Skip to content

MarkusBauer/saarctf-gameserver

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits

.devcontainer

.devcontainer

 
 

.idea

.idea

 
 

checker_runner

checker_runner

 
 

ci

ci

 
 

controlserver

controlserver

 
 

flag-submission-server

flag-submission-server

 
 

gamelib @ 7b21a40

gamelib @ 7b21a40

 
 

migrations

migrations

 
 

saarctf_commons

saarctf_commons

 
 

sample_files

sample_files

 
 

scoreboard

scoreboard

 
 

scripts

scripts

 
 

tests

tests

 
 

vpn

vpn

 
 

vpnboard

vpnboard

 
 

.gitignore

.gitignore

 
 

.gitlab-ci.yml

.gitlab-ci.yml

 
 

.gitmodules

.gitmodules

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

config.sample.json

config.sample.json

 
 

mypy.ini

mypy.ini

 
 

package.json

package.json

 
 

requirements-dev.txt

requirements-dev.txt

 
 

requirements-script.txt

requirements-script.txt

 
 

requirements.txt

requirements.txt

 
 

run-mypy.sh

run-mypy.sh

 
 

Repository files navigation

saarCTF Gameserver Framework

This repository contains the gameserver we used to organize our first attack-defense CTF - saarCTF 2020. If you want to build your own CTF with this framework: contact us for additional explanations.

This CTF infrastructure was build in a two-years-effort by @MarkusBauer, with additional contributions by Jonas Bushart and Patrick Schmelzeisen.

Structure

  • Central databases: PostgresSQL, Redis, RabbitMQ
  • Central gameserver (folder controlserver): Round timer, dispatches checker scripts, calculate ranking and create scoreboard
  • Checker script workers (folder checker_runner): Run the checker scripts
  • Submission Server: Accept flags from the participants
  • VPN Server: OpenVPN-Servers for each team with additional monitoring / IPTables controller / tcpdump.

Setup

  • Setup a PostgreSQL database, a redis database and a RabbitMQ server (see below).
  • Create virtualenv with python 3.6+ and activate
  • python3 -m pip install -r requirements.txt
  • npm install && npm run build
  • Write config.json
  • export FLASK_APP=controlserver/app.py
  • flask db upgrade

Run gameserver

export FLASK_APP=controlserver/app.py is required for most commands.

  • Main server: flask run --host=0.0.0.0
  • Celery control panel: celery -A checker_runner flower --port=5555
  • Celery worker: celery -A checker_runner worker -Ofair -E -Q celery,broadcast --concurrency=16 --hostname=ident@%h

Setup RabbitMQ

# Warning: Binds to all interfaces by default!
apt install rabbitmq-server
rabbitmqctl add_vhost saarctf
rabbitmqctl add_user saarctf 123456789
rabbitmqctl set_permissions -p saarctf saarctf '.*' '.*' '.*'
rabbitmqctl set_user_tags saarctf administrator
rabbitmq-plugins enable rabbitmq_management
systemctl restart rabbitmq-server

Flags

Current format: SAAR\{[A-Za-z0-9-_]{32}\}. Example: SAAR{8VHsWgEACAD-_wAAfQScbWZat3KXyYe9}

Folders

  • controlserver: The main components (timer, scoreboard, scoring, dispatcher, ...)
  • checker_runner: The celery worker code running the checker scripts
  • gamelib

Configuration

To test, copy config.sample.json to config.json and adjust if needed. JSON keys starting with __ are stripped.

To deploy, you can use environment variables:

  • SAARCTF_CONFIG path to config.json file
  • SAARCTF_CONFIG_DIR folder where config.json is located, and additional files will be stored (VPN config, VPN secrets etc). Default: root of this repository.
  • Set SAARCTF_NO_RLIMIT if you have to run checkers without limit (e.g. Chromium)

About

saarCTF infrastructure | Attack-defense CTF gameserver developed by saarsec

Topics

ctf attack-defense-ctf saarctf

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

3 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages