本教程根据以下内容创作
GZCTF官方文档: https://docs.ctf.gzti.me/zh
https://blog.csdn.net/a00221aa/article/details/138073077
使用环境如下:
Ubantu22.04 lts
Docker 24.0.7
docker-compose 1.29.2
GZCTF 0.18
一. 安装Docker, Docker-compose
sudo apt update
sudo apt install docker.io docker-compose
执行命令后, 检查是否成功安装
docker -v
docker-compose -v
二. 部署GZCTF
1.创建GZCTF部署目录
cd /
mkdir GZCTF
cd GZCTF
2. 编辑GZCTF配置文件appsettings.json, docker-compose.yml并保存于 /GZCTF 目录下
appsettings.json:
<Your POSTGRES_PASSWORD>设置为数据库密码
<Your PUBLIC_ENTRY> 需改为外部访问地址
<Your XOR_KEY> 设置为用于加密比赛私钥的随机字符串(任意填写即可)
{
"AllowedHosts": "*",
"ConnectionStrings": {
"Database": "Host=db:5432;Database=gzctf;Username=postgres;Password=<Your POSTGRES_PASSWORD>"
},
"EmailConfig": {
"SendMailAddress": "a@a.com",
"UserName": "",
"Password": "",
"Smtp": {
"Host": "localhost",
"Port": 587
}
},
"XorKey": "<Your XOR_KEY>",
"ContainerProvider": {
"Type": "Docker", // or "Kubernetes"
"PortMappingType": "Default", // or "PlatformProxy"
"EnableTrafficCapture": false,
"PublicEntry": "<Your PUBLIC_ENTRY>", // or "xxx.xxx.xxx.xxx"
// optional
"DockerConfig": {
"SwarmMode": false,
"Uri": "unix:///var/run/docker.sock"
}
},
"RequestLogging": false,
"DisableRateLimit": true,
"RegistryConfig": {
"UserName": "",
"Password": "",
"ServerAddress": ""
},
"CaptchaConfig": {
"Provider": "None", // or "CloudflareTurnstile" or "GoogleRecaptcha"
"SiteKey": "<Your SITE_KEY>",
"SecretKey": "<Your SECRET_KEY>",
// optional
"GoogleRecaptcha": {
"VerifyAPIAddress": "https://www.recaptcha.net/recaptcha/api/siteverify",
"RecaptchaThreshold": "0.5"
}
},
"ForwardedOptions": {
"ForwardedHeaders": 5,
"ForwardLimit": 1,
"TrustedNetworks": ["192.168.12.0/8"]
}
}
docker-compose.yml:
<Your POSTGRES_PASSWORD> 设置为数据库密码, 与上文json文件的一致即可
<Your GZCTF_ADMIN_PASSWORD> 设置为初始管理员密码, 部署成功后默认管理员账户为Admin, 密码为该处值(不知为何, 我部署好后没有Admin用户)
version: "3.0"
services:
gzctf:
image: registry.cn-shanghai.aliyuncs.com/gztime/gzctf:develop
restart: always
environment:
- "GZCTF_ADMIN_PASSWORD=<Your GZCTF_ADMIN_PASSWORD>"
# choose your backend language `en_US` / `zh_CN` / `ja_JP`
- "LC_ALL=zh_CN.UTF-8"
ports:
- "80:8080"
volumes:
- "./data/files:/app/files"
- "./appsettings.json:/app/appsettings.json:ro"
# - "./kube-config.yaml:/app/kube-config.yaml:ro" # this is required for k8s deployment
- "/var/run/docker.sock:/var/run/docker.sock" # this is required for docker deployment
depends_on:
- db
db:
image: postgres:alpine
restart: always
environment:
- "POSTGRES_PASSWORD=<Your POSTGRES_PASSWORD>"
volumes:
- "./data/db:/var/lib/postgresql/data"
3. 启动GZCTF
docker compose up -d
作者这里遇到几个坑:
a. 国内服务器可能无法pull镜像, 需配置镜像源
b. 如果使用Ubantu24.04或者其他版本, 可能会遇到如下报错
Traceback (most recent call last):
File "/usr/bin/docker-compose", line 33, in <module>
sys.exit(load_entry_point('docker-compose==1.29.2', 'console_scripts', 'docker-compose')())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 81, in main
command_func()
File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 200, in perform_command
project = project_from_options('.', options)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/compose/cli/command.py", line 60, in project_from_options
return get_project(
^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/compose/cli/command.py", line 152, in get_project
client = get_client(
^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/compose/cli/docker_client.py", line 41, in get_client
client = docker_client(
^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/compose/cli/docker_client.py", line 170, in docker_client
client = APIClient(use_ssh_client=not use_paramiko_ssh, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/docker/api/client.py", line 197, in __init__
self._version = self._retrieve_server_version()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/docker/api/client.py", line 221, in _retrieve_server_version
raise DockerException(
docker.errors.DockerException: Error while fetching server API version: HTTPConnection.request() got an unexpected keyword argument 'chunked'
请参考如下:
https://stackoverflow.com/questions/78436274/trying-to-setup-docker-for-home-server-getting-chunked
如果你幸运的避开了这些坑, 运行
docker ps
会看到如下两个容器:
三. 进入靶场, 注册管理员
按照官方的文档, 理论上会有一个Admin用户, 密码为上文设置的, 但是如果你跟我一样没有Admin用户, 那么只能先注册一个用户, 再把其改为管理员(可以有多个管理员)
1. 先在靶场页面上创建一个用户
2. 进入服务器执行如下命令
docker compose exec db psql -U postgres
进入如下界面
再执行该条语句
\c gzctf
执行数据库语句, 比如(your_admin_user_name改为上文创建用户的用户名)
UPDATE "AspNetUsers" SET "Role"=3 WHERE "UserName"='your_admin_user_name';
再次登入这个用户就可以进入管理页面了
四. 创建比赛, 编辑题目
篇幅有限, 下篇文章介绍