Skip to content

sigpwny/CTFd

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CTFd MySQL CI Linting MajorLeagueCyber Discourse Documentation Status

Updating theme and plugins

git submodule update --remote --merge
git add CTFd # Make sure you don't commit your dev docker-compose.yml
git commit -m "Update submodules" && git push

SIGPwny Note

Do not push sensitive config variables! Use a .env file in the root of the folder instead. See .env.example

SIGPwny Testing locally

git clone --recurse-submodules -j8 [email protected]:sigpwny/CTFd.git
  • Run git submodule init && git submodule update
  • Set DISCORD_WEBHOOK_URL= after you copy .env.example to .env.
  • Turn off nginx SSL (copy this section to the docker-compose.yml)
  nginx:
    image: nginx:stable
    restart: always
    volumes:
      - ./conf/nginx/original-http.conf:/etc/nginx/nginx.conf
      # - ./conf/nginx/cert.pem:/etc/nginx/cert.pem
      # - ./conf/nginx/key.pem:/etc/nginx/key.pem
      # - ./sslkeys:/etc/ssl:ro
      # - ./logs:/etc/nginx/logs
    ports:
      - 80:80
      # - 443:443
    depends_on:
      - ctfd

Then,

docker-compose up
# docker-compose up --build to rebuild
# docker ps to check containers
# docker exec -it ctfd-ctfd-1 /bin/bash to enter the main container

SSL Keys

How to update SSL certs:

docker run -p 80:80 --volume="/home/ctfd/CTFd/sslkeys:/sslkeys:rw" -it ubuntu:latest bash apt-get update apt-get install certbot y 2 37 certbot certonly 1 [email protected] A N ctf.sigpwny.com cp /etc/letsencrypt/archive/ctf.sigpwny.com/* /sslkeys exit sudo chown ctfd:ctfd -R sslkeys

The four .pem files should appear here. If they're differently named, edit the nginx conf.

Update repo

git remote add upstream [email protected]:CTFd/CTFd.git
git fetch upstream
git merge upstream/master

What is CTFd?

CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes.

CTFd is a CTF in a can.

Features

  • Create your own challenges, categories, hints, and flags from the Admin Interface
    • Dynamic Scoring Challenges
    • Unlockable challenge support
    • Challenge plugin architecture to create your own custom challenges
    • Static & Regex based flags
      • Custom flag plugins
    • Unlockable hints
    • File uploads to the server or an Amazon S3-compatible backend
    • Limit challenge attempts & hide challenges
    • Automatic bruteforce protection
  • Individual and Team based competitions
    • Have users play on their own or form teams to play together
  • Scoreboard with automatic tie resolution
    • Hide Scores from the public
    • Freeze Scores at a specific time
  • Scoregraphs comparing the top 10 teams and team progress graphs
  • Markdown content management system
  • SMTP + Mailgun email support
    • Email confirmation support
    • Forgot password support
  • Automatic competition starting and ending
  • Team management, hiding, and banning
  • Customize everything using the plugin and theme interfaces
  • Importing and Exporting of CTF data for archival
  • And a lot more...

Install

  1. Install dependencies: pip install -r requirements.txt
    1. You can also use the prepare.sh script to install system dependencies using apt.
  2. Modify CTFd/config.ini to your liking.
  3. Use python serve.py or flask run in a terminal to drop into debug mode.

You can use the auto-generated Docker images with the following command:

docker run -p 8000:8000 -it ctfd/ctfd

Or you can use Docker Compose with the following command from the source repository:

docker compose up

Check out the CTFd docs for deployment options and the Getting Started guide

Live Demo

https://demo.ctfd.io/

Support

To get basic support, you can join the MajorLeagueCyber Community: MajorLeagueCyber Discourse

If you prefer commercial support or have a special project, feel free to contact us.

Managed Hosting

Looking to use CTFd but don't want to deal with managing infrastructure? Check out the CTFd website for managed CTFd deployments.

MajorLeagueCyber

CTFd is heavily integrated with MajorLeagueCyber. MajorLeagueCyber (MLC) is a CTF stats tracker that provides event scheduling, team tracking, and single sign on for events.

By registering your CTF event with MajorLeagueCyber users can automatically login, track their individual and team scores, submit writeups, and get notifications of important events.

To integrate with MajorLeagueCyber, simply register an account, create an event, and install the client ID and client secret in the relevant portion in CTFd/config.py or in the admin panel:

OAUTH_CLIENT_ID = None
OAUTH_CLIENT_SECRET = None

Credits

Releases

No releases published

Packages

No packages published

Languages

  • Python 53.6%
  • JavaScript 22.9%
  • HTML 17.2%
  • Vue 3.6%
  • SCSS 2.3%
  • Shell 0.1%
  • Other 0.3%