banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。

GZCTF Platform Construction Record

I previously built a ctfd platform and now I'm trying to install GZCTF to see the differences between the two. According to the official documentation, it is recommended to deploy GZCTF using the docker + K8s separation deployment method.

image

Here, I directly use the GZCTF-Auto project for automated deployment. It supports both single docker and docker+k3s deployment.

I chose the docker+k3s deployment method, which requires two Ubuntu machines, one for installing docker and the other for installing k3s.

image

Both machines are running Ubuntu 20.04.

Installing k3s#

IP: 192.168.31.171

curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -

Installing the GZCTF platform#

Install it on the machine with docker installed, with the IP address: 192.168.31.254

image

image

Wait for a moment, the deployment will be successful.

image

Access http://192.168.31.254:81 and login with your account and password.

image

Testing the challenges#

Take this docker challenge as an example:

ctftraining/qwb_2019_supersqli:latest

Click on "Management" on the left side.

image

After entering, click on "Create Competition" and fill in the competition title.

image

After creating, it will look like this:

image

Click on the icon on the right side to go to the following page:

image

Click on "Challenge Management" and create a new challenge.

image

You can choose the type of challenge.

image

Choose "Dynamic Container" and you will see the following page:

image

Pay attention to the container image. Create a test container by filling in the docker image address, and click on "Create Test Container" as shown below:

image

Enable the challenge.

image

Next, to access the challenge, you need to create a team and add the corresponding members to the team.

image

In the "Information Audit" section, you can enable team registration without audit. This means that if a team wants to register, it needs to be approved by an administrator. Otherwise, joining a team requires the approval of the team manager. People who are not in a team cannot access the challenges.

image

Click on "Team Management" to create a team or join a team.

image

To join a team, you need an invitation code from another team member.

image

Click on "Create Team".

image

After creating, you can generate an invitation code.

image

Go back to the homepage and you can sign up for the competition.

image

image

If the above problem occurs, it means that the competition does not have the "no audit" option enabled, and the administrator needs to review it.

image

Log in again with the "test" account, and now you can enter the competition.

image

After entering the competition and creating a container, you will see the following:

image

The provided ws connection is because the TCP over WebSocket proxy mode is enabled.

To access it, you need to download the WebSocketReflectorX client.

After installation, open it and enter the ws connection address.

image

It will provide the challenge's IP and port.

image

Then, access the challenge using this link: http://127.0.0.1:64143/

image

Language Switching#

image

References#

Cover image from:
https://wallhaven.cc/w/kx5v57

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.