CTFd v2.2.3 releases: Capture The Flag framework
What is CTFd?
CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it’s easy to customize with plugins and themes.
Features
- Create your own challenges, categories, hints, and flags from the Admin Interface
- Static & Regex based flags
- Users can unlock hints for free or with points
- File uploads to the server or Amazon S3
- Limit challenge attempts & hide challenges
- Automatic submission throttling
- Scoreboard with automatic tie resolution
- Hide Scores from the public
- Freeze Scores at a specific time
- Dynamic Scoring
- Scoregraphs comparing the top 10 teams and team progress graphs
- Markdown content management system
- SMTP + Mailgun email support
- Email confirmation support
- Forgot password support
- Automatic competition starting and ending
- Team management & hiding
- Customize everything using the plugin and theme interfaces
- Importing and Exporting of CTF data for archival
- And a lot more…
Changelog v2.2.3
This release includes a critical security fix for CTFd versions >= 2.0.0
All CTFd administrators are recommended to take the following steps:
- Upgrade their installations to the latest version
- Rotate the
SECRET_KEYvalue - Reset the passwords for all administrator users
Security
- This release includes a fix for a vulnerability allowing an arbitrary user to take over other accounts given their username and a CTFd instance with emails enabled
General
- Users will receive an email notification when their passwords are reset
- Fixed an error when users provided incorrect team join information
Install
- git clone https://github.com/CTFd/CTFd.git
- Run ./prepare.sh to install dependencies using apt.
- Modify CTFd/config.py to your liking.
- Use python serve.py in a terminal to drop into debug mode.
- Here are some deployment options
- You can check out the Getting Started guide for a breakdown of some of the features you need to get started.
Tutorial
Copyright 2015-present CTFd LLC
Source: https://github.com/CTFd
