This plugin for CTFd will allow your competing teams/users to start dockerized images for presented challenges. It adds a challenge type "docker" that can be assigned a specific docker image/tag. A few notable requirements:
- Docker Config must be set first. You can access this via
/admin/docker_config. Currently supported config is pure http (no encryption/authentication) or full TLS with client certificate validation. Configuration information for TLS can be found here: https://docs.docker.com/engine/security/https/ - This plugin is written so that challenges are stored by tags. For example, StormCTF stores all docker challenges for InfoSeCon2019 in the
stormctf/infosecon2019repository. A challenge example would bestormctf/infosecon2019:arbit. This is how you would call the challenge when creating a new challenge.
- It is unknown if using the same tag twice will cause issues. This plugin was written to avoid this issue, but it has not been fully tested.
- As with all plugins, please security test your Scoreboard before launching the CTF. This plugin has been tested and vetted in the StormCTF environment, but yours may vary.
Requires flask_wtf
pip install flask_wtf
- Allows players to create their own docker container for docker challenges.
- 5 minute revert timer.
- 2 hour stale container nuke.
- Status panel for Admins to manage docker containers currently active.
- Support for client side validation TLS docker api connections (HIGHLY RECOMMENDED).
- Docker container kill on solve.
- (Mostly) Seamless integration with CTFd.
- Untested: Should be able to seamlessly integrate with other challenge types.
- Drop the folder
docker_challengesintoCTFd/CTFd/plugins(Exactly this name). - Restart CTFd.
- Navigate to
/admin/docker_config. Add your configuration information. Click Submit. - Add your required repositories for this CTF. You can select multiple by holding CTRL when clicking. Click Submit.
- Click Challenges, Select
dockerfor challenge type. Create a challenge as normal, but select the correct docker tag for this challenge. - Double check the front end shows "Start Docker Instance" on the challenge.
- Confirm users are able to start/revert and access docker challenges.
- Host an awesome CTF!
- https://github.com/offsecginger (Twitter: @offsec_ginger)
- Jaime Geiger (For Original Plugin assistance) (Twitter: @jgeigerm)