Initial commit

7 files changed, 221 insertions, 0 deletions

diff --git a/README b/README
new file mode 100644
index 0000000..7f90070
--- /dev/null
+++ b/README
@@ -0,0 +1,12 @@
+Team Serbia ansible playbook - Requested by JPaja
+
+Using
+- fast
+- tulip
+- nginx
+
+tulip:
+Modify tulip.env to match CTF flag format and mount point of pcap dumps
+
+fast:
+Modify server.yaml to match CTF flag format
diff --git a/ansible.yaml b/ansible.yaml
new file mode 100644
index 0000000..209337e
--- /dev/null
+++ b/ansible.yaml
@@ -0,0 +1,108 @@
+- name: fast
+  hosts: 127.0.0.1
+  become: yes
+  tasks:
+    - name: Install Python Virtualenv
+      apt:
+        name: python3-virtualenv
+        state: present
+
+    - name: Install docker-compose
+      apt:
+        name: docker-compose
+        state: present
+
+    - name: Pull PostgreSQL Docker Image
+      docker_image:
+        name: postgres:alpine
+        source: pull
+
+    - name: Run PostgreSQL Container
+      docker_container:
+        name: fastdb
+        image: postgres:alpine
+        env:
+          POSTGRES_DB: fast
+          POSTGRES_USER: admin
+          POSTGRES_PASSWORD: admin
+        ports:
+          - "5432:5432"
+        detach: yes
+
+    - name: Create ~/fast directory
+      file:
+        path: ~/fast
+        state: directory
+      become: yes
+
+    - name: Copy server.yaml and submitter.py to fast directory
+      copy:
+        src: "./fast/server.yaml"
+        dest: ~/fast/server.yaml
+      become: yes
+
+    - name: Copy file2 to ~/fast
+      copy:
+        src: "./fast/submitter.py"
+        dest: ~/fast/submitter.py
+      become: yes
+
+    - name: Install fast package in the virtual environment
+      pip:
+        name: https://github.com/dusanlazic/fast/releases/download/v1.1.0-czechia/fast-1.1.0-czechia.tar.gz
+        virtualenv: ~/fast-venv
+
+
+- name: tulip
+  hosts: 127.0.0.1
+  become: yes
+  tasks:
+    - name: Clone tulip repository from GitHub
+      git:
+        repo: https://github.com/OpenAttackDefenseTools/tulip
+        dest: ~/tulip
+        force: yes
+
+    - name: Copy tulip.env to .env
+      copy:
+        src: "./tulip/tulip.env"
+        dest: ~/tulip/.env
+
+    - name: Apply the Docker Compose patch
+      patch:
+        src: "./tulip/0001-restart-always.patch"
+        dest: ~/tulip/docker-compose.yml
+
+    - name: Build and run Docker containers with Docker Compose
+      docker_compose:
+        project_src: ~/tulip
+      become: yes
+
+
+- name: nginx
+  hosts: 127.0.0.1
+  become: yes
+  tasks:
+    - name: Install Nginx
+      apt:
+        name: nginx
+        state: present
+
+    - name: Configure Nginx for fast.ctf.rs and tulip.ctf.rs
+      template:
+        src: "./nginx/ctf.rs.conf"
+        dest: /etc/nginx/sites-available/ctf.rs.conf
+      notify: Reload Nginx
+
+    - name: Enable Nginx sites
+      file:
+        src: /etc/nginx/sites-available/ctf.rs.conf
+        dest: /etc/nginx/sites-enabled/ctf.rs.conf
+        state: link
+      notify: Reload Nginx
+
+  handlers:
+    - name: Reload Nginx
+      service:
+        name: nginx
+        state: reloaded
diff --git a/fast/server.yaml b/fast/server.yaml
new file mode 100644
index 0000000..8c3bdb8
--- /dev/null
+++ b/fast/server.yaml
@@ -0,0 +1,10 @@
+game:
+  tick_duration: 80
+  flag_format: ENO[A-Za-z0-9+\/=]{48}
+  team_ip: 10.1.26.1
+
+submitter:
+  delay: 20
+
+server:
+  password: sifra
diff --git a/fast/submitter.py b/fast/submitter.py
new file mode 100644
index 0000000..dcaffe7
--- /dev/null
+++ b/fast/submitter.py
@@ -0,0 +1,7 @@
+import requests
+
+def submit(flags):
+    flag_responses = requests.post('http://example.ctf/flags', json=flags).json()
+    accepted_flags = { item['flag']: item['response'] for item in flag_responses if item['response'].endswith('OK') }
+    rejected_flags = { item['flag']: item['response'] for item in flag_responses if not item['response'].endswith('OK') }
+    return accepted_flags, rejected_flags
diff --git a/nginx/ctf.rs.conf b/nginx/ctf.rs.conf
new file mode 100644
index 0000000..774b19c
--- /dev/null
+++ b/nginx/ctf.rs.conf
@@ -0,0 +1,23 @@
+server {
+    listen 80;
+    listen [::]:80;
+
+    server_name tulip.ctf.rs;
+        
+    location / {
+        proxy_pass http://127.0.0.1:3000;
+        include proxy_params;
+    }
+}
+
+server {
+    listen 80;
+    listen [::]:80;
+
+    server_name fast.ctf.rs;
+        
+    location / {
+        proxy_pass http://127.0.0.1:2023;
+        include proxy_params;
+    }
+}
diff --git a/tulip/0001-restart-always.patch b/tulip/0001-restart-always.patch
new file mode 100644
index 0000000..9ffe376
--- /dev/null
+++ b/tulip/0001-restart-always.patch
@@ -0,0 +1,48 @@
+From d04f8047c2a521bda684039f82d88e961f555dde Mon Sep 17 00:00:00 2001
+From: Aleksa Vuckovic <aleksa@vuckovic.cc>
+Date: Mon, 16 Oct 2023 16:38:57 +0200
+Subject: [PATCH] restart: always
+
+---
+ docker-compose.yml | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/docker-compose.yml b/docker-compose.yml
+index b3ffe58..8d43a6b 100644
+--- a/docker-compose.yml
++++ b/docker-compose.yml
+@@ -19,6 +19,7 @@ services:
+       - mongo
+     networks:
+       - internal
++    restart: always
+     environment:
+       API_SERVER_ENDPOINT: http://api:5000/
+ 
+@@ -33,6 +34,7 @@ services:
+       - mongo
+     networks:
+       - internal
++    restart: always
+     volumes:
+       - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro
+     environment:
+@@ -51,6 +53,7 @@ services:
+       - mongo
+     networks:
+       - internal
++    restart: always
+     volumes:
+       - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro
+     command: "./assembler -dir ${TRAFFIC_DIR_DOCKER}"
+@@ -67,6 +70,7 @@ services:
+       - mongo
+     networks:
+       - internal
++    restart: always
+     volumes:
+       - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro
+     command: "./enricher -eve ${TRAFFIC_DIR_DOCKER}/eve.json"
+-- 
+2.42.0
+
diff --git a/tulip/tulip.env b/tulip/tulip.env
new file mode 100644
index 0000000..619c9e7
--- /dev/null
+++ b/tulip/tulip.env
@@ -0,0 +1,13 @@
+FLAG_REGEX="[A-Z0-9]{31}="
+TULIP_MONGO="mongo:27017"
+
+# The location of your pcaps as seen by the host
+TRAFFIC_DIR_HOST=./services/test_pcap
+
+# The location of your pcaps (and eve.json), as seen by the container
+TRAFFIC_DIR_DOCKER=/traffic
+
+# Start time of the CTF (or network open if you prefer)
+TICK_START="2018-06-27T13:00+02:00"
+# Tick length in ms
+TICK_LENGTH=180000