hsasctf / lxctf Goto Github PK

• Figure out if the project structure can be configured with vscode
• Containerize all gameserver components so testing is possible without Vagrant/VMs, using devcontainer.json if possible

Currently the project is configured using PyCharm Professional.

after container booted, updates are being downloaded. this should be disabled somehow as it is a trigger bug in systemd that downloads this updates.
this should make ansible run more reliable

https://unix.stackexchange.com/questions/315502/how-to-disable-apt-daily-service-on-ubuntu-cloud-vm-image

• service_ports -> read from json/yaml files?
• test bash scripts in scripts/
• are all services using TCP, not UDP?

We plan to switch from openvpn to wireguard for performance reasons

Hi I have two questions.

First is the demo01.py file. If I understand the process correct we need to run a changed demo file to run our dashboard. Or is there another file which allows us to run the dashboard. Because if we need to run the changed demo file we need to change the amount of the teams or the passwords manually. It would be better to load them from the DB.
Or did I understand something wrong or didn't find the correct file.

Secondly is the implementation of the services. We were wondering if we are correct that this happens in the reset1.py file. Or is this somewhere else.

Thank you for your support.

Following configs should be changed:

roles/vpn/templates/openssl/server.cnf.j2:5: default_md = sha2
roles/vpn/templates/openssl/client1.cnf.j2:5: default_md = sha2

to

default_md = sha256

This solved an error while running the ansible provision.

A securer method for inventory is needed, maybe with a paramter for number of teams and KDFs instead of static keys.

https://docs.ansible.com/ansible/latest/dev_guide/developing_inventory.html#developing-inventory

• Vagrant inventory
• local inventory
• PBKDF2

We plan to port Scorebot to python 3 for easier dependency management and to make it possible to also write the get/setflag scripts in py3

• remove unused imports
• remove unused packages in requirements.txt
• upgrade packages with security bugs

@c-goes our ctf is planned for january and we would like to have the ctf up and running for testing and usage. Is it possible to get a release until sunday evening 15.12.2019 23:59?
We will add pull requests for all features we woud like in the release until tomorrow evening.

• configuration keys for all email addresses
• download configs while game is running

• disable LXD auto rule generation
• add role to infrastructure.yml playbook
• .gitignore for rules file
• NAT rules?
• service_ports -> read from json/yaml files?
• are all services using TCP, not UDP?
• test bash scripts in scripts/
• remove delegate_to
• PR

The components should all run automatically and forever waiting for the game to start/end.

For now we just made the logserver service public. In the next days we'll try to upload the other services as well.

Right now it depends on all servers using UTC

We wanted to know if there is a similar python file like demo.py which is for app_registration? Or do we need to start it manually? And if so can you give us some pointer?

Do we need to start it manually with waitress or ???

Another point that you still can access the Website https://ctf.uber.space. We are wondering where is the location, is this the old server from the previous ctf.

• installation
• run a short demo with logs of failing flags scripts

we already hat automatic login to dashboard in use for 2019 ctf (based on ip address).
but it's not yet in git.
solves bug where team cannot login when team name has special characters.

It's the best framework for Jeopardy CTFs.

We plan to add 3-6 new small services for next ctf (dec 2019/jan 2020)

Hi I started the register_tornado.py and than I get this Error.

"Database error, there is no empty event in database (event without ticks)"

I tried to reset the Database with the manage_reset_db.py and there I get the Error.

"Can't connect to MySQL server on 127.0.0.1" but the connection is there

Where is our problem?

• Instead of Team number (database) show the Subnet Number (network) in dashboard.
• Port instead of service id
• active flag_id from other teams

LXD now supports KVM (similar REST-API but also for KVM besides LXC)

The development environment should be editable again to speed up development, but with the 2 VM vagrant setup instead of 3. Until now we only have a sync implemented via vagrant provision.
Looks like it works with libvirt. Need to test it with VirtualBox before pushing the changes.