介绍:
现主流开源的CTF平台
-
Marsctf
-
CTFd
-
GZ:CTF
环境准备
-
unbantu
-
docker
-
docker-compose
docker快速安装脚本
wget http://fishros.com/install -O fishros && . fishros# docker换源sudo tee /etc/docker/daemon.json <<-'EOF'{"registry-mirrors" : ["https://registry.docker-cn.com","http://hub-mirror.c.163.com","https://docker.mirrors.ustc.edu.cn","https://cr.console.aliyun.com","https://mirror.ccs.tencentyun.com"]}EOF# 重载配置文件sudo systemctl daemon-reload# 重启Dockersudo systemctl restart docker# 显示Docker系统信息此时可以看到 registry-mirrors 变成了阿里云的镜像源docker info
docker-compose快速安装
cd /usr/local/bin/# 下载docker-composehttps://github.com/docker/compose/releases# wget下载wget https://github.com/docker/compose/releases/download/v2.23.1/docker-compose-linux-x86_64mv docker-compose-linux-x86_64 docker-composechmod +X docker-compose
平台搭建
marsctf
github原作者:
https://github.com/b1ackc4t/MarsCTF
# download 文件wget https://github.com/b1ackc4t/MarsCTF/releases/download/V1.2.1/marsctf-docker.tgztar -xf marsctf-docker.tgzcd marsctf-dockercd nginx/html/vim config.json
替换{{IP&域名}}
{"BASE_URL_PROD": "http://{{ip}}:7991","BASE_URL_DEV": "http://{{ip}}:8080"}
启动服务
cd ../../docker-compose up -d
访问http://{{ip}}:7991即可
默认账号密码:admin,123456
CTFd
github原作者:
https://github.com/CTFd/CTFd# git 文件git clone https://github.com/CTFd/CTFd.gitcd CTFd# 运行 CTFddocker-compose up -d
填写 FRP Settings
-
FRP Http Domain Suffix:FRP域名前缀(如开启动态域名转发必填)
-
FRP Direct Ip Address FRP:frp服务器IP
-
FRP Direct Minimum Port:最小端口
-
FRP Direct Maximum Port:最大端口
-
FRP Config Template Frpc:热重载配置头模版(如不会自定义,尽量按照默认配置)
[common]token = random_thisserver_addr = frpsserver_port = 80admin_addr = 0.0.0.0admin_port = 7400
GZ:CTF
github原作者:
https://github.com/GZTimeWalker/GZCTF# 官方文档https://docs.ctf.gzti.me/
创建:appsettings.json
{"AllowedHosts": "*","ConnectionStrings": {"Database": "Host=db:5432;Database=gzctf;Username=postgres;Password=<String1>"//<String1>换成数据库密码,随机密码且长度足够},"Logging": {"LogLevel": {"Default": "Information","Microsoft": "Warning","Microsoft.Hosting.Lifetime": "Information"}},//邮箱配置"EmailConfig": {"SendMailAddress": "", // 填入邮箱"UserName": "", // 发件人名称"Password": "", // 邮箱密码,部分服务商需要填入授权码"Smtp": {"Host": "smtp.qq.com", // 此处为163邮箱服务器,具体自定"Port": 465}},"XorKey": "<String2>", // 自定XorKey"ContainerProvider": {"Type": "Docker","PortMappingType":"PlatformProxy","EnableTrafficCapture": true,"PublicEntry": "192.168.20.184", // 域名或IP配置,用于容器生成,域名不带http/https"DockerConfig": {"SwarmMode": false,"Uri": "" // 本地配置Docker因此此处置空}},"RequestLogging": false,"DisableRateLimit": false,"RegistryConfig": {"UserName": "","Password": "","ServerAddress": ""},//谷歌验证码配置"GoogleRecaptcha": {"VerifyAPIAddress": "https://www.recaptcha.net/recaptcha/api/siteverify","Sitekey": "","Secretkey": "","RecaptchaThreshold": "0.5"}}
创建:docker-compose.yml
version: '3.0'services:gzctf:image: gztime/gzctf:latestrestart: alwaysenvironment:"GZCTF_ADMIN_PASSWORD=<String3>" # <String3>换成管理员账户密码,账号为Adminports:"80:80" # 对外端口号,前为外部端口。networks:default:volumes:"./data/files:/app/uploads""./appsettings.json:/app/appsettings.json:ro""./logs:/app/log""./data/keys:/root/.aspnet/DataProtection-Keys"# - "./k8sconfig.yaml:/app/k8sconfig.yaml:ro""/var/run/docker.sock:/var/run/docker.sock"depends_on:dbdb:image: postgres:alpinerestart: alwaysenvironment:=<String1>" # 数据库密码,务必要和appsettings.json中的配置一致networks:default:volumes:"./data/db:/var/lib/postgresql/data"networks:default:driver: bridgeipam:config:subnet: 192.168.12.0/24
启动
docker-compose up -d访问http://<ip>/
往期精彩文章:
原文始发于微信公众号(知攻善防实验室):快速搭建属于自己的CTF练习平台
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论