Do not push sensitive config variables! Use a .env
file in the root of the folder instead. See .env.example
- Run
git submodule init && git submodule update
- Set
DISCORD_WEBHOOK_URL=
after you copy.env.example
to.env.
- Turn off nginx SSL (copy this section to the
docker-compose.yml
)
nginx:
image: nginx:stable
restart: always
volumes:
- ./conf/nginx/original-http.conf:/etc/nginx/nginx.conf
# - ./conf/nginx/cert.pem:/etc/nginx/cert.pem
# - ./conf/nginx/key.pem:/etc/nginx/key.pem
# - ./sslkeys:/etc/ssl:ro
# - ./logs:/etc/nginx/logs
ports:
- 80:80
# - 443:443
depends_on:
- ctfd
- To add the sigpwny-challenge-store to your local copy, follow the section Testing CTFd Locally.
This is incredibly scuffed, but basically poetry2nix will pull the package wheel from PyPI if it's specified in poetry.lock
, and otherwise build using nixpkgs
if it's not. Some packages refuse to build using nix
, and some refuse to build using wheels. So the process is as follows:
- List all dependencies from
requirements.in
inpyproject.toml
and build usingnix develop
. - Try to fix any errors that arise using this guide, but if you can't fix it, comment out the package. Repeat until you build without errors.
- Copy the old
pyproject.toml
somewhere and make a newpyproject.toml
that only includespython
and the problem packages, and runpoetry lock
. - Revert to the old
pyproject.toml
, and this time uncomment out all packages. Runnix develop
.
Since our history has diverged from CTFd/CTFd, do not ever attempt a rebase from the upstream. Instead, you can try:
git remote add upstream https://github.com/CTFd/CTFd
git fetch upstream
git checkout master # our local branch
git merge upstream/master --strategy-option theirs # prefer their changes over ours
git push
git submodule update --remote --merge
git add CTFd # Make sure you don't commit your dev docker-compose.yml
git commit -m "Update submodules" && git push
CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes.
- Create your own challenges, categories, hints, and flags from the Admin Interface
- Dynamic Scoring Challenges
- Unlockable challenge support
- Challenge plugin architecture to create your own custom challenges
- Static & Regex based flags
- Custom flag plugins
- Unlockable hints
- File uploads to the server or an Amazon S3-compatible backend
- Limit challenge attempts & hide challenges
- Automatic bruteforce protection
- Individual and Team based competitions
- Have users play on their own or form teams to play together
- Scoreboard with automatic tie resolution
- Hide Scores from the public
- Freeze Scores at a specific time
- Scoregraphs comparing the top 10 teams and team progress graphs
- Markdown content management system
- SMTP + Mailgun email support
- Email confirmation support
- Forgot password support
- Automatic competition starting and ending
- Team management, hiding, and banning
- Customize everything using the plugin and theme interfaces
- Importing and Exporting of CTF data for archival
- And a lot more...
- Install dependencies:
pip install -r requirements.txt
- You can also use the
prepare.sh
script to install system dependencies using apt.
- You can also use the
- Modify CTFd/config.ini to your liking.
- Use
python serve.py
orflask run
in a terminal to drop into debug mode.
You can use the auto-generated Docker images with the following command:
docker run -p 8000:8000 -it ctfd/ctfd
Or you can use Docker Compose with the following command from the source repository:
docker-compose up
Check out the CTFd docs for deployment options and the Getting Started guide
To get basic support, you can join the MajorLeagueCyber Community:
If you prefer commercial support or have a special project, feel free to contact us.
Looking to use CTFd but don't want to deal with managing infrastructure? Check out the CTFd website for managed CTFd deployments.
CTFd is heavily integrated with MajorLeagueCyber. MajorLeagueCyber (MLC) is a CTF stats tracker that provides event scheduling, team tracking, and single sign on for events.
By registering your CTF event with MajorLeagueCyber users can automatically login, track their individual and team scores, submit writeups, and get notifications of important events.
To integrate with MajorLeagueCyber, simply register an account, create an event, and install the client ID and client secret in the relevant portion in CTFd/config.py
or in the admin panel:
OAUTH_CLIENT_ID = None
OAUTH_CLIENT_SECRET = None
- Logo by Laura Barbera
- Theme by Christopher Thompson
- Notification Sound by Terrence Martin