banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。
HomeArchives图文

GZCTF Platform Construction Record

#靶场#网络安全#ctf984
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Setting up a GZCTF platform using Docker and K8s, with instructions for installation on two Ubuntu machines. The process involves creating challenges, managing teams, and accessing the platform through a WebSocket connection. References and links for further information are provided.

I previously built a ctfd playground and now I'm trying to install GZCTF to see the differences between the two. The official documentation suggests deploying GZCTF using docker + K8s separation.

image

Here, I directly use the GZCTF-Auto project for automated deployment. It supports both single docker and docker+k3s deployment.

I chose the docker+k3s deployment method, which requires two Ubuntu machines, one for installing docker and the other for installing k3s.

image

Both machines are running Ubuntu 20.04.

Installing k3s#

IP: 192.168.31.171

curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -

Installing GZCTF Platform#

Install on the machine with docker installed, with IP address: 192.168.31.254

image

image

Wait for a while, the deployment will be successful.

image

Access http://192.168.31.254:81 and login with your account and password.

image

Testing the Challenges#

Take this docker playground for testing:

ctftraining/qwb_2019_supersqli:latest

Click on "Management" on the left side.

image

After entering, click on "New Competition" and fill in the competition title.

image

After creating, it will look like this:

image

Click on the icon on the right side to go to the following page:

image

Click on "Challenge Management" and create a new challenge.

image

You can choose the type of challenge.

image

Choose "Dynamic Container" and go to the following page:

image

Pay attention to the container image. Create a test container, fill in the docker image address, and click "Create Test Container", as shown in the following image:

image

Enable the challenge.

image

Next, to access the challenge, you need to create a team and add the respective members.

image

In the information review section, you can enable team registration without review. This means that registering a team will require administrator approval, otherwise joining will require the administrator's consent. People who are not in a team cannot access the challenge.

image

Click on "Team Management" to create a team or join a team.

image

To join a team, you need an invitation code from another team member.

image

Click on "Create Team".

image

After creating, you can generate an invitation code.

image

Go back to the homepage and you can sign up for the competition.

image

image

If the above problem occurs, it means that the competition has not enabled the review exemption, and the administrator needs to review it.

image

Log in again with the test account, and now you can enter the competition.

image

After entering the competition and creating a container, you will see the following image:

image

The provided ws connection is because the tcp over ws proxy mode is enabled.

To access it, you need to download the WebSocketReflectorX client.

After installation, open it and enter the ws connection address.

image

It will provide the challenge's IP and port.

image

Then access the challenge using this link: http://127.0.0.1:64143/

image

Language Switching#

image

References#

Cover image from:
https://wallhaven.cc/w/kx5v57

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.