The Capture-The-Flag (CTF)-Creator is a Python-based project designed to automate the setup of CTF environments by managing Docker containers, networking, and security configurations. It simplifies the process of provisioning resources for multiple users, ensuring each participant has a dedicated and secure environment tailored to specific CTF requirements, as well as creating OpenVPN configuration files for secure connections to the CTF environment.
By integrating with Docker, SSH, and networking tools, the system automates the creation of isolated environments that include the necessary Docker containers responsible for the CTF setup. Once participants are connected to their respective environments, they can engage in challenges, exercises, or simulations typical of CTF competitions. This automation not only saves time but also enhances the scalability and consistency of CTF environments across different hosts and setups.
Python 3 and several Python libraries need to be installed. They can be installed with
pip install -r requirements.txtRecommendation: Before running ctf_main.py, create a Python virtual environment:
python3 -m venv .venv
source .venv/bin/activateAn example YAML config file named challenge.yaml is available in the root directory to illustrate the required structure.
$ python3 src/ctf.py
Usage: ctf.py [OPTIONS]
Options:
--config FILENAME The path to the .yaml configuration file for the CTF-
Creator. [required]
--save PATH The path where you want to save the user data for the
CTF-Creator. E.g. /home/debian/ctf-creator [required]
--help Show this message and exit.Sufficient memory space and the necessary system permissions are required to save the configuration files for each CTF environment user on the system running the CTF-Creator. The amount of space needed will depend on the number of users in the CTF environment, with an estimated space requirement of 140 KB per user.
The hosts need to be capable of spawning Docker containers. For that please follow the instructions:
-
You need to install Docker
-
You need to configure remote access Docker daemon
-
You need to be able to use Docker without privilaged Access run follwoing comand in the terminal of the remote hosts
sudo usermod -aG docker $(whoami) && newgrp dockerThe hosts need to support SSH connections using asymmetric public and private keys for secure remote access.
Verify that ssh-agent is running
eval "$(ssh-agent)"Add SSH keys to agent:
ssh-add /path/to/identity- Fresh set up: Creating the Environment Without Reusing OVPN Data
- Reusing Existing OVPN Configurations Without Adding New Users:
- Reusing Existing OVPN Configurations While Adding New Users
- Reusing Data While Modifying Hosts
For use case 1 specify a save path with no existing data created by the CTF-Creator. For the use cases 2-4 specify a save path where user data already exists.
For every use case, the list of deploying Docker containers can be changed.
For any other use case scenario please start a fresh set up.
To run all tests at once you can run this command in the terminal in the main folder ctf-creator/:
python3 -m pytest -vThe main function of the CTF-Creator tool, located in src/ctf.py, serves as the core component responsible for setting up the entire CTF environment.
It reads configurations from a YAML file, connects to specified hosts via SSH, and deploys Docker containers and networks uniformly across all hosts according to the provided specifications, utilizing various helper functions and external libraries such as Docker SDK, PyYAML, and Click.
Key Functionalities:
- YAML Configuration Parsing
- SSH Connection Initialization
- Host Reachability and SSH Connectivity Check
- Cleanup of Existing Docker Containers and Networks
- OpenVPN Server Setup
- OpenVPN Configuration Management
- Docker Container Deployment
- Documentation and Output Generation
- Error Handling and Logging
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!