CTFd v3.5 releases: Capture The Flag framework

What is CTFd?

CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it’s easy to customize with plugins and themes.

Features

• Create your own challenges, categories, hints, and flags from the Admin Interface
  • Static & Regex based flags
  • Users can unlock hints for free or with points
  • File uploads to the server or Amazon S3
  • Limit challenge attempts & hide challenges
  • Automatic submission throttling
• Scoreboard with automatic tie resolution
  • Hide Scores from the public
  • Freeze Scores at a specific time
  • Dynamic Scoring
• Scoregraphs comparing the top 10 teams and team progress graphs
• Markdown content management system
• SMTP + Mailgun email support
  • Email confirmation support
  • Forgot password support
• Automatic competition starting and ending
• Team management & hiding
• Customize everything using the plugin and theme interfaces
• Importing and Exporting of CTF data for archival
• And a lot more…

Changelog v3.5

General

• Add a next challenge recommendation to challenges
• Add support for only viewing hints after unlocking another hint
• Add size checking and recommendation for images uploaded during setup

Admin Panel

• Imports now happen in the background so that admins can watch the status of the import
  • Add progress tracking to backup/export importing
  • Add GET /admin/import to see status of import
  • The public user facing portion of CTFd is now disabled during imports
• Fix issue where custom field entries for Users and Teams would be misaligned in the scoreboard CSV export
• Show admins the email server error message when email sending fails
• Fix issue where the current theme cannot be found in list of themes
• Fix page preview so that it accounts for the provided format
• Add links from User/Team Profile IP addresses to a User IP address search page
• Add city geolocation to Team Profile IP addresses

API

• Add the count meta field to the following endpoints:
  • /api/v1/users/me/solves
  • /api/v1/users/me/fails
  • /api/v1/users/me/awards
  • /api/v1/teams/me/awards
  • /api/v1/users/[user_id]/solves
  • /api/v1/users/[user_id]/fails
  • /api/v1/users/[user_id]/awards
  • /api/v1/teams/[team_id]/solves
  • /api/v1/teams/[team_id]/awards
• Improve speed of /api/v1/teams/me/fails
• Improve speed of /api/v1/teams/[team_id]/fails
• Improve speed of /api/v1/users/me/fails
• Improve speed of /api/v1/users/[user_id]/fails

Deployment

• Use Python 3.9 as the default Python version
• Prevent any possible usage of an already existing session ID by checking for duplicates during during session ID generation
• No longer install python3-dev in Dockerfile
• docker-compose.yml now uses nginx:stable as the image for nginx

Plugins

• CTFd._internal.challenge.render and CTFd._internal.challenge.renderer in the view.js Challenge type file has been deprecated. Instead Challenge plugins should refer to the challenge.html attribute provided by the API. Essentially CTFd is moving to having markdown & HTML rendered by the server instead of rendering on the client.

Themes

• Create the core-beta theme and begin documenting the creation of themes using Vite
• Add userName and userEmail to the CTFd init object in base.html for easier integration with other JavaScript code
• Add teamId and teamName to the CTFd init object in base.html for easier integration with other JavaScript code
• Adds the Assets constant to access front end assets from Jinja templates
• Adds a views.themes_beta route to avoid the .dev/.min extension being added automatically to frontend asset urls

Miscellaneous

• Fix double logging in log() function
• Add --delete_import_on_finish to python manage.py import_ctf
• Fix issue where field_entries table could not be imported when moving between MySQL and MariaDB

Install

1. git clone https://github.com/CTFd/CTFd.git
2. Run ./prepare.sh to install dependencies using apt.
3. Modify CTFd/config.py to your liking.
4. Use python serve.py in a terminal to drop into debug mode.
5. Here are some deployment options
6. You can check out the Getting Started guide for a breakdown of some of the features you need to get started.

Tutorial

Copyright 2015-present CTFd LLC

Source: https://github.com/CTFd