CTFd
0x00 前言
搭個CTF平台,看能不能帶動一下學校的CTF參與度。
一個下午都在搭這個平台:O 抓瞎摸索,最后成功用Apache+mod_wsgi也算是功德圓滿了。
進入正題:
- 系統: CentOS release 6.8 (Final)
- Apache: Apache/2.2.15 (Unix)
- Mysql: Ver 14.14 Distrib 5.1.73
- Python: 2.7.10
0x01 下載項目&環境配置
|
1
|
git clone https://github.com/isislab/CTFd.git
|
根據文檔4個大步驟:
Install:
- ./prepare.sh to install dependencies using apt.
- Modify CTFd/config.py to your liking.
- Use python serve.py in a terminal to drop into debug mode.
- Here are some deployment options
apache和mysql的搭建我不再贅述,python系統自帶是2.6,我升到2.7,可參見這里,記得還要裝下PyMySQL。
0x02 安裝&排錯
環境配置好了之后運行(root權限)CTFd目錄下的./prepare.sh
之后修改CTFd/config.py文件,我的配置文件如下:
進mysql里新建一個數據庫:
|
1
2
|
CREATE DATABASE CTFd;
exit;
|
然后
|
1
2
3
4
5
6
|
# python serve.py
* Running on http://0.0.0.0:4000/ (Press CTRL+C to quit)
* Restarting with stat
* Debugger is active!
* Debugger pin code: 286-009-634
|
這里先別進網站,再次進入mysql數據庫,輸入下面的命令:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
USE CTFd;
show tables;
ALTER TABLE awards CONVERT TO CHARACTER SET utf8;
ALTER TABLE challenges CONVERT TO CHARACTER SET utf8;
ALTER TABLE config CONVERT TO CHARACTER SET utf8;
ALTER TABLE containers CONVERT TO CHARACTER SET utf8;
ALTER TABLE files CONVERT TO CHARACTER SET utf8;
ALTER TABLE keys CONVERT TO CHARACTER SET utf8;
ALTER TABLE pages CONVERT TO CHARACTER SET utf8;
ALTER TABLE solves CONVERT TO CHARACTER SET utf8;
ALTER TABLE tags CONVERT TO CHARACTER SET utf8;
ALTER TABLE teams CONVERT TO CHARACTER SET utf8;
ALTER TABLE tracking CONVERT TO CHARACTER SET utf8;
ALTER TABLE wrong_keys CONVERT TO CHARACTER SET utf8;
|
把編碼改成utf8,之后再訪問http://IPorDomain:4000/進行配置,這樣中文就不會變成??????了
如果一切都OK的話,就開始轉移到Apache上去,先安裝下mod_wsgi,Centos需要自己編譯安裝,具體可以看這里在 Centos 下安裝 mod_wsgi
安裝好mod_wsgi后還要配置下CTFd目錄下的wsgi.py文件,改成如下:
|
1
2
3
4
5
|
import sys
sys.path.insert(0, '/var/www/html/CTFd')
from CTFd import create_app
application = create_app()
|
裝好之后配置下Apache:
|
1
|
vim /etc/httpd/conf/httpd.conf
|
httpd.conf這個文件篇幅相當長,具體內容可以參見這里,寫的很詳細:
Web服務基礎二之Apache主配置文件httpd.conf
主要有三部分(Section),
- Global Environment
- Main server configuration
- Virtual Hosts
我們只需要在Section 1 中加入一句
|
1
2
3
4
5
|
LoadModule auth_basic_module modules/mod_auth_basic.so
...
LoadModule version_module modules/mod_version.so
#在這個位置加入下面這句,就是加載wsgi模塊
LoadModule wsgi_module modules/mod_wsgi.so
|
在Section 2中加入這句:
|
1
|
WSGISocketPrefix /var/run/wsgi
|
然后在Section 3 中編輯虛擬主機:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
<VirtualHost *:80>
ServerName ctf.ifuryst.com
WSGIDaemonProcess CTFd user=apache group=apache threads=5
WSGIScriptAlias / /var/www/html/CTFd/wsgi.py
<Directory /var/www/html/CTFd>
WSGIProcessGroup CTFd
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
AllowOverride All
#Require all granted
Allow from all
</Directory>
</VirtualHost>
|
之后重啟Apache
|
1
|
/etc/init.d/httpd restart
|
之后訪問http://ctf.ifuryst.com/先后出現了500和503的錯誤,納悶了半天,去查看錯誤日志
|
1
|
tail -n 20 /etc/httpd/logs/error_log
|
我遇到的錯誤分別是下面幾個:
|
1
2
3
|
[Tue Sep 20 06:11:10 2016] [error] [client 58.23.13.241] IOError: [Errno 13] Permission denied: '.ctfd_secret_key'
[Tue Sep 20 06:12:26 2016] [error] [client 58.23.13.241] IOError: [Errno 13] Permission denied: '/var/www/html/CTFd/CTFd/logs/keys.log'
[Tue Sep 20 06:13:39 2016] [error] [client 58.23.13.241] IOError: [Errno 13] Permission denied: '/var/www/html/CTFd/CTFd/logs/logins.log'
|
CTFd/config.py里的
|
1
2
3
|
with open('.ctfd_secret_key', 'a+') as secret:
#改為絕對路徑
with open('/var/www/html/CTFd/.ctfd_secret_key', 'a+') as secret:
|
CTFd/logs目錄下的三個日志文件全部給足權限(讀寫權限),可以直接:
|
1
|
chmod -R 777 CTFd/logs
|
不出意外的話,這樣就搞定了。