Skip to content

SecKC/ctfscoreboard

 
 

Repository files navigation

CTF Scoreboard

This is a basic CTF Scoreboard, with support for teams or individual competitors, and a handful of other features.

Copyright 2016 Google, Inc. This is not an official Google product.

Author: Please see the AUTHORS file.

Installation using Docker

  1. Navigate to the folder where the Dockerfile is located.

  2. Run the command below to build a docker image for the scoreboard and tag it as "scoreboard".

    docker build -t "scoreboard" .

  3. Run the command below to create the docker container.

    docker create -p 80:80 scoreboard

  4. Find the name of the container you created for the scoreboard.

    docker ls -a

  5. Run the command below to start the docker container for the scoreboard.

    docker start "container_name"

Installation

  1. Install Python with PIP and setuptools. If you'd like to use a virtualenv, set one up and activate it now.

  2. Install the dependencies: pip install -r requirements.txt

  3. Install a database library. For MySQL, consider mysql-python. For Postgres, use psycopg2. (Others may work; untested.)

  4. Write a config.py for your relevant installation.

     SQLALCHEMY_DATABASE_URI = 'mysql://username:password@server/db'
     #SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://username:password@server/db'
     SECRET_KEY = 'Some Random Value For Session Keys'
     TEAM_SECRET_KEY = 'Another Random Value For Team Invite Codes'
     TITLE = 'FakeCTF'
     TEAMS = True
     ATTACHMENT_DIR = 'attachments'
     LOGIN_METHOD = 'local'  # or appengine
    

If you are using plaintext HTTP to run your scoreboard, you will need to add the following to your config.py, so that cookies will work:

    SESSION_COOKIE_SECURE = False

If you are developing the scoreboard, the following settings may be useful for debugging purposes. Not useful for production usage, however.

    COUNT_QUERIES = True
    SQLALCHEMY_ECHO = True
  1. Create the database:

     python main.py createdb
    
  2. Set up your favorite python application server, optionally behind a webserver. You'll want to use main.app as your WSGI handler. Tested with uwsgi + nginx. Not tested with anything else, let me know if you have success. Sample configs are in doc/.

  3. Register a user. The first user registed is automatically made an admin. You probably want to register your user before your players get access.

  4. Have fun! Maybe set up some challenges. Players might like that more.

Options

SCORING: Set to 'progressive' to enable a scoring system where the total points for each challenge are divided amongst all the teams that solve that challenge. This rewards teams that solve infrequently solved (hard or obscure) challenges.

TITLE: Scoreboard page titles.

TEAMS: True if teams should be used, False for each player on their own team.

SQLALCHEMY_DATABASE_URI: A SQLAlchemy database URI string.

LOGIN_METHOD: Supports 'local' or 'appengine'. 'appengine' uses AppEngine users API.

Development

Build Status codecov

Use hooks

ln -s ../../.hooks/pre-commit.sh .git/hooks/pre-commit

Test Cases

  • Setup database
  • Create user, verify admin
  • Create category
  • Create challenge
    • With, without attachment
  • Edit challenges
    • Add attachment
    • Delete attachment
  • Download backup
  • Restore backup
  • Create 2nd user, verify not admin
    • Solve challenge
    • Download attachment

Thanks

This project stands on the shoulders of giants. A big thanks to the following projects used to build this:

And many more indirect dependencies.

Packages

No packages published

Languages

  • Python 49.9%
  • JavaScript 34.3%
  • HTML 12.4%
  • CSS 3.1%
  • Other 0.3%