[🐛] Unable to import to ctfd

[ChinaNuke]

🐛 Bug report

Description

When I follow the instructions here, select the backup file and click the "Import" button in CTFd, it stuck at "Upload Process", and when I refresh the page, I get an "Internal Server Error".

Here is the log from CTFd:

Failed to disable foreign key checks. Continuing.
INFO  [alembic.runtime.migration] Context impl SQLiteImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
ERROR [root] Error: Can't locate revision identified by '4d3c1b59d011'
[2023-08-24 09:10:50 +0000] [1] [INFO] Handling signal: winch
[2023-08-24 09:10:50 +0000] [1] [INFO] Handling signal: winch

I've tried to restart the CTFd docker container as described in #57 but then I cannot login to the admin panel because it says username or password wrong, and there is no challenges.

Is this a regression?

I don't know, I'm new to juice-shop.

🔬 Minimal Reproduction

First run juice-shop with the following command.

$ sudo docker run --rm -it -p 3000:3000 --env NODE_ENV=ctf --env CTF_KEY=abcdefg bkimminich/juice-shop

> juice-shop@13.0.2 start /juice-shop
> node build/app

info: All dependencies in ./package.json are satisfied (OK)
info: Chatbot training data botDefaultTrainingData.json validated (OK)
info: Detected Node.js version v14.18.2 (OK)
info: Detected OS linux (OK)
info: Detected CPU x64 (OK)
info: Configuration ctf validated (OK)
info: Required file server.js is present (OK)
info: Required file index.html is present (OK)
info: Required file styles.css is present (OK)
info: Required file main.js is present (OK)
info: Required file tutorial.js is present (OK)
info: Required file polyfills.js is present (OK)
info: Required file runtime.js is present (OK)
info: Required file vendor.js is present (OK)
info: Port 3000 is available (OK)
info: Server listening on port 3000

And then generate the backup archive.

$ sudo docker run --rm -it -v ./juice-shop:/data bkimminich/juice-shop-ctf

Generate OWASP Juice Shop challenge archive for setting up CTFd, FBCTF or RootTheBox score server
? CTF framework to generate data for? CTFd
? Juice Shop URL to retrieve challenges? http://192.168.224.129:3000
? Secret key <or> URL to ctf.key file? abcdefg
? Insert a text hint along with each challenge? No text hints
? Insert a hint URL along with each challenge? No hint URLs
? Insert a code snippet as hint for each challenge? No hint snippets

Backup archive written to /data/OWASP_Juice_Shop.2023-08-24.CTFd.zip

After the import you will have to set up the CTF name and administrator credentials again!

For a step-by-step guide to import the ZIP-archive into CTFd, please refer to
https://pwning.owasp-juice.shop/part1/ctf.html#running-ctfd

Then import the generated zip archive in CTFd admin panel.

🌳 Your Environment

juice-shop: 13.0.2
CTFd: 3.6.0
Docker: 24.0.5

[github-actions]

Thanks a lot for opening your first issue with us! 🧡 We'll get back to you shortly! ⏳ If it was a Support Request, please check our extensive CTF manual first. Also, please consider asking on the community chat next time! 💬

[bkimminich]

Seems the generator for CTFd needs an update. Until that's done, please try CTFd 3.4 which is the last version we optimized the export for.

I'll start a Docker container with CTFd 3.6, do a backup and check the new alembic_version it has. Hopefully that's all that is to do.

[bkimminich]

I updated the version and tested with Docker, but CTFd will not allow an import into SQLite DB (which is the DB running in the Docker image), mentioning CTFd/CTFd#1988 as the reason.

It seems that anything greater CTFd 3.4 will no longer work with the current data export from juice-shop-ctf. I'll update the documentation to clarify that, and then look into the CSV export/import format of CTFd instead. See #132.

[bkimminich]

Even CTFd 3.4 does not properly import a current export from Juice Shop any more. #132 will be used to replace the entire exporter with a CSV.

[bkimminich]

Please use v10.0.0 to generate a CSV which you can then import into CTFd 3.6 via "Import CSV" function. The CTFd team will also add hint cost support to their CSV schema, so we'll be back to full functionality shortly after their 3.7 comes out. See CTFd/CTFd#2038 for progress.