A CTF framework(in flask) for HackTheBox style machines.
A live demo of the app is available at: https://rtblivedemo.herokuapp.com/.
You can login and mess around as 2 users: admin:admin and test:test.(i.e. username:password)

• Flask Blueprints
• Flask-admin for Admin views and easy realtime management
• Easily deployable on Heroku.
• A page to show relevant details about the machine such as name, IP, OS, points and difficulty level.
• User Registration, account management, Forgot password, Notifications, Full Fledged Logging
• Hash submission (currently 2 hashes: user and root)
• Real time scoreboard tracking

• Python 3.7.3 or atleast > 3.6.
• Packages: src/requirements.txt.

1. Git clone the repo and cd into it

$ git clone https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework
$ cd RTB-CTF-Framework/

2. Create virtual environment to deal with dependencies and requirements.

$ virtualenv -p /usr/bin/python3 venv
$ source venv/bin/activate
$ cd src/

3. With virtual environment activated, install requirements, init db and run !

[venv]$ pip install -r requirements.txt 
[venv]$ python create_db.py # Only required on first run
[venv]$ python run.py

1. Create your heroku app using heroku cli tool.

   Follow the official guide by Heroku: https://devcenter.heroku.com/articles/getting-started-with-python#prepare-the-app

2. Provision Database add-on.

   Add the following add on to your new app: https://elements.heroku.com/addons/heroku-postgresql

3. Creating database instance. In your heroku app directory,

   $ heroku run bash
   [heroku]$ python create_db.py

4. Your app should be live now. You can run heroku open to open it in browser.

Using this as simple as anything.

1. Just configure your CTF settings in config.py.

2. DO NOT FORGET to change admin credentials from create_db.py

3. See database instance creation steps under How To Use.

Bonus: You can manage the database CRUD operations from admin views GUI as well as issue notifications.

Warning: If you make any change to config.py logging/config class/score settings. It's highly recommended to create a new DB instance.

Please see: issues and the below To-do list

• Freeze Scoreboard automatically past running time specified
• Support for more hashes
• Testing Password reset functionality
• More info for home.html
• Need to implement account.html (not a priority)

• db relationship between User and Score Tables (priority | issue: #5)
• isAdmin column in User table and Admin views (priority)
• Notifications
• Use Flask Blueprints
• Finalize black theme?
• Error messages not appearing in /submit
• Implement machine.html to server a page where one can download/serve machines