CTFd v2.1.3 releases: Capture The Flag framework

What is CTFd?

CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it’s easy to customize with plugins and themes.

Features

• Create your own challenges, categories, hints, and flags from the Admin Interface
  • Static & Regex based flags
  • Users can unlock hints for free or with points
  • File uploads to the server or Amazon S3
  • Limit challenge attempts & hide challenges
  • Automatic submission throttling
• Scoreboard with automatic tie resolution
  • Hide Scores from the public
  • Freeze Scores at a specific time
  • Dynamic Scoring
• Scoregraphs comparing the top 10 teams and team progress graphs
• Markdown content management system
• SMTP + Mailgun email support
  • Email confirmation support
  • Forgot password support
• Automatic competition starting and ending
• Team management & hiding
• Customize everything using the plugin and theme interfaces
• Importing and Exporting of CTF data for archival
• And a lot more…

Changelog v2.1.3

General

• Fix issue with downloading files after CTF end when view_after_ctf is enabled
• Sort solves in admin challenge view by date
• Link to appropriate user and challenge in team, user, and challenge pages
• Redirect to /team instead of /challenges after a user registers in team mode
• Fixes bug where pages marked as hidden weren’t loading
• Remove data-href from pages.html in the Admin Panel to fix the delete button
• Add UI to handle team member removal in Admin Panel
• Fixes account links on the scoreboard page created by update(). They now correctly point to the user instead of undefined when in user mode.
• utils._get_config will now return KeyError instead of None to avoid cache misses

Deployment

• Use /dev/shm for --worker-tmp-dir in gunicorn in Docker
• Cache get_place code for users and teams.
• Install Flask-DebugToolbar in development
• Cache the /scoreboard page to avoid having to rebuild the response so often
• Make unprivileged ctfd user usable for mysql connection in docker-compose by having the db image create the database instead of CTFd
• Fix bug causing apache2 + mod_wsgi deployments to break

API

• Change /api/v1/teams/[team_id]/members from taking id to user_id.
  • Endpoint was unused so the API change is considered non-breaking.
• Add account_type and account_url field in /api/v1/scoreboard
• Separate /api/v1/[users,teams]/[me,id]/[solves,fails,awards] into seperate API endpoints
• Clear standings cache after award creation/deletion

Exports

• Temporarily disable foreign keys in MySQL, MariaDB, and Postgres during import_ctf()
• Add cache_timeout parameter to send_fileresponse in /admin/export to prevent the browser from caching the export

Tests

• Fix score changing test helpers to clear standings cache when generating a score changing row

Install

1. git clone https://github.com/CTFd/CTFd.git
2. Run ./prepare.sh to install dependencies using apt.
3. Modify CTFd/config.py to your liking.
4. Use python serve.py in a terminal to drop into debug mode.
5. Here are some deployment options
6. You can check out the Getting Started guide for a breakdown of some of the features you need to get started.

Tutorial

Copyright 2015-present CTFd LLC

Source: https://github.com/CTFd