Skip to content
A CTF framework(in Flask) for HackTheBox style machines.
Python HTML CSS Other
Branch: master
Clone or download
Latest commit 24a6153 Jul 31, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
screenshots added screenshots Jul 7, 2019
src changed organiztion Jul 31, 2019
.gitignore Added User and Root Submission IP Column in Database Jul 27, 2019
Dockerfile fixed docker integration Jul 7, 2019
LICENSE Create LICENSE Jul 22, 2019
README.md Update README.md Jul 31, 2019
docker-compose.yml fixed docker integration Jul 7, 2019

README.md

RootTheBox CTF Framework

A CTF framework(in flask) for HackTheBox style machines.
A live demo of the app is available at: https://rtblivedemo.herokuapp.com/.
You can login and mess around as 2 users: admin:admin and test:test.

Features

  • Flask Blueprints
  • Flask-admin for Admin views and easy realtime management
  • Easily deployable on Heroku.
  • A page to show relevant details about the machine such as name, IP, OS, points and difficulty level.
  • User Registration, account management, Forgot password, Notifications, Full Fledged Logging
  • Hash submission (currently 2 hashes: user and root)
  • Real time scoreboard tracking

How To Use

Requirements

Installation and first run

  1. Git clone the repo and cd into it
$ git clone https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework
$ cd RTB-CTF-Framework/
  1. Create virtual environment to deal with dependencies and requirements.
$ virtualenv -p /usr/bin/python3 venv
$ source venv/bin/activate
$ cd src/
  1. With virtual environment activated, install requirements, init db and run !
[venv]$ pip install -r requirements.txt 
[venv]$ python create_db.py # Only required on first run
[venv]$ python run.py

Deployment using Heroku

  1. Create your heroku app using heroku cli tool.

    Follow the official guide by Heroku: https://devcenter.heroku.com/articles/getting-started-with-python#prepare-the-app

  2. Provision Database add-on.

    Add the following add on to your new app: https://elements.heroku.com/addons/heroku-postgresql

  3. Creating database instance. In your heroku app directory,

    $ heroku run bash
    [heroku]$ python create_db.py
  4. Your app should be live now. You can run heroku open to open it in browser.

For Your CTF

Using this as simple as anything.

  1. Just configure your CTF settings in config.py.

  2. DO NOT FORGET to change admin credentials from create_db.py

  3. See database instance creation steps under How To Use.

Bonus: You can manage the database CRUD operations from admin views GUI as well as issue notifications.

Warning: If you make any change to config.py logging/config class/score settings. It's highly recommended to create a new DB instance.

Contributing

Please see: issues and the below To-do list

To-do

  • Freeze Scoreboard automatically past running time specified
  • Support for more hashes
  • Testing Password reset functionality
  • More info for home.html
  • Need to implement account.html (not a priority)

  • db relationship between User and Score Tables (priority | issue: #5)
  • isAdmin column in User table and Admin views (priority)
  • Notifications
  • Use Flask Blueprints
  • Finalize black theme?
  • Error messages not appearing in /submit
  • Implement machine.html to server a page where one can download/serve machines

Screenshots

You can’t perform that action at this time.