Root the Box is a real-time scoring engine for a computer wargames where hackers can practice and learn. The application can be easily modified for any hacker CTF game. Root the Box attempts to engage novice and experienced hackers alike by combining a fun game-like environment, with realistic challenges that convey knowledge applicable to real-world penetration testing. Just as in traditional CTF games, each team attacks targets of varying difficulty and sophistication, attempting to collect flags. However in Root the Box, teams can also create "Botnets" by uploading a small bot program to target machines. Teams are periodically rewarded with (in-game) money for each bot in their botnet; the larger the botnet the larger the reward.
Money can be used to unlock new levels, buy hints to flags, download a target's source code, or even "SWAT" other players by bribing the (in-game) police.
Player's "bank account passwords" are also publically displayed by the scoring engine, allowing players to crack each other's passwords and steal each other's money.
- Distributed under the Apache License, Version 2.0
- Team based botnets
- Real-time scoreboard graphs using websockets
- Real-time status updates using websockets
- Built-in team based file/text sharing
- A wall of sheep displaying cracked passwords
- Unlocks and upgrades as users caputre flags
- Export and share Boxes/Flags
- Other cool stuff
See the Root the Box Wiki
- Python 2.7.x or Pypy 2.x
- Install scripts are for Ubuntu (or Debian) but the application should work on any Linux, BSD, or OSX system.
- Internet Explorer is NOT supported, any compatability with IE is purely coincidental. Please use the latest release of Firefox, Chrome, Opera, or any other browser that supports open standards.
Open a ticket on GitHub and I'd be happy to help you out with setup/configuration/edits.
Open a ticket on GitHub, and I'll see what I can do for you. I'm always brainstorming new ideas, and looking for cool stuff to add!