ctfjs is a CTF (capture the flag) competition backend written in Node.js.
It is still in development, and is not ready to be used to host an actual CTF.
Documentation is available at https://blairsec.github.io/ctfjs/.
ctfjs can be installed as either a command or a node module.
If all you need is a simple backend for challenges, users, and teams, this is probably what you should choose. To install ctfjs as a terminal command, run:
npm install -g ctfjs
This option will require more setup and configuration. To install ctfjs as a node module in your current directory, run:
npm install ctfjs
You will also need express to create the web server:
npm install express
Remember that this is just a REST API and requires a front end to go with it. You will also need to have PostgreSQL running somewhere. Deployment will depend on whether you installed ctfjs as a command or as a module.
If you installed ctfjs as a command, deployment is simple. To start ctfjs, run:
ctfjs start
To stop ctfjs, run:
ctfjs stop
By default ctfjs runs on port 3000 with a randomly generated secret key, and tries to access the PostgresQL database ctf
on localhost:5432
with
the user ctf
and no password. These options can be changed with the arguments -p
(port), -s
(secret key), and -d
(database URI). Additionally,
a CORS origin can bet set with the -o
flag.
For more information run:
ctfjs start --help
The username and password for the database can be included in the URI with the following format:
postgresql:https://username:password@host:port/database
If you installed ctfjs as a node module, you will need another file that imports ctfjs and starts a new server. For example:
var express = require("express");
var app = express();
var CTF = require("ctfjs");
var ctf = new CTF({
db_uri: "postgresql:https://localhost/ctfjs",
jwt_secret: "secret key here",
});
app.use(ctf.router);
app.listen(3000);