Skip to content

smlhrd/juice-shop-ctf

BranchesTags
 
 

Repository files navigation

Juice Shop CTF Logo OWASP Juice Shop CTF OWASP Labs GitHub release Twitter Follow

Build Status Coverage Status Code Climate bitHound Overall Score Dependency Status

The NPM package juice-shop-ctf-cli lets you create a list of INSERT statements for the CTFd database that will populate the platform for a Capture the Flag event using OWASP Juice Shop.

Setup npm npm

npm install -g juice-shop-ctf-cli

Usage

Open a command line and run:

juice-shop-ctf

Then simply follow the instructions of the command line tool:

asciicast

Populating the CTFd database

Apply the generated insert-ctfd-challenges.sql following the steps describing your own CTFd setup.

Default setup (including SQLite database)

  1. Get CTFd with git clone https://github.com/CTFd/CTFd.git.
  2. Perform steps 1 and 3 from the CTFd installation instructions.
  3. Use your favourite SQLite client to connect to the CTFd database and execute the INSERT statements you created.
  4. Browse to your CTFd instance UI (by default http://127.0.0.1:4000) and create an admin user and CTF name

docker-compose setup (including MySQL container)

  1. Setup Docker host and Docker compose.

  2. Follow steps 2-4 from the CTFd Docker setup to download the source code, create containers and start them.

  3. After running docker-compose up from previous step, you should be able to browse to your CTFd instance UI (<<docker host IP>>:8000 by default) and create an admin user and CTF name.

  4. Once you have done this, run docker-compose down or use Ctrl-C to shut down CTFd. Note: Unlike a usual Docker container, data will persist even afterwards.

  5. Add the following section to the docker-compose.yml file and then run docker-compose up again:

    ports:
  - "3306:3306"

  6. Use your favourite MySQL client to connect to the CTFd database (default credentials are root with no password) and execute the INSERT statements you created.

  7. Browse back to your CTFd instance UI and check everything has worked correctly.

  8. If everything has worked, do another docker-compose down, remove the ports section you added to docker-compose.yml and then do docker-compose up again and you are ready to go!

Screenshots

CTFd challenge overview

CTFd challenge details

Troubleshooting Gitter

If you need help with the application setup please check the Troubleshooting section below or post your specific problem or question in the official Gitter Chat.

  • If using Docker Toolbox on Windows make sure that you also enable port forwarding for all required ports from Host 127.0.0.1:XXXX to 0.0.0.0:XXXX for TCP in the default VM's network adapter in VirtualBox. For CTFd you need ports 8000 permanantly and 3306 during setup.

Contributing GitHub contributors Stories in Ready

Found a bug? Got an idea for enhancement? Improvement for cheating prevention?

Feel free to create an issue or post your ideas in the chat! Pull requests are also highly welcome - please refer to CONTRIBUTING.md for details.

Donations

PayPal PayPal

PayPal donations via above button go to the OWASP Foundations and are earmarked for "Juice Shop". This is the preferred way to support the project.

Others

Flattr Gratipay

Bitcoin Dash Ether

Contributors

Ordered by date of first contribution. Auto-generated on Wed, 01 Feb 2017 20:01:35 GMT.

Licensing license FOSSA Status

This program is free software: you can redistribute it and/or modify it under the terms of the MIT license. OWASP Juice Shop and any contributions are Copyright © by Bjoern Kimminich 2016-2017.

Juice Shop CTF Logo

About

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

www.owasp.org/index.php/OWASP_Juice_Shop_Project

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

9 tags

Packages

No packages published

Languages

  • JavaScript 100.0%