Skip to content

Latest commit

 

History

History
89 lines (68 loc) · 3.41 KB

README.md

File metadata and controls

89 lines (68 loc) · 3.41 KB

saarCTF Gameserver Framework

This repository contains the gameserver we used to organize our first attack-defense CTF - saarCTF 2020. If you want to build your own CTF with this framework: contact us for additional explanations.

This CTF infrastructure was build in a two-years-effort by @MarkusBauer, with additional contributions by Jonas Bushart and Patrick Schmelzeisen.

Structure

  • Central databases: PostgresSQL, Redis, RabbitMQ
  • Central gameserver (folder controlserver): Round timer, dispatches checker scripts, calculate ranking and create scoreboard
  • Checker script workers (folder checker_runner): Run the checker scripts
  • Submission Server: Accept flags from the participants
  • VPN Server: OpenVPN-Servers for each team with additional monitoring / IPTables controller / tcpdump.

Setup

  • Setup a PostgreSQL database, a redis database and a RabbitMQ server (see below).
  • make deps
  • npm install && npm run build
  • Write config.json
  • alembic upgrade head

Run gameserver

export FLASK_APP=controlserver/app.py is required for most commands.

  • Main server: flask run --host=0.0.0.0
  • Celery control panel: celery -A checker_runner.celery_cmd flower --port=5555
  • Celery worker: celery -A checker_runner.celery_cmd worker -Ofair -E -Q celery,broadcast --concurrency=16 --hostname=ident@%h

Setup RabbitMQ

# Warning: Binds to all interfaces by default!
apt install rabbitmq-server
rabbitmqctl add_vhost saarctf
rabbitmqctl add_user saarctf 123456789
rabbitmqctl set_permissions -p saarctf saarctf '.*' '.*' '.*'
rabbitmqctl set_user_tags saarctf administrator
rabbitmq-plugins enable rabbitmq_management
systemctl restart rabbitmq-server

Flags

Current format: SAAR\{[A-Za-z0-9-_]{32}\}. Example: SAAR{8VHsWgEACAD-_wAAfQScbWZat3KXyYe9}

Folders

  • controlserver: The main components (timer, scoreboard, scoring, dispatcher, ...)
  • checker_runner: The celery worker code running the checker scripts
  • gamelib

Configuration

To test, copy config.sample.json to config.json and adjust if needed. JSON keys starting with __ are stripped.

To deploy, you can use environment variables:

  • SAARCTF_CONFIG path to config.json file
  • SAARCTF_CONFIG_DIR folder where config.json is located, and additional files will be stored (VPN config, VPN secrets etc). Default: root of this repository.
  • Set SAARCTF_NO_RLIMIT if you have to run checkers without limit (e.g. Chromium)

Scoring

The formulas to compute offensive/defensive/SLA scores are on the webpage, including a description of the details. On the gameserver side, there are several factors you can use to adjust scores (all in config.json "scoring":{...}):

  • nop_team_id: you cannot submit flags from this team
  • flags_rounds_valid (default 10) more ticks means a bigger initial peak for new exploits, less ticks mean more time pressure
  • off_factor scale offensive points up/down by this factor
  • def_factor scale defensive points up/down by this factor
  • sla_factor scale SLA points up/down by this factor Note that the defensive score formula contains a reference to SLA points, thus, the sla_factor also influences defensive scores.

Suggestions for saarCTF are default settings (1/10/1.0/1.0/1.0). Suggestions for our small workshop are (0/20/2.5/1.5/1.0).