Working proof of concept!

I wrote a basic python script to run the best-fit-decreasing bin packing algorithm on each cut on all bars. Since the algorithm operates on the assumption that there are infinite bins and that all bins are equal length, I made it so it ran with every permutation of bar length in the bar list, and removed the result if any errors occurred.

Time to implement it into TypeScript and get the web demo done!

Mostly a nothing burger

I set up a Svelte project and started work on a proof of concept for the packing algorithm I’d need to save as many bars as possible.

My idea was to figure out the maximum amount of potential cuts could be in 1 bar, and to place them into a bar. Attached is my stupid comment ramblings (unfortunately in a code editor, sorry) of my expected results.

Then my friend told me an algorithm for this already exists… it’s called first-fit-decreasing bin packing, which is a online (takes a serial input) algorithm to figure out a fit for all cuts that saves on bins (bars). I’m planning on running it multiple times with different orders and finding the best fit out of them.

I’ll probably delete the proof of concept and stick with bin-packing algorithms.

WE’RE ABOUT TO SHIP, FOLKS!

Today I worked on a basic demo video for voters to base their ratings off of (if they can’t actually demo the project for whatever reason). The README is also now up to spec, and I also worked on a demo document explaining how to set up CTFd.

The package is now on npm for others to try! Get it here.

I think I’m ready to ship!

Spiced up README!

This is a short devlog, but I’ve finally made the README easy to understand (perhaps shippable!) for others to read.

RANKING CHALLENGES!

I added a command (ctf rank <preservation folder> <tags>) to rank CTF challenges by how well they fit the heuristic tags provided. There is also an exclusion system which crosses out unviable challenges, which can be used by prefixing an unwanted tag with an asterisk symbol (*). The purpose of this is to help sift through viable challenges between teammates and increase productivity (e.g. I might rank the CTF by dotnet,managed,unmanaged,source,binary,*graphic as those are my skills/pitfalls, whereas my teammate might go with graphic,shell,*dotnet,*java).

This thing is close to being complete! Thank you so much to the people who have talked with me about this project :3

Available tags

• dotnet - Compiled MSIL programs (.exe, .dll) [C#, F#]
• java - Java Classes (.class)
• elf - ELF File format (used in *nix systems)
• dos - .exe files (both DOS and peexe)
• managed - managed assemblies (.exe, .dll, .class)
• unmanaged - unmanaged assemblies (.exe, .dll, .elf)
• model - 3D models (e.g. .obj, .stl, .fbx)
• cad - CAD files (e.g .f3d, .scad)
• source - Source Files
• shell - Shell Scripts (.sh, .zsh, .fish)
• graphic - Graphics (PNG, JPEG, SVG)
• image - Disk Images (ISO-9660 .iso, .img)
• archive - Archives (TAR, XZ, GZip, LZMA, BZip, 7Zip)
• other - Other filetypes

WOAH, HEURISTICS?

‘ello! I’ve implemented a tagging algorithm that looks at magic numbers and file extensions to group files by tags. The aim is to have a ‘flavour profile’ for each team member which scores challenges by the skills of everyone (to distribute tasks productively in a CTF).

Attached below are screenshots of me using the heur demo command to tag files.

New Colour Scheme and Workspaces!

Hello! Here’s a new update on ctfd-autorouter :3

Colour Scheme

I am now using Catppuccin Mocha (Mauve) as a colour scheme for the CLI and Workspaces. It is all generated in scheme.ts, which creates background and foreground chalk functions for the other files to use.

Workspaces

This is one of the big features of this program! When you open a challenge with ctf workspaces <challenge name substring>, a custom bash instance is created in a bespoke workspace directory with all your challenge files! I made a custom prompt as well because they’re pretty cool :O

I plan to add a bash command to attempt a solve in the shell so you could write e.g. flag placeholder{flag} and have it submit to CTFd!

Thanks for reading the writeup :3
-may <3

Banner

I spent some time in Inkscape designing a simple banner for my project. Here it is :3

CTF Preservation

This is a small update, but I added a preserve command to ctf to preserve all the challenges on a CTFd instance.

It gathers details on all challenges, writes them to challenge.json and description, downloads attachments, and writes instance information to instance.json.

Enjoy :3

Challenges!

Small stuff to get out of the way:

• [auth] The caching of authentication access in memory was added to avoid repeated calls to checkIfLoggedIn()
• [info] JS Dates are now used to hold CTFd info start/end times

Challenges

I have added 5 new API functions and 1 class to manage challenges. Currently, ctfd-autorouter can:

• View challenge information such as name, description, category, value, etc
• Download attachments associated with the challenge
• Fetch all challenges on a CTFd instance

CLI features

The following CLI features have been added:

• ctf challenges - shows a list of challenges
• ctf challenge [name] - shows info on challenges (searches by substring)
• ctf download [attachmentId] - downloads a challenge attachment

Basic stuff, a CLI, and a reverse-engineered login system!

I initially went on Insomnia for a while to reverse-engineer the login system for CTFd. I’ve figured out logging in, logging out and accessing basic CTFd info such as the CTF name and user info.
Logging in requires a session to be established and an XSRF nonce to be sent in a form request along with a username and password. After that, another session is given and we’re able to access profile data!
I have to use a stupidly long regex to access data because I’m too lazy to delve through the REST APIs (and I’m not even sure how many of them work as a user)…

I’ve set up a TypeScript project and cooked up a login and an info command (using yargs :3) to allow for logins and accessing some user info. That’s about it :)

Hope you guys enjoy it!