Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include generated config, pages, and users when generating CTFd challenges ZIP #54

Closed
netr0m opened this issue Feb 1, 2024 · 3 comments
Closed

Include generated config, pages, and users when generating CTFd challenges ZIP #54

netr0m opened this issue Feb 1, 2024 · 3 comments
Assignees
@netr0m
Labels
💡 feature request New feature or request wontfix This will not be worked on

Comments

@netr0m
Copy link
Contributor

netr0m commented Feb 1, 2024
edited

Describe Problem

Each time we set up a new instance of the CTFd service (typically every time we deploy), we have to manually intervene by completing the configuration steps in CTFd. This includes creating a new user, configuring the settings, and importing the custom pages defined in guides-and-tips/. Rather than doing this manually, we should consider generating the user JSON and config JSON to reduce the amount of manual work required.

Currently, we generate the challenges file for CTFd with the script generate-challenges.sh, which produces a ZIP file containing challenges.json, among other things. This is manually uploaded to CTFd after configuration has taken place.

By extending this script, we could potentially include all common configurations in the zip file and upload it directly, eliminating the need for manual steps.

Suggest Solution

  • Look at the contents of a backed up ZIP file exported from CTFd to identify how to generate such files
  • Implement logic in generate-challenges.sh to
    • generate these JSON files, and add them to the ZIP file produced by juice-shop-ctf-cli
    • upload the ZIP file to the CTFd instance

Additional Details
@netr0m netr0m added the 💡 feature request New feature or request label Feb 1, 2024
@netr0m
Copy link
Contributor Author

netr0m commented Feb 1, 2024 

❯ cat users.json | jq
{
  "count": 2,
  "results": [
    {
      "id": 1,
      "oauth_id": null,
      "name": "admin",
      "password": "$bcrypt-...",
      "email": "<EMAIL>",
      "type": "admin",
      "secret": null,
      "website": null,
      "affiliation": null,
      "country": null,
      "bracket": null,
      "hidden": 1,
      "banned": 0,
      "verified": 0,
      "team_id": null,
      "created": "<DATE>"
    },
    ...
  ]
}

@netr0m
Copy link
Contributor Author

netr0m commented Feb 1, 2024

Relevant files:

  • users.json
  • config.json
  • pages.json

@netr0m netr0m mentioned this issue Mar 1, 2024
Closed
12 tasks
@netr0m
Copy link
Contributor Author

netr0m commented Mar 1, 2024

Closing this as not doing/unresolvable, as

  • dealing with the mix between JSON and CSV files is messy, and prone to break when fields change.
  • the instance must be configured prior to uploading/restoring such files
  • we'd have to convert the challenges CSV to the JSON format, duplicating internal logic of CTFd.

An improved approach is proposed in #58 , replacing the need for this approach.

@netr0m netr0m closed this as not planned Won't fix, can't repro, duplicate, stale Mar 1, 2024
@netr0m netr0m self-assigned this Mar 1, 2024
@netr0m netr0m added the wontfix This will not be worked on label Mar 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@netr0m netr0m

Labels
💡 feature request New feature or request wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@netr0m