diff options
| -rw-r--r-- | README | 12 | ||||
| -rw-r--r-- | ansible.yaml | 108 | ||||
| -rw-r--r-- | fast/server.yaml | 10 | ||||
| -rw-r--r-- | fast/submitter.py | 7 | ||||
| -rw-r--r-- | nginx/ctf.rs.conf | 23 | ||||
| -rw-r--r-- | tulip/0001-restart-always.patch | 48 | ||||
| -rw-r--r-- | tulip/tulip.env | 13 |
7 files changed, 221 insertions, 0 deletions
@@ -0,0 +1,12 @@ +Team Serbia ansible playbook - Requested by JPaja + +Using +- fast +- tulip +- nginx + +tulip: +Modify tulip.env to match CTF flag format and mount point of pcap dumps + +fast: +Modify server.yaml to match CTF flag format diff --git a/ansible.yaml b/ansible.yaml new file mode 100644 index 0000000..209337e --- /dev/null +++ b/ansible.yaml @@ -0,0 +1,108 @@ +- name: fast + hosts: 127.0.0.1 + become: yes + tasks: + - name: Install Python Virtualenv + apt: + name: python3-virtualenv + state: present + + - name: Install docker-compose + apt: + name: docker-compose + state: present + + - name: Pull PostgreSQL Docker Image + docker_image: + name: postgres:alpine + source: pull + + - name: Run PostgreSQL Container + docker_container: + name: fastdb + image: postgres:alpine + env: + POSTGRES_DB: fast + POSTGRES_USER: admin + POSTGRES_PASSWORD: admin + ports: + - "5432:5432" + detach: yes + + - name: Create ~/fast directory + file: + path: ~/fast + state: directory + become: yes + + - name: Copy server.yaml and submitter.py to fast directory + copy: + src: "./fast/server.yaml" + dest: ~/fast/server.yaml + become: yes + + - name: Copy file2 to ~/fast + copy: + src: "./fast/submitter.py" + dest: ~/fast/submitter.py + become: yes + + - name: Install fast package in the virtual environment + pip: + name: https://github.com/dusanlazic/fast/releases/download/v1.1.0-czechia/fast-1.1.0-czechia.tar.gz + virtualenv: ~/fast-venv + + +- name: tulip + hosts: 127.0.0.1 + become: yes + tasks: + - name: Clone tulip repository from GitHub + git: + repo: https://github.com/OpenAttackDefenseTools/tulip + dest: ~/tulip + force: yes + + - name: Copy tulip.env to .env + copy: + src: "./tulip/tulip.env" + dest: ~/tulip/.env + + - name: Apply the Docker Compose patch + patch: + src: "./tulip/0001-restart-always.patch" + dest: ~/tulip/docker-compose.yml + + - name: Build and run Docker containers with Docker Compose + docker_compose: + project_src: ~/tulip + become: yes + + +- name: nginx + hosts: 127.0.0.1 + become: yes + tasks: + - name: Install Nginx + apt: + name: nginx + state: present + + - name: Configure Nginx for fast.ctf.rs and tulip.ctf.rs + template: + src: "./nginx/ctf.rs.conf" + dest: /etc/nginx/sites-available/ctf.rs.conf + notify: Reload Nginx + + - name: Enable Nginx sites + file: + src: /etc/nginx/sites-available/ctf.rs.conf + dest: /etc/nginx/sites-enabled/ctf.rs.conf + state: link + notify: Reload Nginx + + handlers: + - name: Reload Nginx + service: + name: nginx + state: reloaded diff --git a/fast/server.yaml b/fast/server.yaml new file mode 100644 index 0000000..8c3bdb8 --- /dev/null +++ b/fast/server.yaml @@ -0,0 +1,10 @@ +game: + tick_duration: 80 + flag_format: ENO[A-Za-z0-9+\/=]{48} + team_ip: 10.1.26.1 + +submitter: + delay: 20 + +server: + password: sifra diff --git a/fast/submitter.py b/fast/submitter.py new file mode 100644 index 0000000..dcaffe7 --- /dev/null +++ b/fast/submitter.py @@ -0,0 +1,7 @@ +import requests + +def submit(flags): + flag_responses = requests.post('http://example.ctf/flags', json=flags).json() + accepted_flags = { item['flag']: item['response'] for item in flag_responses if item['response'].endswith('OK') } + rejected_flags = { item['flag']: item['response'] for item in flag_responses if not item['response'].endswith('OK') } + return accepted_flags, rejected_flags diff --git a/nginx/ctf.rs.conf b/nginx/ctf.rs.conf new file mode 100644 index 0000000..774b19c --- /dev/null +++ b/nginx/ctf.rs.conf @@ -0,0 +1,23 @@ +server { + listen 80; + listen [::]:80; + + server_name tulip.ctf.rs; + + location / { + proxy_pass http://127.0.0.1:3000; + include proxy_params; + } +} + +server { + listen 80; + listen [::]:80; + + server_name fast.ctf.rs; + + location / { + proxy_pass http://127.0.0.1:2023; + include proxy_params; + } +} diff --git a/tulip/0001-restart-always.patch b/tulip/0001-restart-always.patch new file mode 100644 index 0000000..9ffe376 --- /dev/null +++ b/tulip/0001-restart-always.patch @@ -0,0 +1,48 @@ +From d04f8047c2a521bda684039f82d88e961f555dde Mon Sep 17 00:00:00 2001 +From: Aleksa Vuckovic <aleksa@vuckovic.cc> +Date: Mon, 16 Oct 2023 16:38:57 +0200 +Subject: [PATCH] restart: always + +--- + docker-compose.yml | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/docker-compose.yml b/docker-compose.yml +index b3ffe58..8d43a6b 100644 +--- a/docker-compose.yml ++++ b/docker-compose.yml +@@ -19,6 +19,7 @@ services: + - mongo + networks: + - internal ++ restart: always + environment: + API_SERVER_ENDPOINT: http://api:5000/ + +@@ -33,6 +34,7 @@ services: + - mongo + networks: + - internal ++ restart: always + volumes: + - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro + environment: +@@ -51,6 +53,7 @@ services: + - mongo + networks: + - internal ++ restart: always + volumes: + - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro + command: "./assembler -dir ${TRAFFIC_DIR_DOCKER}" +@@ -67,6 +70,7 @@ services: + - mongo + networks: + - internal ++ restart: always + volumes: + - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro + command: "./enricher -eve ${TRAFFIC_DIR_DOCKER}/eve.json" +-- +2.42.0 + diff --git a/tulip/tulip.env b/tulip/tulip.env new file mode 100644 index 0000000..619c9e7 --- /dev/null +++ b/tulip/tulip.env @@ -0,0 +1,13 @@ +FLAG_REGEX="[A-Z0-9]{31}=" +TULIP_MONGO="mongo:27017" + +# The location of your pcaps as seen by the host +TRAFFIC_DIR_HOST=./services/test_pcap + +# The location of your pcaps (and eve.json), as seen by the container +TRAFFIC_DIR_DOCKER=/traffic + +# Start time of the CTF (or network open if you prefer) +TICK_START="2018-06-27T13:00+02:00" +# Tick length in ms +TICK_LENGTH=180000 |