The CTF Solver skill activates when a user provides a CTF challenge including a description, source code, and/or environment endpoint. It is designed for users who want to efficiently engage with Capture The Flag challenges in cybersecurity.
$ npx skills add https://github.com/hacktronai/skills --skill ctf-solverThe CTF Solver skill extends AI agents with specialized capabilities for solving Capture The Flag (CTF) cybersecurity challenges. It processes challenge descriptions, source code, and live environment endpoints to systematically identify vulnerabilities and craft exploits. The skill is designed for security researchers and engineers who want to leverage AI agents to accelerate CTF competition participation or vulnerability research. By automating routine analysis and exploitation steps, it helps users focus on complex problem-solving aspects of security challenges.
Install using npx and follow critical rules for execution.
Capture flags from CTF challenges
Analyze source code for vulnerabilities
Test HTTP interactions using Python scripts
$ npx skills add https://github.com/hacktronai/skills --skill ctf-solvergit clone https://github.com/hacktronai/skillsCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
I'm working on a CTF challenge in [COMPANY]'s [INDUSTRY] environment. Here's the challenge description: [CHALLENGE_DESCRIPTION]. The source code is: [SOURCE_CODE]. The environment endpoint is: [ENDPOINT]. Please solve this challenge step by step and provide the flag.
# CTF Challenge Solution: Web Exploitation - Login Bypass
## Challenge Description
A web application at `http://ctf.example.com/login` requires authentication. The source code is provided below:
```python
from flask import Flask, request, render_template_string
app = Flask(__name__)
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
if username == password:
return "Login successful! Flag: CTF{SQLi_1s_3asy}"
else:
return "Login failed."
return render_template_string('''
<form method="POST">
<input type="text" name="username" placeholder="Username">
<input type="password" name="password" placeholder="Password">
<button type="submit">Login</button>
</form>
''')
if __name__ == '__main__':
app.run(host='0.0.0.0', port=80)
```
## Solution Steps
### Step 1: Analyze the Source Code
The code checks if `username == password` for a successful login. This is a common vulnerability pattern.
### Step 2: Identify the Attack Vector
Since the application directly compares `username` and `password`, we can exploit this by setting both fields to the same value.
### Step 3: Execute the Attack
Send a POST request to `/login` with:
- `username`: `admin`
- `password`: `admin`
### Step 4: Retrieve the Flag
The server responds with:
```
Login successful! Flag: CTF{SQLi_1s_3asy}
```
## Recommendations
- Always validate input in web applications.
- Avoid direct comparisons of user-provided data.
- Use parameterized queries to prevent SQL injection.
**Flag:** `CTF{SQLi_1s_3asy}`Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan