Exploit farm for attack-defense CTF competition

Quick Start • Features • Components

Quick start

Dependencies

• Docker
• Docker Compose
• Make

Start

1. Configure config.yml for your competition. A detailed description of the quick configuration is here

2. Start the farm

make up

Credentials for basic auth and the token for sending flags via start_exploit.py will be printed to stdout.

3. After the game ends, turn off the farm and clean the database and queue

make down
make clean-all

Features

• Uploading exploits in ui
• Real-time configuration farm options like number of concurrently running exploits, the size of the flag sending batch, team ip addresses, etc
• The ability to change the plugin for sending flags to jury.
• There are already two sending plugins: forcad_http and saarctf_tcp.
• Different exploit types:
  • Python (one file)
  • Python (zip)
  • Bash script
  • Binary
• View logs of running exploits and sending flags on ui
• Configuring vulnboxes ip addresses using various methods

Components

Client

• Frontend - ui for
  • viewing flags with any filters
  • adding exploits of different types via '+' button
  • deleting or updating exploits by right mouse button
  • adding teams
  • updating farm config
  • viewing logs

• start_exploit.py - python cli tool for starting exploits on local machine (TODO)

Server

• Exploit Runner - a worker that launches exploits on all teams. More details
• Flag Sender - a worker that sends flags to jury using Plugins. More details
• JacFARM API - API for frontend and cli start_exploit.py.
• Config Loader - loads config into db from config.yml on start. Next configuration editing is available through the frontend.

Plugins

Plugin - is a function in a farm that sends flags to the jury system.

⚠️ Farm contains two plugins for ForcAD and saarCTF jury systems. If you write plugins for other jury systems, you can create a pull request to add them into repository.

Plugin example for ForcAD

Arch Diagram