https://github.com/kulkansecurity/ctf-challenge-ekoparty-2023

A CTF challenge we put together for Ekoparty's 2023 main CTF
https://github.com/kulkansecurity/ctf-challenge-ekoparty-2023

challenge ctf docker offensive-security prototype-pollution

Last synced: about 2 months ago
JSON representation

A CTF challenge we put together for Ekoparty's 2023 main CTF

• Host: GitHub
• URL: https://github.com/kulkansecurity/ctf-challenge-ekoparty-2023
• Owner: kulkansecurity
• Created: 2023-12-20T22:09:13.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2023-12-20T22:15:43.000Z (over 1 year ago)
• Last Synced: 2025-01-21T13:38:48.851Z (3 months ago)
• Topics: challenge, ctf, docker, offensive-security, prototype-pollution
• Language: HTML
• Homepage:
• Size: 587 KB
• Stars: 1
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Kulkan's CTF challenge for Ekoparty 2023 (https://www.ekoparty.org)

## Building the CTF challenge

docker build --tag eko-ctf-kulkan-2023 .

## Running the CTF challenge as a single container and plaintext HTTP

docker run -p12000:12000 eko-ctf-kulkan-2023

## Solving the CTF challenge

No spoilers.

## Scaling the CTF Challenge and adding LetsEncrypt HTTPS

### stack

- Dockerized Flask app & Admin bot python apps

- ngnix with rate limiting rules listening both on 80 and 443

- certbot issuing LetsEncrypt certificates for the virtualhost served by nginx

- Docker swarm managing multiple containers

### Prereqs

- Docker installed with Docker compose plugin

- Ensure nginx configuration is set to correct domains

- Ensure you've not skipped calling init-letsencrypt.sh

- Firewall rules open on hosting/cloud provider for ports 80 and 443

### STEPS

- 1) Build the image locally using the steps described above

- 2) Run init-letsencrypt.sh to setup files required for the nginx container to start 

- 3) Run  docker stack deploy -c docker-compose.yml eko-ctf-kulkan-2023 

- 4) Run  docker node ls to list all running nodes

- 5) Create replicas of desired containers using  docker service scale eko-ctf-kulkan-2023-{node-name}={replica_number}

Example:  docker service scale eko-ctf-kulkan-2023-ngnix=2 

This creates 2 nginx containers that will automagically load balance between each other

## TODO

- [  ] More aggressive tests to verify availability

- [  ] Ansible script or similar to automate deployment in case main server gets quacked and we need to rehost quickly?

## Kudos

- Matias Forti for creating the challenge and incorporating nginx rate limits

- Philipp's article on certbot+nginx integration with docker (https://pentacent.medium.com/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71) and for the creation of init-letsencrypt.sh linked in the article.