Host CTF Platforms with Docker

From Embedded Lab Vienna for IoT & Security
Revision as of 14:24, 3 July 2023 by GMathaisl (talk | contribs) (Created page with "== Summary == In the world, there are many different types of platforms to learn and compete in so called Capture The Flags (CTFs). While the possibilities to host our own CTF platform in the cloud are nearly endless, there are also open-source variants which can be hosted with Docker or on-premise. These types of platforms are often preferred, since they do not cost any money and also one can learn many things about the hosting machine, the used technologies and about t...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Summary

In the world, there are many different types of platforms to learn and compete in so called Capture The Flags (CTFs). While the possibilities to host our own CTF platform in the cloud are nearly endless, there are also open-source variants which can be hosted with Docker or on-premise. These types of platforms are often preferred, since they do not cost any money and also one can learn many things about the hosting machine, the used technologies and about the platform itself. This Article focuses on two open-source platforms and shows how to host them in a dockerized environment.

System Requirements

  • Operating system:
    • Windows 8 or higher
    • Ubuntu Linux 20.04 LTS or higher
    • macOS 10.14 or higher
    • Or any other OS which support Docker
  • Docker Engine >= 20.10
    • optional: Docker Desktop
  • Ruby
  • Internet Browser of any type
  • GIT

Docker Setup

Installation

First, uninstall any conflicting packages: 

for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done

Then update the apt package index: 

sudo apt-get update
sudo apt-get install ca-certificates curl gnupg

After that, install the official GPG keys: 

sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

When that's done, setup the repository: 

echo \
 "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
 "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
 sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Then install the Docker Engine with the latest version: 

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Verification

After the installation, verify that the Docker Engine was installed successfully: 

sudo docker run hello-world

MITRE CTF Scoreboard

The MITRE CTF Scoreboard is an open-source application developed by the MITRE Cyber Academy and focuses on hosting Capture The Flags in safe environments for learning, practicing and competing. It offers a wide variety of functionality, including authentication and authorization of individuals, the creation and management of teams, management of competitions and their including challenges, and much more. MITRE CTF Scoreboard is installed with Docker and the according plugin 'docker-compose'.

Setup

These steps are for production deployments using docker-compose.

Download the git repository: 

git clone https://github.com/mitre-cyber-academy/ctf-scoreboard.git

Then navigate into the folder: 

cd ctf-scoreboard

After that, generate your credentials: 

./setup-docker-secrets.sh

Then run scoreboard database setup: 

docker-compose run web rails db:initial_setup

Add appropriate Environment Variables into your `.env-prod` file for your environment. Add NGINX_HOST to the '.env' file for your environment 

NGINX_HOST=your-scoreboard-domain.com

Start the container: 

docker-compose up -d

References

Retrieved from "https://wiki.elvis.science/index.php?title=Host_CTF_Platforms_with_Docker&oldid=11645"