v0.24.0

What's Changed

• typo post_exploitation instead of post_credits by @proditis in #950
• dont spin ondemand targets rather pull them by @proditis in #951
• minor documentation updates by @proditis in #957
• Improvements to the docs, playbook and docker related files by @proditis in #958
• Regenerate the player badge when there are updates to the player by @proditis in #959
• Improvements to multiple components by @proditis in #960
• Multiple updates to docs and yml by @proditis in #965
• minor chores by @proditis in #967
• Update docker containers by @proditis in #968
• add triggers for challenges and stream by @proditis in #971
• Another attempt at fixing the memcached issue that we're experiencing under docker by @proditis in #972
• Micro corrections by @proditis in #973
• Avoid throwing exception for foreach from command line cron/instances command by @proditis in #975
• docker related improvements by @proditis in #978
• frontend profile and backend player layout updates by @proditis in #981
• again logic bug by @proditis in #982
• add cron to packages by @proditis in #983
• make sure we dont fail on brand new startups by @proditis in #984
• merge with development by @proditis in #988
• Minor improvements by @proditis in #992
• merge with dev by @proditis in #995
• Some documentation tweaks by @g0rchy in #1017
• Multiple changes/fixes brought forward by events by @proditis in #1009
• Add default entries for FAQ, Rules and Instructions by @proditis in #1019
• Only show subscribe button to networks that are part of subscription products by @proditis in #1021
• players and target support sort and filter by @proditis in #1022
• Team audit by @proditis in #1023
• fixes #998 by @proditis in #1024
• Update configure form with more settings by @proditis in #1025
• fixes #1008 by @proditis in #1027
• improve require_activation=false by @proditis in #1028
• add updated_at/created_at fields to target_player_state by @proditis in #1029
• make the target dropdown listing ordered alphabetically on player findings and treasures by @proditis in #1031
• make sure we order challenge_solver.created_at by @proditis in #1032
• delete copy of validator by @proditis in #1037
• add team_allowed field on target_instance by @proditis in #1042
• bug: fix typo in relation by @proditis in #1043
• remove funding by @proditis in #1044
• dont notify owner and redir to index by @proditis in #1045
• fix typo that broke cron/instances by @proditis in #1046
• fix team instances logic bug by @proditis in #1047
• make card follow col size of parent page by @proditis in #1050
• add only approved players to team instances by @proditis in #1051
• New Icon for teams by @0xJaeg3r in #1053
• make sure team instances respect approved players all around by @proditis in #1054
• use the new icon by @proditis in #1055
• we dont have an activequery named active() here by @proditis in #1056
• sync backend team view avatar by @proditis in #1057
• Player badge improvements by @proditis in #1058

New Contributors

• @0xJaeg3r made their first contribution in #1053

Full Changelog: v0.23.0...v0.24.0

v0.23.0

What's Changed

• Fix subscriptions from firefox by @proditis in #899
• make col-XL distribution a bit better by @proditis in #901
• dont clear when dropdown hides by @proditis in #902
• make default non zero IP copy to clipboard by @proditis in #903
• currently displayed writeups must respect the current user by @proditis in #905
• Findings before claim by @proditis in #906
• update docker example and maintenance/sync-collations actions by @proditis in #908
• add new line on cron/healthcheck when container not on our list by @proditis in #909
• Backend dashboard improvements by @proditis in #910
• Update autocomplete ajax widget by @proditis in #912
• backend infrastructure dashboard details by @proditis in #913
• fix beforeAction bug when csrfValidation failed by @proditis in #914
• add some extra icons that can be used by notifications and links by @proditis in #915
• AccessControl overload and namespace path changes by @proditis in #916
• fix notifications url to the right controller action by @proditis in #917
• Backend fixes by @proditis in #924
• Backend add relative times by @proditis in #925
• comment out this functionality for now by @proditis in #926
• Maintenance mode by @proditis in #929
• wrap everything into a try/catch by @proditis in #930
• Backend target full view by @proditis in #932
• Tooltips and profile columns by @proditis in #935
• update the menu entries a bit by @proditis in #936
• Update notification rotation logic and management by @proditis in #937
• Spin history relation by @proditis in #938
• fix success class of boolean column by @proditis in #939
• Player subscription cancellation by @proditis in #940
• Maintenance notification by @proditis in #943
• fix the message (double back) by @proditis in #945
• Docker servers playbook update by @proditis in #946
• update jquery to 3.6.4 by @proditis in #947
• admins dont need the notification popups by @proditis in #948
• add version update by @proditis in #920

Full Changelog: v0.22.0...v0.23.0

v0.22.0

What's Changed

• Minor post release bugs by @proditis in #828
• display prod_vip entries in price/index by @proditis in #831
• add activated-writeups action and view by @proditis in #833
• introduce 2 more maintenance commands and fix mailer by @proditis in #838
• log registration errors by @proditis in #839
• fix documentation typo by @g0rchy in #840
• Example target updates by @proditis in #844
• repair the logic to match only on given user by @proditis in #845
• add groups creation prior to users by @proditis in #846
• minor updates to example target by @proditis in #847
• Fix progress and guest network view by @proditis in #848
• Credits pages by @proditis in #853
• updated default mysql auth command & some slight md tweaks by @g0rchy in #855
• Issue 852 by @proditis in #857
• add created_at partial search by @proditis in #858
• multiple minor fixes by @proditis in #859
• Writeup Logic modifications by @proditis in #860
• Last visited targets and dashboard improvements by @proditis in #861
• update headshot trigger spin conditions by @proditis in #862
• Private instances dashboard by @proditis in #864
• add letencrypt configuration by @proditis in #865
• fix minor bug that replaced dashboards title by @proditis in #866
• Target card fixes by @proditis in #870
• minor fixes to player cli and backend by @proditis in #873
• Bootstrap5 by @proditis in #875
• Backend profile column by @proditis in #880
• Profile headings by @proditis in #881
• update tad_player trigger by @proditis in #882
• Tad player update by @proditis in #883
• Subs and network improvements by @proditis in #885
• Update miloschuman/yii2-highcharts-widget requirement from ^7.1 to ^10.0 in /backend by @dependabot in #887
• remove container overload leftovers by @proditis in #888
• Partial date search by @proditis in #889
• credentials is part of the gameplay by @proditis in #890
• Backend profile improvements by @proditis in #891
• Breadcrumb link index by @proditis in #893
• Notification improvements by @proditis in #894
• remove error log of visits by @proditis in #895

New Contributors

• @g0rchy made their first contribution in #840

Full Changelog: v0.21.0...v0.22.0

v0.21.0

What's Changed

• Remove number format from team cards for points, it breaks the translations by @proditis in #754
• News discord webhooks by @proditis in #755
• update playbook by @proditis in #756
• create cli commands for backend by @proditis in #757
• team listing and discord messaging improvements by @proditis in #758
• Target difficulty indicator improvements by @proditis in #759
• Backend ovpn dl by @proditis in #760
• Introduce the ability to hide inactive targets from the frontend by @proditis in #761
• this color theme with icons is much better by @proditis in #762
• Issue 752 by @proditis in #763
• Json encode all sysconfig keys by @proditis in #764
• update workflows to newer ubuntu by @proditis in #765
• update and merge 🤦‍♂️ by @proditis in #781
• Add unannounced network flag by @proditis in #782
• Fix finding details by @proditis in #784
• remove dev dependencies from frontend by @proditis in #788
• Css overrides and mui fixes by @proditis in #789
• Notification types and counters update by @proditis in #790
• Short polling notifications by @proditis in #791
• Escape flash messages that receive untrusted input by @proditis in #793
• use checkout@v3 on our workflows by @proditis in #797
• Fix xss in help widget by @proditis in #798
• only do api GET when Notifications or Hints exist by @proditis in #799
• fix indentation and escape username by @proditis in #800
• Static content improvements by @proditis in #802
• Validation pages by @proditis in #803
• Discard private instances by @proditis in #804
• Issue 670 by @proditis in #805
• Monthly leaderboard by @proditis in #809
• Improve frontend validator command by @proditis in #810
• Issue 806 by @proditis in #811
• make sure we dont fail when there is no pf table by @proditis in #812
• Maintenance cli by @proditis in #814
• fixes #813 by @proditis in #815
• try to catch exception and not Error on Target command by @proditis in #816
• Multiple prices per stripe product by @proditis in #817
• Stripe portal link by @proditis in #821
• Add products import by @proditis in #824
• Leaderboard additions by @proditis in #825
• dont fail for VIP subscriptions by @proditis in #826

Full Changelog: v0.20.2...v0.21.0

v0.20.2

• [BUG] Fix writeup update not updating content
• Replace echoCTF.RED with echoCTF on error pages
• Many documentation updates
• Updates on ansible playbooks
• Add target allowed_instances field to enable/disable private instance support per target
• Add sysconfig key for enabled/disabled public view of target pages
• [BUG] CSS/JS overrides dont work as expected
• [BUG] Add check for exception on frontend/themes/material/site/error.php
• Make registration validators configurable by the backend
• Redirect or refresh instead of error page on CSRF token validation error
• Redirect instead of error page on verify-email
• Make sure we display the uploaded team picture after update
• Add support for subscriptions menu item

v0.20.1

• Improvements to backend stripe operations
• Improvements to the teams module
• Improvements to the networks module
• Improvements to the subscription access rules
• Improvements to the Docker Compose and Dockerfiles

Special thanks to the echoCTF Discord Staff (@0rgis, @bibaf, @g0rchy, @r0b0tG4nG)

v0.20.0

• Significant improvements on cron commands
• Improve frontend performance (reduce the number of queries performed)
• Show failed logins on player profile
• Make backend forms that require player_id into ajax search
• Display better errors when pulling and starting images
• Add precision to stream timestamp
• Reduce CSRF validation errors and turn them into alerts instead of error pages
• Improve error handling on nginx templates
• Player settings update avatar, updates the first time
• Support for private instances
• Improve on demand powerups
• Frontend indicator when connected to vpn
• Make support staff ids into a sysconfig key
• Fix docker-compose errors that got introduced by mixed encoding
• Fix bugs on ratings, writeups, typos in Inquiry models (thnx @HitmanAlharbi)

v.0.19.1

• Move ovpn template into backend
• Display average player rating on target
• Limit displayed target headshotters into 30
• Limit displayed challenge solvers into 30
• Team module improvements (ready for public activation)
• Improve writeup display
• Add support to rate writeup
• Make pending target progress on player profile a configurable flag
• Add support for disable writeups on target (eg tutorials)
• Display contributed writeups separately on player profile page

v0.19.0

• [backend] Add exec support on remote docker container
• [backend/frontend] Add time_zone setting support
• [frontend] Update twitter widget
• [frontend] Make sure we update the player online status on frontend visits
• [frontend] Make past spam checking code into validators
• [backend/frontend] Add support for disabling target spins for a player or a target altogether
• [frontend] Apply css styles on writeup view
• [frontend] Add writeup live preview (client side rendering)
• [backend] Add writeup preview
• [backend] Add view logs operations from running target containers
• [backend] Add full profile view
• [frontend] Validate before displaying existing user data
• [frontend] Update css to make profile settings validation errors stand out
• [backend] Create offline validator for player data
• [backend] Add support to disable writeup submissions for a target
• [backend] Add support to disable routes for a specific player
• [backend] Initial onsite help sections for all operations
• [backend] Add support for mass operations on filtered data of target
• [frontend] Introduce a local cache of memcache keys so that we only query memcache once per sysconfig key
• [frontend] Order network targets
• [backend] Split firewall rules into anchors so that we can manipulate sections independently from each other
• [frontend] Add share button on headshot
• [backend] Mail action templates are now part of the content
• [backend] SSL Parameters are now sysconfig keys
• [backend] Enforce properl Access Rules on all controllers
• [backend] Make leaderboard visibility before and after event start/end a configurable entry
• [backend] Make leaderboard visibility of zero scores a configurable entry
• [frontend] Referral functionality on player profiles
• [frontend] Re-enable autologin after account activation
• [backend] Introduce platform counter tables
• [frontend] Improve login & signup forms
• [frontend] Log registration and activation client IP's
• [backend] Add support for simple dynamic URL rules (not parameterized at the moment)
• [frontend] Make target category field visible on frontend

v0.18

• Validate social media profile links (@HitmanAlharbi)
• Add color border around top 3 positions of leaderboards
• Add rate limit on default nginx snippets
• Replace hardcoded references of echoCTF.RED to event_name sysconfig key
• Add target scenario field to help explain the overall scenario and help in support
• Add per target pre and post headshot resources
• Fix filtering issues on backend network grid
• Disable ovpn download for players with no keys
• Improved backend team management
• Fix docker compose volumes for images
• Fix host header injection when using certain versions of nginx and make it the default on configuration files (@HitmanAlharbi)