CookieFarmExploiter
Lightweight Python decorator for automating exploit execution in Attack & Defense CTFs with CookieFarm integration.
Install / Use
/learn @ByteTheCookies/CookieFarmExploiterREADME
🍪 CookieFarm - Exploiter Manager
Python decorator for automating exploit execution in CTF Attack & Defense competitions
📦 What is it?
This package provides a @exploit_manager decorator designed to automate the parallel execution of exploits in CTF (Attack & Defense) settings, specifically for use with the CookieFarm project.
It handles:
- Authentication with the central server
- Retrieving team configuration
- Automatic flag parsing from
stdout
⚠️ Note: This package is not standalone. It must be used together with the CookieFarm client. The client provides the required APIs and team configurations.
📦 Installation
To install the package:
pip install cookiefarm
⚙️ How it works
The @exploit_manager decorator takes care of:
- Calling your
exploit(ip, port, name_service, flag_ids)function - Capturing your exploit's
stdout - Parsing flags via regex
- Logging the result in JSON format, including: team ID, port, service name, and the flag found
🚀 Example usage
from cookiefarm import exploit_manager
import requests
@exploit_manager
def exploit(ip, port, name_service, flag_ids):
# Run your exploit here
response = requests.get(f"http://{ip}:{port}/")
# Just print the flag to stdout
print(response.text)
# Run from the command line with arguments from CookieFarm
# python3 myexploit.py <ip_server> <password> <tick_time> <thread_number> <port> <name_service>
For execution, you have to pass the required arguments from the command line, which are provided by the CookieFarm client. The decorator will handle the rest.
python3 myexploit.py -s <server_address> -t <tick_time> -T <thread_number> -p <port> -n <name_service> -x [test mode]
| Argument | Description |
|------------------|--------------------------------------------------|
| -s or --server | The address of the CookieFarm server |
| -t or --tick_time | The time interval for the exploit execution |
| -T or --thread_number | The number of threads to use for the exploit |
| -p or --port | The port to target for the exploit |
| -n or --name_service | The name of the service to exploit |
| -x or --test | Run in test mode (does not execute the exploit) |
🛠️ Requirements
- Python ≥ 3.12
- Working CookieFarm client installed
📝 License
Distributed under the MIT License. Feel free to use, modify, and contribute.
For any questions, suggestions, or issues, feel free to open a GitHub issue!
Created with ❤️ by ByteTheCookies (feat. @0xMatte)
Related Skills
node-connect
331.7kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
81.6kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
331.7kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
81.6kCommit, push, and open a PR
