StringCheese is a script written in Python to extract CTF flags (or any other pattern with a prefix) automatically.
It works like a simple strings | grep command, but can detect many encodings (like base64, XOR, rot13) and works on file formats other than plaintext.
Use the package manager pip to install StringCheese.
sudo pip install stringcheeseStringCheese only needs to know the flag prefix to work. You can pass it the input file using the --file option or through stdin.
stringcheese FLAG{ --file input.txt
cat input.txt | stringcheese FLAG{StringCheese generates strings which encode the flag prefix in various ways.
Those strings are then searched in several transformed version of the input file : one in two bytes, reversed, etc.
When the encoded flag prefix is found somewhere, the corresponding decoder is called to regenerate the flag.
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.