shellphish / ictf-framework Goto Github PK

http://ictf.cs.ucsb.edu/framework is not being served correctly.

e.g. team "1" and "2"

(ask Jason for the sample)

Right now, everything is in the same network (samenet branch). The router/ folder documents an alternative setup with VPNs and randomization, but this needs to be automated.

We need to:

• implement the creation of the Router VM in create_vms.py
• idem for VPN VMs
• change the network configurations generated by create_team() and create_org() in create_vms.py as needed

I could not download file from http://ictf.cs.ucsb.edu/base-vms/base-vms.tar.gz

Organization-base and iCTF-base, referenced in create-vms.py, are not released, so it is difficult to reproduce the create-vms.py functionality.

Perhaps we can have a better way of building these VMs, so that I could do it from scratch on a server (let's say in openstack)?

The basic idea is that I want to run a mock ictf framework on openstack infrastructure, so I'm setting up the VMs by hand. It's easy enough following create-vms.py, but the problem is in figuring out the installed software on the base images. So I had to create a game with bundles on the ictf website.

At the moment we are using libguestfs to mount base VMs and modify them. However there have been cases of race conditions when trying to umount those images.
An example is explained in the guestmount man page (or here: http://libguestfs.org/guestmount.1.html)
A user reported to have FS corruption when he was trying to mount-modify-umount vdi images through a VirtualBox shared directory.
Soon we'll decide on a better strategy: either using libguestfs directly or switching to a disk format that doesn't need it.

Currently there is no way to know if your services are accepting and giving back flags to the scorebot.

Does it go against the goals of this project to simply define an "interface" for services (which there might already be) but not provide any from within this repository (perhaps move them to ucsb-seclab/ictf-services and then pull them in when bootstrapping -- if desired)?

When i get to putting in my github password, the key are not typing

If a team turns their services off, they are not penalized.

Hello boys, is the project dead or you plan to make new changes?
Hints:

• We played ictf 2015 on Decemeber/15 but last commit is about a year ago.
• Box links are broken.

Thanks
Einar

Reference: http://ictf.cs.ucsb.edu/framework

Fggg

The central API secret is currently not randomized, but the API is pretty well protected from the outside. However, it might be good to randomize this (and other passwords) just in case.

Hi,

we are currently using your framework and found a problem with the Service state on the dashboard. If a service is running the state shows "offline" and if the VM is not even online the state is either "online" or "online but disfunctional".

As state 2 is the starting state in the MySQL dbms the scorebot seems to enter wrong numbers into there.

Hey Jacopo,
I've set up caching and rate limiting on the website. To make it work, I need redis-server on the organization host.
Thanks!

Hi, I want to use from iCTF platform. But when I go forward with your document in "Forging the machines" step I don't have "ictf-framework/basehost/scripts" directory and shell scripts (export_env_aws_us-west-1.sh, export_env_aws_us-west-2.sh, etc) inside it. I think previous steps are done successfully but I don't know where is the problem. Can you help me?

I'm sure people would figure out a way to scrape flag-ids from the website, but it might be better if there was some API or something they could use to get the flag-id for a particular service.

We need to sync with Jason to get the services in here under the new format.

Refreshing constantly doesn't seem efficient. Some sort of status on the page or an email when it's done would be nice, but not required.