• This repository has been archived on 13/Apr/2024
  • Stars
    star
    226
  • Rank 176,514 (Top 4 %)
  • Language
    Python
  • License
    MIT License
  • Created over 5 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A plugin for CTFd which allow your users to deploy a standalone instance for challenges.

CTFd-Whale

A plugin for CTFd which allow your users to launch a standalone instance for challenges.

https://www.zhaoj.in/wp-content/uploads/2019/08/1565947849bb2f3ed7912fb85afbbf3e6135cb89ca.png

https://www.zhaoj.in/wp-content/uploads/2019/08/15659478989e90e7a3437b1bdd5b9e617d7071a79f.png

https://www.zhaoj.in/wp-content/uploads/2019/08/15659479342f5f6d33e2eeaedb313facd77b2bbccb.png

https://www.zhaoj.in/wp-content/uploads/2019/08/1565923903609e6c236759a5663be8e0fb57904482.png

Features

  • Provide a new challenge type - dynamic_docker.
  • The player can launch an instance for these challenge on the challenge board by one click.
  • Every instance has a unique flag.
  • Admin can manage the instance at the admin panel.

Usage

  1. You should init docker swarm, and add your node to it. And name them with following command:
docker node update --label-add name=windows-1 ****
docker node update --label-add name=linux-1 ****

Name of them should begin with windows- or linux-.

  1. Copy this folder to your ctfd plugins folder. Make sure the folder name is 'ctfd-whale'.
  2. Deploy frp on your servers, and you should make sure CTFd can access frpc admin API directly.
  3. And also make sure docker API is accessible to CTFd, you should create a network in docker called 'ctfd_frp-containers' which allow frp redirect traffic to challenge instances.
  4. Configure this plugin on the admin panel.
  5. Now you may create a challenge, choose the challenge type - dynamic_docker and fill the form.
  6. Click the preview button, then you can launch an instance for this challenge.
  7. Enjoy it:)

Some configuration file

  1. docker-compose.yml for CTFd I used.
version: '2.2'

services:
  ctfd-nginx:
    build: ./nginx
    user: root
    restart: always
    ports:
      - "80:80"
      - "443:443"
    networks:
        default:
        internal:
    depends_on:
      - ctfd
    cpus: '2.50'
    mem_limit: 150M
  ctfd:
    build: .
    user: root
    restart: always
    environment:
      - UPLOAD_FOLDER=/var/uploads
      - DATABASE_URL=mysql+pymysql://root:ctfd@db/ctfd
      - REDIS_URL=redis://cache:6379
      - WORKERS=1
      - LOG_FOLDER=/var/log/CTFd
      - ACCESS_LOG=-
      - ERROR_LOG=-
      - REVERSE_PROXY=true
    volumes:
      - .data/CTFd/logs:/var/log/CTFd
      - .data/CTFd/uploads:/var/uploads
      - .:/opt/CTFd:ro
      - /var/run/docker.sock:/var/run/docker.sock
    depends_on:
      - db
    networks:
        default:
        internal:
        frp:
            ipv4_address: 172.1.0.2
    cpus: '2.50'
    mem_limit: 450M

  db:
    image: mariadb:10.4
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=ctfd
      - MYSQL_USER=ctfd
      - MYSQL_PASSWORD=ctfd
    volumes:
      - .data/mysql:/var/lib/mysql
    networks:
        internal:
    # This command is required to set important mariadb defaults
    command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci, --wait_timeout=28800, --log-warnings=0]
    cpus: '2.50'
    mem_limit: 750M

  cache:
    image: redis:4
    restart: always
    volumes:
      - .data/redis:/data
    networks:
        internal:
    cpus: '2.50'
    mem_limit: 450M

  frpc:
    image: glzjin/frp:latest
    restart: always
    volumes:
      - ./frpc:/conf/
    entrypoint:
        - /usr/local/bin/frpc
        - -c
        - /conf/frpc.ini
    networks:
        frp:
            ipv4_address: 172.1.0.3
        frp-containers:
    cpus: '1.50'
    mem_limit: 250M

networks:
    default:
    internal:
        internal: true
    frp:
        driver: bridge
        ipam:
            config:
                - subnet: 172.1.0.0/16
    frp-containers:
        driver: overlay
        internal: true
        ipam:
            config:
                - subnet: 172.2.0.0/16

Internet --> frps1 --> frpc1 --> nginx --> ctfd

Internet --> frps2 --> frps2 --> chanllenge_instance

  1. frpc config tamplate
[common]
token = ***************
server_addr = *******
server_port = ****
pool_count = 200
tls_enable = true

# Make sure it's only exposed the port to the network that only has ctfd and frp, not the frp and challenge instance one.
admin_addr = 172.1.0.3
admin_port = 7400
  1. Some challenge image you can use.

https://github.com/CTFTraining/CTFTraining

  1. Challenge image requirement
  • Support set flag by setting docker environment "FLAG".
  1. The configuration I have set on the CTFd admin panel. https://www.zhaoj.in/wp-content/uploads/2019/08/1565931400faa3a335e9a8531e8e34cdb1e5ede899.png

Demo

BUUCTF

Third-Party Introduction

Twins

More Repositories

1

20190511_awd_docker

2019 年 5 月 11 日防灾科技学院 “应急挑战杯” 大学生网络安全邀请赛 AWD 靶机题目。
PHP
148
star
2

wechat_print_bot

微信打印机器人
Python
65
star
3

CISCN-2019-Northern-China-Web

国赛 2019 华北赛区 Web 题目备份
CSS
28
star
4

ChatProxy-MiniMax

用于将 MiniMax 接口转换为 OpenAI API 接口。
Python
23
star
5

v2ray-java-sdk

V2Ray API Java SDK
Go
17
star
6

qwb_2019_upload

PHP
11
star
7

buusec_2019_code_review_1

北京联合大学 信息安全专业 代码审计教学题
PHP
10
star
8

Frp-Docker-For-CTFd-Whale

9
star
9

qwb_2019_smarthacker

Dockerfile
7
star
10

ETradeSystem

实训小组用 Spring MVC 写的电商网站系统
JavaScript
7
star
11

qwb_2019_supersqli

PHP
6
star
12

buusec_2019_xss_course_1

北京联合大学 信息安全专业 XSS 注入课-靶机 1
JavaScript
6
star
13

HousePull

房天下爬虫,使用方法见 https://www.zhaoj.in
Python
4
star
14

buusec_2019_burp_course_1

北京联合大学 信息安全专业 Burp 教学 靶机 - 1
PHP
4
star
15

CISCN_2019_northern_China_day2_web1

2019 国赛华北赛区 Day2 Web1
PHP
4
star
16

hfctf_2020_challenges

JavaScript
4
star
17

pwn_base

pwn_base
Dockerfile
4
star
18

buusec_2019_sqli_labs

Sqli labs Docker
PHP
4
star
19

buusec_2019_upload_course_1_web_1

北京联合大学 信息安全专业 上传漏洞 课-靶机 1
PHP
4
star
20

bytectf_2019_babyblog

bytectf_2019_babyblog
PHP
4
star
21

buusec_2019_sql_course_1

北京联合大学 信息安全专业 SQL 注入课-靶机 1
PHP
4
star
22

QuickNC

QuickNC,快速监听端口进行调试
Python
3
star
23

xctf_2019_final_web_lfi

PHP
3
star
24

CISCN_2019_southeastern_China_web9

CISCN 2019 华东南 Web9
Python
3
star
25

CISCN_2019_northeastern_China_web2

CISCN 2019 国赛 华东北赛区 Web2
PHP
2
star
26

CISCN_2019_northern_China_day1_web1

2019 国赛华北赛区 Day1 Web1
PHP
2
star
27

CISCN_2019_Final_3_Day1_Web2

CISCN 2019 总决赛 Day1 Web2
Dockerfile
2
star
28

suctf_2019_easysql

suctf_2019_easysql
PHP
2
star
29

de1ctf_2019_web_9calc

De1CTF 2019 Web 9Calc
TypeScript
2
star
30

buuctf_2018_online_tool

BUUCTF 2018 Web 在线工具
PHP
2
star
31

math-is-fun1

SCTF 2019 https://github.com/u2400/math-is-fun
JavaScript
2
star
32

CISCN_2019_southeastern_China_double_secret

CISCN 2019 华东南 Double Secret
Python
1
star
33

CISCN_2019_Final_12_Day2_Web1

CISCN 2019 总决赛 Day2 Web1
CSS
1
star
34

eventbridge-consumer-client-nodemcu

Lua
1
star
35

eventbridge-server

EventBridge -- 事件中继服务器
JavaScript
1
star
36

qwb2019md_pwn_stkof

强网杯2019 拟态 - PWN - STKOF
Dockerfile
1
star
37

bytectf_2019_boring_code

bytectf_2019_boring_code
PHP
1
star
38

CISCN_2019_northern_China_day1_web5

2019 国赛 华北赛区 Day1 Web5,教学用
PHP
1
star
39

CISCN_2019_Final_9_Day1_Web4

CISCN 2019 总决赛 Day1 Web4
Dockerfile
1
star
40

extstars_donate_callback_example

星空辽阔账号系统回调示例
PHP
1
star
41

CISCN_2019_northern_China_day1_web2

2019 国赛华北赛区 Day1 Web2
CSS
1
star
42

ciscn_2019_en_pwn_1

Arm32 PWN 测试
Dockerfile
1
star
43

GZCTF-Scoreboard-Hide

JavaScript
1
star
44

TestExp

PHP
1
star