This repository contains three CTFd plugins, the first allowing unique flags to be added for each team and cheaters to be detected, a plugin allowing solutions to be given once the challenge has been solved and finally a plugin allowing challenges to be hidden and the challenge to be displayed once it has been solved (blackbox).
- Plugin 1 : Unique flags
- Plugin 2 : Universal flag submitter
- Plugin 3 : Writeup
- Installation
- Update
- Support
- Credits
This plugin allows you to validate a single flag per team, and you can also import the flags with a CSV file. As each team has its own flag, the plugin is also able to detect cheating.
Screenshots
This plugins will overwrite the default challenge template, and add a way to submit flag trough one forms. This plugin is made for blackbox. An administrator interface is provided to hide challenges from the default interface. Please note that this plugin is not compatible with the requirements and next functions. You need to use Team name generated from the following script team-generator.py
Screenshots
This plugin will add a button to report on each challenge by overwriting a template. The user will be able to see the content of the article after solving it. The administrator has an interface for adding comments to the database. Text can be written in markdown.
Screenshots
- Copy the desired plugin folder to your CTFd plugins folder
cp CTFd-<Uniques_flags|Universal_flag_submitter|Writeup> plugins/ -r- Build the docker image
docker compose build- Configure secret in .env
cp .env.example .envEdit the file to insert secret. A python command for generating strong secret is also in the .env file.
- Start the stack
docker compose up -dPlease read the readme file in each folder for specific installation information. Especially for plugins (Universal flag submitter & Unique flag)
To update CTFd, change the version number modify the Dockerfile
For questions, support regarding plugins, please open an issue. If you wish to report a security vulnerability, please follow the security.md guidelines.
All your data is saved in the data folder.
The data folder use the following structure. If you want to update a plugin, don't forget to rebuild the docker image and delete the redis folder.
data
├── CTFd
│ ├── logs
│ └── uploads
├── mysql
│ ├── ctfd
│ ├── mysql
│ ├── performance_schema
│ └── sys
└── redisYes, you can do this from the administrator interface. However, as it is possible to import challenges, teams and flags, we strongly advise you to archive the data folder and create a new, empty data folder before starting a new installation.
[1] Isotech42 : Cheating monitoring & Part of Unique flags validation