NODE_CTF is a CTF scoreboard for more offensive based CTF's. This uses jquery , node, and express
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
certs
html
node_modules
optional
pub
README.md
app.js
package.json

README.md

NODE_CTF - A Node/Express JS CTF Scoreboard

Alt text

NODE_CTF is a CTF scoreboard for more offensive based CTF's. This uses jquery , node, and express. However, this could be used for any type of ctf as it allows generic questions and answers to be put in along with questions/hints. I created this because I felt like I couldn't find any CTF scoreboard that fit my needs. I also did this to learn node a bit better and took me about 6 days. Enjoy!

Made with node v6.9.1 and tested in Windows 7 / 8

#FEATURES:

  1. User Registration
  2. Toggle Registration on/off
  3. Flags submission
  4. Trivia questions which unlock hints
  5. Nav panel
  6. Targets Panel which displays a root and limited flag. Changes colors on capturing flags
  7. Leader Scoreboard (of course!)
  8. News feed ticker ( collapses on click) (lets you know what other people are up to and allows admins to send messages)
  9. Custom Avatars and coloring for team/user profiles.
  10. Account management Panel
  11. Admin Panel for managing users, creating flags, sending news to everyone, downloading log data
  12. LOGGING (optional - off by default) ! It is a hacking ctf scoreboard after all. This way you can keep an eye on an suspicious activity against the site.
  13. Efficiency - NODE_CTF uses clustering and sql pooling to increase performance and handle large loads

#HOW TO RUN

  1. Install
  2. cd to root dir
  3. run "node app.js"

#INSTALLATION

  1. git clone https://github.com/chrisjd20/node_ctf.git
  2. npm install
  3. Change values on lines 44-50 to reflect your system and db info
  4. node app.js <----- This starts the server

#IMPORTANT

  1. Default creds are admin/admin. Change this asap
  2. Be careful who has access to the admin account. There is minimal input filtering for admin as of right now though regular users should be fairly locked down. Ex - Admin is the only one with access to post custom messages to the news feed. script tags etc...
  3. Other than that, should be fairly secure. If you find any issues, please email me at admin (at) hackitlab . com

#SCREENSHOTS Alt text Alt text Alt text Alt text Alt text Alt text