python

Today I wrote and shipped ctfdfetch a simple python tool to “fetch” challenges from any CTFd hosted CTF. The code is on gitlab and pypi. This means downloading all the challenges for a CTF locally can be as simple as: pip3 install ctfdfetch ctfdfetch --server https://ctf.example.com --user hacker Most of the code I was familiar with such as requests and beautiful soup, so probably the biggest thing I learned was how to package everything up. [Read More]

Short post today but I spent sometime converting a Vagrant based development environment over to Docker. One of the most magical features of this is the increased feedback speed. One pattern I found that seems to work really well, is to use: A docker-compose configuration that mounts the source into the container. Overriding the command that is run to watch/reload For example Flask has Debug Mode. Gunicorn has –reload. [Read More]

Cracklib Today I was working on a flask web application that had a dependency on cracklib. This seemed like an oddly named and surprising inclusion and so I investigated. It turns out that it is a tool for checking passwords in order to prevent users from choosing passwords that could be guessed by “crack” by filtering them out, at source The application was using the python library in a very similar way to that described by Gary Wilson Jr. [Read More]