Giter VIP home page Giter VIP logo

ctf-scoreboard-archive's Introduction

This Scoreboard is Deprecated

This scoreboard is no longer maintained and any Pull Requests will be ignored. Please checkout ctf-scoreboard for our maintained version of this scoreboard.

CTF-Scoreboard

Build Status Coverage Status

What is this?

This repository is for the scoreboard used to run MITRE capture the flag competitions. For the registratration app see this repository.

How to Run Locally

  1. Install ruby.
  2. In your terminal run gem install bundle
  3. Run bundle install
  4. Install postgres to your system (and create a role with your system username)
  5. Run bundle exec rake db:create
  6. Run bundle exec rake db:schema:load
  7. Run bundle exec rake db:seed
  8. Run bundle exec rails s
  9. Open the webpage shown in your terminal from the last command in your browser.
  10. Login to the scoreboard as email: root, password: ChangePa$$w0rd and change the password.

How to Run with Docker

  1. Install docker and docker-compose for your platform
  2. Clone this project to your local system
  3. Create a .env_vars file in the root containing the contents SECRET_KEY_BASE=<put your secret key here!>
  4. From this directory on your system run docker-compose up -d
  5. Run docker-compose run web rake db:create
  6. Run docker-compose run web rake db:schema:load
  7. Run docker-compose run web rake db:seed
  8. The scoreboard should now be running at http://<your-ip>:3000
  9. Login to the scoreboard as email: root, password: ChangePa$$w0rd and change the password.

How do I contribute?

  1. Fork the repository on github
  2. Run git clone [address]
  3. Make your edits
  4. View your edits
  5. Run the git add and commit commands. Please make sure your commit messages are descriptive.
  6. Run git push origin master
  7. Submit a pull request

ctf-scoreboard-archive's People

Contributors

bialogs avatar rbclark avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

fmagazu frohoff bryansingh afrioni swtruffle gitcollect jkuofm27 ctf-dashbrdz attackgithub ethicalsecurity-agency

ctf-scoreboard-archive's Issues

Optimize score calculation methods

There is currently a ridiculous amount of time wasted in calculating the user ordering in filter_and_sort_players in the division model and most likely the score function in the player model (it takes nearly a second for these to process on every request and it is called on nearly every page which is slowing down the whole application). These should be rewritten to use SQL queries directly by doing a left join on the data and summing all directly in SQL. It is not very rails like but it will save a huge amount of time.

Will probably need to use rails .joins method with a left join for this, and then use the order method somehow.

Optimize Challenge board page

Currently the slowest page in the application is the challenge board, optimizing the number of queries made from this page would help performance significantly.

Add option for multiple divisions in the same game

Allowing for us to have a high school division and a college division on the same scoreboard.

For this we will most likely need to add a Opened Challenges model for tracking which challenges are opened for each division and then have 2 different lists of top 5 teams. Might need to have a dropdown on the teams lists to make it easier to see the top teams for each division.

NoMethodError in Users#show

When signed in as n00bs and click on the team name the following error occurs when viewing own profile and other team profile:

ctf-scoreboard/app/views/users/show.html.haml
undefined method `[]' for nil:NilClass

The line highlighted;

If you need help please connect to our IRC channel at #{@game.irc}

Are there any "users" created in the test db?
Does not happen when logged in as the other team and view n00b profile, but it does happen when viewing own profile.

Address eCTF student feedback

  1. The flags/min feed that is shown doesn’t really make much sense
  2. On the challenges list, it’d be nice to show the challenge name rather than just the point value
  3. Also on the challenges list, the color-coding is a bit confusing and hard to notice

Topics

You may want to add those topics:

  • ctf-platform
  • ctf-framework

to better reachability of this repository.

[Request] Regex flag support

For now flags are strings, but it could be great to support regex flags to allow range of answers or multiple flags (more than just case sensitive or not).

Force_close does not work

When a game is closed & logged in as admin, both force_closed and closed do not show a challenge as red

Starting state is a little confusing

I'm the person who implemented it and yet I just got confused by it, so it has to make almost zero sense to anyone else using the scoreboard. It needs some description text that says something along the lines of "This only applies to newly created divisions, and does not update the current state of existing divisions."

Ruby version

Why the gemfile specially require ruby '2.3.1', ruby 2.3.3 or ruby 2.4.0 won't work?

Can it be replaced by ruby '>= 2.3.1'?

ActiveRecord::RecordNotFound

I did these steps in this order:

  1. Install ruby.
  2. In your terminal run gem install bundle
  3. Run bundle install
  4. Install postgres to your system (with a role that have the name of my user)
  5. Run 'bundle exec rake db:create'
  6. Run 'bundle exec rake db:schema:load'
  7. Run bundle exec rails s
  8. Open the webpage shown in your terminal from the last command in your browser.

And opening the browser I have an error: ActiveRecord::RecordNotFound in GamesController#show.

Extracted source (around line #29):

27  def load_game
28    @game = Game.instance
29    raise ActiveRecord::RecordNotFound unless @game
30    unless current_user.nil?
31      now = Time.zone.now
32      if now < @game.start

Full trace:

app/controllers/application_controller.rb:29:in `load_game'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:432:in `block in make_lambda'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:164:in `block in halting'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:504:in `block in call'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:504:in `each'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:504:in `call'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:92:in `__run_callbacks__'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:778:in `_run_process_action_callbacks'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.7.1) lib/abstract_controller/callbacks.rb:19:in `process_action'
actionpack (4.2.7.1) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.2.7.1) lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
activesupport (4.2.7.1) lib/active_support/notifications.rb:164:in `block in instrument'
activesupport (4.2.7.1) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.2.7.1) lib/active_support/notifications.rb:164:in `instrument'
actionpack (4.2.7.1) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.2.7.1) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.2.7.1) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.2.7.1) lib/abstract_controller/base.rb:137:in `process'
actionview (4.2.7.1) lib/action_view/rendering.rb:30:in `process'
actionpack (4.2.7.1) lib/action_controller/metal.rb:196:in `dispatch'
actionpack (4.2.7.1) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.2.7.1) lib/action_controller/metal.rb:237:in `block in action'
actionpack (4.2.7.1) lib/action_dispatch/routing/route_set.rb:74:in `dispatch'
actionpack (4.2.7.1) lib/action_dispatch/routing/route_set.rb:43:in `serve'
actionpack (4.2.7.1) lib/action_dispatch/journey/router.rb:43:in `block in serve'
actionpack (4.2.7.1) lib/action_dispatch/journey/router.rb:30:in `each'
actionpack (4.2.7.1) lib/action_dispatch/journey/router.rb:30:in `serve'
actionpack (4.2.7.1) lib/action_dispatch/routing/route_set.rb:817:in `call'
rack-pjax (0.8.0) lib/rack/pjax.rb:12:in `call'
bullet (5.2.1) lib/bullet/rack.rb:12:in `call'
warden (1.2.6) lib/warden/manager.rb:35:in `block in call'
warden (1.2.6) lib/warden/manager.rb:34:in `catch'
warden (1.2.6) lib/warden/manager.rb:34:in `call'
rack (1.6.4) lib/rack/etag.rb:24:in `call'
rack (1.6.4) lib/rack/conditionalget.rb:25:in `call'
rack (1.6.4) lib/rack/head.rb:13:in `call'
remotipart (1.2.1) lib/remotipart/middleware.rb:27:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/flash.rb:260:in `call'
rack (1.6.4) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.6.4) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/cookies.rb:560:in `call'
activerecord (4.2.7.1) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.2.7.1) lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:88:in `__run_callbacks__'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
activesupport (4.2.7.1) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.7.1) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/reloader.rb:73:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.2.7.1) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.2.7.1) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.2.7.1) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.2.7.1) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.2.7.1) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.2.7.1) lib/rails/rack/logger.rb:20:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.6.4) lib/rack/methodoverride.rb:22:in `call'
rack (1.6.4) lib/rack/runtime.rb:18:in `call'
activesupport (4.2.7.1) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
rack (1.6.4) lib/rack/lock.rb:17:in `call'
actionpack (4.2.7.1) lib/action_dispatch/middleware/static.rb:120:in `call'
rack (1.6.4) lib/rack/sendfile.rb:113:in `call'
railties (4.2.7.1) lib/rails/engine.rb:518:in `call'
railties (4.2.7.1) lib/rails/application.rb:165:in `call'
rack (1.6.4) lib/rack/lock.rb:17:in `call'
rack (1.6.4) lib/rack/content_length.rb:15:in `call'
rack (1.6.4) lib/rack/handler/webrick.rb:88:in `service'
/home/noraj/.rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/webrick/httpserver.rb:140:in `service'
/home/noraj/.rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/webrick/httpserver.rb:96:in `run'
/home/noraj/.rvm/rubies/ruby-2.3.1/lib/ruby/2.3.0/webrick/server.rb:296:in `block in start_thread'

[Question] Contact

What is the best place to talk with you about this CTF platform?

I see that the MITRE cyber academy mail is [email protected] but this is may be not teh best place to talk.

Have you a public IRC channel, slack or gitter chat or whatever? Because actually the only way to talk to you is through the MITRE mail or issue.

Multiple key code is fragile

Need to update multi key code to not allow the pulling of keys off other challenges, currently if you create a new challenge and then add the key from another challenge it will delete it from the first one. This is not really desired behavior.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.