https://github.com/natounet/ctf-container-manager
CTF Container Manager is a lightweight tool designed to simplify the management of Docker-based challenges for Capture The Flag (CTF) events. It allows teams to start, stop, and restart containers via a TCP connection using netcat, ensuring efficient handling while maintaining security through an authentication mechanism with a secret key.
https://github.com/natounet/ctf-container-manager
capture-the-flag challenge-hosting container-management ctf ctf-platform ctf-platforms docker docker-container docker-containers
Last synced: 10 months ago
JSON representation
CTF Container Manager is a lightweight tool designed to simplify the management of Docker-based challenges for Capture The Flag (CTF) events. It allows teams to start, stop, and restart containers via a TCP connection using netcat, ensuring efficient handling while maintaining security through an authentication mechanism with a secret key.
- Host: GitHub
- URL: https://github.com/natounet/ctf-container-manager
- Owner: Natounet
- License: apache-2.0
- Created: 2025-03-20T14:38:49.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-03-25T14:10:16.000Z (10 months ago)
- Last Synced: 2025-03-25T15:24:35.699Z (10 months ago)
- Topics: capture-the-flag, challenge-hosting, container-management, ctf, ctf-platform, ctf-platforms, docker, docker-container, docker-containers
- Language: Go
- Homepage:
- Size: 16.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# CTF Container Manager
CTF Container Manager is a lightweight tool designed to streamline the management of Docker-based challenges for Capture The Flag \(CTF\) events. It provides a remote interface for teams hosting challenges to start, stop, and restart containers via a TCP/TLS connection using `openssl`.
---
## Features
- **Remote Container Management**: Start, stop, and restart Docker containers remotely.
- **Challenge Configuration**: Define challenges in a JSON file with details such as container name, exposed port, etc.
- **Authentication**: Access with a printable ASCII passphrase stored in `secret.key`.
- **Status Monitoring**: View the status of all configured containers (running or stopped).
- **Logging**: Logs all connections and container management actions for auditing purposes.
- **TLS Encryption**: All network communications are secured using Transport Layer Security (TLS)
---
## Installation
1. Clone the repository containing the project files:
```bash
git clone https://github.com/Natounet/CTF-Container-Manager.git
cd CTF-Container-Manager/src
```
2. Build the project:
```bash
go build -o manager
```
4. Ensure Docker is installed and accessible on the host machine.
---
## Usage
### Starting the Server
Run the server with the following command:
```bash
./ctf-container-manager
```
- ``: Path to the file containing the secret key for authentication.
- ``: Path to the JSON file describing challenges.
- ``: The IP address on which the server will listen.
- ``: The port number for client connections.
Example:
```bash
./ctf-container-manager example_secret.key example_challenges.json 127.0.0.1 9000
```
---
### Challenge Configuration
Challenges are described in a JSON file \(`example_challenges.json`\). Each challenge includes:
- `fullname`: A descriptive name for the challenge.
- `shortname`: The name of the Docker image \(must exist locally\).
- `exposed_port`: The port exposed by the container for players.
```javascript
[
{"fullname": "CyberPhoenix", "shortname": "cyberphoenix", "exposed_port": 9000},
{"fullname": "CryptoMaze", "shortname": "cryptomaze", "exposed_port": 5678}
]
```
---
### Client Interaction
Clients can connect to the server using `openssl` since the server use TLS:
```bash
openssl s_client -connect : -quiet
```
Upon connection:
1. Enter the secret key for authentication.
2. Access a menu to manage containers:
- Start Container
- Stop Container
- Restart Container
- Exit
The server will display available challenges and their statuses.
---
## Security Considerations
- Ensure `secret.key` is securely stored and accessible only by authorized users.
- Use strong passwords in `secret.key` to prevent unauthorized access.
---
## Logs
All connection attempts and container management actions are logged in `server.log`. This includes:
- Successful/failed authentication attempts.
- Actions performed (start, stop, restart) along with timestamps and client IPs.
---
## Requirements
- Go programming language installed (`>= v1.21`).
- Docker installed and running on the host machine.
- Access to TCP ports for client-server communication.
---
---
## Troubleshooting
### Common Errors
1. **Docker Not Installed**:
Ensure Docker is installed on your system and accessible via CLI.
2. **Missing Docker Images**:
Verify that all images specified in `example_challenges.json` exist locally using:
3. **Duplicate Ports**:
Ensure each challenge has a unique exposed port in `example_challenges.json`.
4. **Invalid Secret Key**:
Verify that clients are using the correct key stored in `secret.key`.
---