Developed by Harold Kim (root@stypr.com)
-
Users and Teams are crawled from https://ctftime.org/ and made into wordlist.
-
Search temporary directory based on the wordlist.
-
List the directory if the given folder exists.
Very simple, just type the following command on your bash!
-
Python 2
$ curl -s https://raw.githubusercontent.com/stypr/tmpleak/master/ctftime.py | python -u -
Python 3
$ curl -s https://raw.githubusercontent.com/stypr/tmpleak/master/ctftime.py | python3 -u
Released it for being the #1 team in CTFTime 2016.
(I actually solved a lot of local exploitation challenges with this tool)
-
Do not mess up the challenge server.
-
Do not do excessive scanning