br> repeat          &#8211; Repeat a command multiple times.<br> run             &#8211; Run a command.<br> script          &#8211; Source a script file.<br> print           &#8211; Print a string.<br> consent         &#8211; Invoke the UAC consent dialog.<br> reg             &#8211; Lookup a DWORD in the registry.<br> gadget          &#8211; Find the offset of a pattern in a file.<br> section         &#8211; Lookup property of PE section.<br> Most commands require a connection, see &#8220;help connect&#8221;.<br> ctf&gt;<\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong>Also Read &#8211; <a href=\"https:\/\/kalilinuxtutorials.com\/netdata\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Netdata \u2013 Real-time Performance Monitoring (opens in a new tab)\">Netdata \u2013 Real-time Performance Monitoring<\/a><\/strong><\/p>\n\n\n\n<p>The first thing you will want to do is connect to a session, and see which clients are connected.<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">ctf&gt; connect<br> The ctf server port is located at \\BaseNamedObjects\\msctf.serverDefault1<br> NtAlpcConnectPort(&#8220;\\BaseNamedObjects\\msctf.serverDefault1&#8221;) =&gt; 0<br> Connected to CTF server@\\BaseNamedObjects\\msctf.serverDefault1, Handle 00000264<br> ctf&gt; scan<br> Client 0, Tid 3400 (Flags 0x08, Hwnd 00000D48, Pid 8696, explorer.exe)<br> Client 1, Tid 7692 (Flags 0x08, Hwnd 00001E0C, Pid 8696, explorer.exe)<br> Client 2, Tid 9424 (Flags 0x0c, Hwnd 000024D0, Pid 9344, SearchUI.exe)<br> Client 3, Tid 12068 (Flags 0x08, Hwnd 00002F24, Pid 12156, PROCEXP64.exe)<br> Client 4, Tid 9740 (Flags 0000, Hwnd 0000260C, Pid 3840, ctfmon.exe)<\/p>\n\n\n\n<p>You can then experiment by sending and receiving commands to the server, or any of the connected clients.<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Building<\/strong><\/p>\n\n\n\n<p>If you don&#8217;t want to build it yourself, check out the releases tab<\/p>\n\n\n\n<p>I used GNU make and Visual Studio 2019 to develop ctftool. Only 32-bit builds are supported, as this allows the tool to run on x86 and x64 Windows.<\/p>\n\n\n\n<p>If all the dependencies are installed, just typing make in a developer command prompt should be enough.<\/p>\n\n\n\n<p>I use the &#8220;Build Tools&#8221; variant of Visual Studio, and the only components I have selected are MSVC, MSBuild, CMake and the SDK.<\/p>\n\n\n\n<p>This project uses submodules for some of the dependencies, be sure that you&#8217;re using a command like this to fetch all the required code.<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>git submodule update &#8211;init &#8211;recursive<\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Exploit<\/strong><\/p>\n\n\n\n<p>The examples only work on Windows 10 x64. All platforms and versions since Windows XP are affected, but no PoC is currently implemented.<\/p>\n\n\n\n<p>This tool was used to discover many critical security problem with the CTF protocol that have existed for decades.<\/p>\n\n\n\n<p>If you just want to test an exploit on Windows 10 x64 1903, run or double-click ctftool.exe and enter this command:<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>An interactive ctf exploration tool by @taviso.<br>Type &#8220;help&#8221; for available commands.<br>Most commands require a connection, see &#8220;help connect&#8221;.<br>ctf&gt; script .\\scripts\\ctf-consent-system.ctf<\/strong><\/p>\n\n\n\n<p>This will wait for the UAC dialog to appear, compromise it and start a shell.<\/p>\n\n\n\n<p>In fact, the exploit code is split into two stages that you can use independently. For example, you might want to compromise a process belonging to a user on a different session using the optional parameters to connect.<\/p>\n\n\n\n<p>Most CTF clients can be compromised, as the kernel forces applications that draw windows to load the vulnerable library.<\/p>\n\n\n\n<p>Simply connect to a session, select a client to compromise (use the scan and thread commands, or just wait), then:<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>ctf&gt; script .\\scripts\\ctf-exploit-common-win10.ctf<\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Exploitation Notes<\/strong><\/p>\n\n\n\n<p>Building a CFG jump chain that worked on the majority of CTF clients was quite challenging. There are two primary components to the final exploit, an arbitrary write primitive and then setting up our registers to call LoadLibrary().<\/p>\n\n\n\n<p>You can use <strong>dumpbin \/headers \/loadconfig<\/strong> to dump the whitelisted branch targets.<\/p>\n\n\n\n<p><strong>Arbitrary Write<\/strong><\/p>\n\n\n\n<p>I need an arbitrary write gadget to create objects in a predictable location. The best usable gadget I was able to find was an arbitrary dword decrement in msvcrt!_init_time.<\/p>\n\n\n\n<p>This means rather than just setting the values we want, We have to keep decrementing until the LSB reaches the value we want. This is a lot of work, but we never have to do more than (2^8 &#8211; 1) * len decrements.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-ZZo4HBE-DLk\/XkcJHKBmk6I\/AAAAAAAAE-s\/EKf1FEOn0kAIcp1dcy_lNwnO1REUMh0YgCLcBGAsYHQ\/s1600\/Payload.gif\" alt=\"\"\/><\/figure><\/div>\n\n\n\n<p>Using this primitive, I build an object like this in some unused slack space in kernel32 <code>.data<\/code> section. It needs to be part of an image so that I can predict where it will be mapped, as image randomization is per-boot on Windows.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-vl5yNeQn8GM\/XkcJT2cETOI\/AAAAAAAAE-w\/7vVktXxphVAqVfS00VmUNq1MjejdnWu6gCLcBGAsYHQ\/s1600\/CTFTOOL.png\" alt=\"\"\/><\/figure><\/div>\n\n\n\n<p>There were (of course) lots of arbitrary write gadgets, the problem was regaining control of execution after the write. This proved quite challenging, and that&#8217;s the reason I was stuck with a dword decrement instead of something simpler.<\/p>\n\n\n\n<p>MSCTF catches all exceptions, so the challenge was finding an arbitrary write that didn&#8217;t mess up the stack so that SEH survived, or crashed really quickly without doing any damage.<\/p>\n\n\n\n<p>The msvcrt!_init_time gadget was the best I could find, within a few instructions it dereferences NULL without corrupting any more memory. This means we can repeat it ad infinitum <\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Redirecting Execution<\/strong><\/p>\n\n\n\n<p>I found two useful gadgets for adjusting registers, The first was:<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">combase!CStdProxyBuffer_CF_AddRef:<br>\n      mov     rcx,qword ptr [rcx-38h]<br>\n      mov     rax,qword ptr [rcx]    <br>\n      mov     rax,qword ptr [rax+8]  <br>\n      jmp     qword ptr [combase!__guard_dispatch_icall_fptr]<\/p>\n\n\n\n<p>And the second was:<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">MSCTF!CCompartmentEventSink::OnChange:<br>       mov     rax,qword ptr [rcx+30h]<br>       mov     rcx,qword ptr [rcx+38h]<br>       jmp     qword ptr [MSCTF!_guard_dispatch_icall_fptr]<\/p>\n\n\n\n<p>By combining these two gadgets with the object we formed with our write gadget, we can redirect execution to <code><strong>kernel32!LoadLibraryA<\/strong><\/code> by bouncing between them.<\/p>\n\n\n\n<p>This was complicated, but the jump sequence works like this:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-VAa5fgJgY5A\/XkcJip0wqdI\/AAAAAAAAE-4\/Sv9GhlMrYsAgZpLxDrWpX_c1mwkSbkXOwCLcBGAsYHQ\/s1600\/diagram1%25281%2529.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>If you&#8217;re interested, I recommend watching it in a debugger. Note that you will\nneed to use the command <code>sxd av<\/code> and <code>sxd bpe<\/code> or the debugger will stop for\nevery write!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/taviso\/ctftool#edit-session-attacks\"><\/a><\/h2>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Edit Session Attacks<\/strong><\/p>\n\n\n\n<p>Apart from memory corruption, a major vulnerability class exposed by CTF are\n<em>edit session attacks<\/em>. Normally, an unprivileged process (for example, low\nintegrity) would not be permitted to send input or read data from a high\nprivileged process. This security boundary is called UIPI, <em>User Interface\nPrivilege Isolation<\/em>.<\/p>\n\n\n\n<p>CTF breaks these assumptions, and allows unprivileged processes to send input\nto privileged processes.<\/p>\n\n\n\n<p>There are some requirements for this attack to work, as far as I&#8217;m aware it\nwill only work if you have a display language installed that uses an OoP TIP,\n<em>out-of-process text input processor<\/em>. Users with input languages that use IMEs\n(Chinese, Japanese, Korean, and so on) and users with a11y tools fall into this\ncategory.<\/p>\n\n\n\n<p>Example attacks include&#8230;<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Sending commands to an elevated command window.<\/li><li>Reading passwords out of dialogs or the login screen.<\/li><li>Escaping IL\/AppContainer sandboxes by sending input to unsandboxed windows.<\/li><\/ul>\n\n\n\n<p>There is an example <a href=\"https:\/\/github.com\/taviso\/ctftool\/blob\/master\/scripts\/ctf-demo-editsession.ctf\">script<\/a> in the scripts directory that will send input to a notepad window to demonstrate how edit sessions work.<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Monitor Hijacking<\/strong><\/p>\n\n\n\n<p>Because there is no authentication involved between clients and servers in the\nCTF protocol, an attacker with the necessary privileges to write to\n<code>\\BaseNamedObjects<\/code> can create the CTF ALPC port and pretend to be the monitor.<\/p>\n\n\n\n<p>This allows any and all restrictions enforced by the monitor to be bypassed.<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Cross Session Attacks<\/strong><\/p>\n\n\n\n<p>There is no session isolation in the CTF protocol, any process can connect to\nany CTF server. For example, a Terminal Services user can interact with the\nprocesses of any other user, even the Administrator.<\/p>\n\n\n\n<p>The <code>connect<\/code> command in <code>ctftool<\/code> supports connecting to non-default sessions if you want to experiment with this attack.<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">An interactive ctf exploration tool by @taviso.<br> Type &#8220;help&#8221; for available commands.<br> Most commands require a connection, see &#8220;help connect&#8221;.<br> ctf&gt; help connect<br> Connect to CTF ALPC Port.<br> <br>Usage: connect [DESKTOPNAME SESSIONID]<br> Without any parameters, connect to the ctf monitor for the current<br> desktop and session. All subsequent commands will use this connection<br> for communicating with the ctf monitor.<br> <br>If a connection is already open, the existing connection is closed first.<br> <br>If DESKTOPNAME and SESSIONID are specified, a connection to ctf monitor<br> for another desktop and session are opened, if it exists.<br> If the specified port does not exist, wait until it does exist. This is<br> so that you can wait for a session that hasn&#8217;t started<br> yet in a script.<br> Examples<br>  Connect to the monitor for current desktop<br>   ctf&gt; connect<br>  Connect to a specific desktop and session.<br>   ctf&gt; connect Default 1<br> Most commands require a connection, see &#8220;help connect&#8221;<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Status<\/strong><\/p>\n\n\n\n<p>At the time of writing, it is unknown how Microsoft will change the CTF protocol in response to the numerous design flaws this tool helped expose.<\/p>\n\n\n\n<p>For that reason, consider this tool to be in proof-of-concept state.<br>\nSupported Versions and Platforms<\/p>\n\n\n\n<p>All versions of Windows since Windows XP use CTF, on all supported platforms.<\/p>\n\n\n\n<p>While not part of the base system until XP, versions as early as Windows 98 and NT4 would use CTF if you installed Microsoft Office.<\/p>\n\n\n\n<p>ctftool supports Windows 7 and later on x86 and x64, but earlier versions and other platforms could be supported, and contributions would be appreciated.<br>\nAcronym<\/p>\n\n\n\n<p>Microsoft doesn&#8217;t document what CTF stands for, it&#8217;s not explained in any of the Text Services documentation, SDK samples, symbol names, header files, or anywhere else. My theory is it&#8217;s from CTextFramework, what you might name the class in hungarian notation.<\/p>\n\n\n\n<div class=\"wp-block-button aligncenter is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/taviso\/ctftool\"><strong>Download<\/strong><\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services. This might be useful for studying Windows internals, debugging complex issues with Text Input Processors and analyzing Windows security. It is possible to write simple scripts with ctftool for automating interaction with CTF [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16111,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png","fifu_image_alt":"CTFTool : Interactive CTF Exploration Tool","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[709,712],"class_list":["post-9129","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-ctf","tag-ctftool"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CTFTool : Interactive CTF Exploration Tool!Kalilinuxtutorials<\/title>\n<meta name=\"description\" content=\"This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/ctftool\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CTFTool : Interactive CTF Exploration Tool!Kalilinuxtutorials\" \/>\n<meta property=\"og:description\" content=\"This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/ctftool\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-18T11:54:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"CTFTool : Interactive CTF Exploration Tool\",\"datePublished\":\"2020-02-18T11:54:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/\"},\"wordCount\":1828,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png\",\"keywords\":[\"CTF\",\"CTFTool\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/\",\"name\":\"CTFTool : Interactive CTF Exploration Tool!Kalilinuxtutorials\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png\",\"datePublished\":\"2020-02-18T11:54:54+00:00\",\"description\":\"This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ctftool\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CTFTool : Interactive CTF Exploration Tool!Kalilinuxtutorials","description":"This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/ctftool\/","og_locale":"en_US","og_type":"article","og_title":"CTFTool : Interactive CTF Exploration Tool!Kalilinuxtutorials","og_description":"This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services.","og_url":"https:\/\/kalilinuxtutorials.com\/ctftool\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2020-02-18T11:54:54+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"CTFTool : Interactive CTF Exploration Tool","datePublished":"2020-02-18T11:54:54+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/"},"wordCount":1828,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png","keywords":["CTF","CTFTool"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/","url":"https:\/\/kalilinuxtutorials.com\/ctftool\/","name":"CTFTool : Interactive CTF Exploration Tool!Kalilinuxtutorials","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png","datePublished":"2020-02-18T11:54:54+00:00","description":"This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/ctftool\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/ctftool\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-3bBiFAcMe6g\/XkcJ3nh52EI\/AAAAAAAAE_E\/eVhSDcGFnAEN36Rdp9w9rRGXLWd72Us5ACLcBGAsYHQ\/s1600\/edit-thumb%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":32278,"url":"https:\/\/kalilinuxtutorials.com\/awesome-ctf\/","url_meta":{"origin":9129,"position":0},"title":"Awesome CTF &#8211; The Comprehensive Toolkit For Capture The Flag Challenges","author":"Varshini","date":"March 12, 2024","format":false,"excerpt":"A curated list of\u00a0Capture The Flag\u00a0(CTF) frameworks, libraries, resources, softwares and tutorials. This list aims to help starters as well as seasoned CTF players to find everything related to CTFs at one place. Contributing Please take a quick look at the\u00a0contribution guidelines\u00a0first. If you know a tool that isn't present\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":1769,"url":"https:\/\/kalilinuxtutorials.com\/ctf-scripts-security-tools\/","url_meta":{"origin":9129,"position":1},"title":"CTF &#8211; Some Setup Scripts For Security Research Tools","author":"R K","date":"June 28, 2018","format":false,"excerpt":"CTF is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. The install-scripts for these tools are checked regularly.\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":33483,"url":"https:\/\/kalilinuxtutorials.com\/awesome-mobile-ctf\/","url_meta":{"origin":9129,"position":2},"title":"Awesome-Mobile-CTF : The Ultimate Guide To Mobile Capture The Flag Challenges And Resources","author":"Varshini","date":"June 26, 2024","format":false,"excerpt":"This is a curated list of mobile based CTFs, write-ups and vulnerable mobile apps. Most of them are android based due to the popularity of the platform. Inspired by\u00a0android-security-awesome,\u00a0osx-and-ios-security-awesome\u00a0and all the other awesome security lists on\u00a0@github. Mobile CTF Challenges Google CTF 2021 Google CTF 2020\u00a0writeup 1,\u00a0writeup 2 HacktivityCon CTF Mobile\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":17761,"url":"https:\/\/kalilinuxtutorials.com\/ctf-screenshotter\/","url_meta":{"origin":9129,"position":3},"title":"Ctf-Screenshotter : A CTF Web Challenge About Making Screenshots","author":"R K","date":"September 14, 2021","format":false,"excerpt":"Ctf-Screenshotter is a CTF web challenge about making screenshots. It is inspired by a bug found in real life. The challenge was created by\u00a0@LiveOverflow\u00a0for\u00a0https:\/\/cscg.de\/. Watch the video writeup here:\u00a0https:\/\/www.youtube.com\/watch?v=FCjMoPpOPYI Run The Challenge To run the challenge you have to install\u00a0docker-compose: docker-compose up Once the servicses are running, you should be\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-v7xQr5Zu7ig\/YS_FRyiZJqI\/AAAAAAAAKos\/XT3SZVNbxt0Nq9WktYnIPTqJndjyTHikwCLcBGAsYHQ\/s728\/images.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-v7xQr5Zu7ig\/YS_FRyiZJqI\/AAAAAAAAKos\/XT3SZVNbxt0Nq9WktYnIPTqJndjyTHikwCLcBGAsYHQ\/s728\/images.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-v7xQr5Zu7ig\/YS_FRyiZJqI\/AAAAAAAAKos\/XT3SZVNbxt0Nq9WktYnIPTqJndjyTHikwCLcBGAsYHQ\/s728\/images.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-v7xQr5Zu7ig\/YS_FRyiZJqI\/AAAAAAAAKos\/XT3SZVNbxt0Nq9WktYnIPTqJndjyTHikwCLcBGAsYHQ\/s728\/images.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":32737,"url":"https:\/\/kalilinuxtutorials.com\/flagger\/","url_meta":{"origin":9129,"position":4},"title":"Flagger &#8211; A Powerful CLI Tool For Crafting CTF Exploits","author":"Varshini","date":"April 12, 2024","format":false,"excerpt":"Discover the power of Flagger, a streamlined command-line interface tool designed for cybersecurity enthusiasts and professionals alike. Crafted specifically for Capture The Flag (CTF) competitions, Flagger integrates seamlessly with pwntools to facilitate the development of effective exploits. Whether handling HTTP requests or managing custom scripts, Flagger is your go-to tool\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":12384,"url":"https:\/\/kalilinuxtutorials.com\/ctf-party\/","url_meta":{"origin":9129,"position":5},"title":"CTF-Party : A Ruby Library To Enhance &#038; Speed Up Script\/Exploit","author":"R K","date":"March 31, 2021","format":false,"excerpt":"CTF-Party is a library to enhance and speed up script\/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but mostly focused on CTF) by patching the String class to add a short syntax of usual code patterns. The philosophy is also to keep the library to be\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/9129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=9129"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/9129\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16111"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=9129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=9129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=9129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}