CTFd動態靶機吐血總結

搭建環境

阿里雲 Ubuntu-server 20.04

搭建步驟

更新一下軟件源和軟件列表

sudo apt-get update
sudo apt-get upgrade

安裝docker

1. 更新系統包索引
sudo apt-get update
2. 添加HTTPS協議，允許apt從HTTPS安裝軟件包
sudo apt-get install apt-transport-https ca-certificates curl software-properties-common

3. 添加Docker公共密鑰 Docker 官方源
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add

4. 設置版本庫類型，軟件版本包括三種： stable、edge、test
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

5. 安裝最新版docker-ce
sudo apt-get install docker-ce

6. 設置開機自啟動並啟動docker
sudo systemctl enable docker
sudo systemctl start docker

安裝docker-compose

1.安裝pip
sudo apt install python3-pip
2.更新庫
sudo apt-get update
3.更新pip（一定要更新，不然后面建立容器項目會報錯）
sudo pip3 install --upgrade pip
4.安裝docker-compose
sudo pip3 install docker-compose

設置docker鏡像加速

訪問https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors

找到鏡像加速器，按照指示修改daemon配置文件

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://******.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

下載趙師傅的ctfd

git clone https://github.com.cnpmjs.org/glzjin/CTFd.git

下載ctf-whale(並且重命名文件名為小寫)

在 CTFd/CTFd/plugins目錄下

git clone https://github.com/glzjin/CTFd-Whale

docker集群設置

docker swarm init

docker node ls

docker node update --label-add name=linux-1 <節點 ID>

下載docker的frps(改文件夾名字為frp)

在root目錄下

git clone https://github.com/glzjin/Frp-Docker-For-CTFd-Whale

 

進入目錄后運行docker-compose up -d 即可

直接上ctfd的docker-compose.yml配置

version: '2.2'

services:
  ctfd-nginx:
    image: nginx:1.17
    volumes:
      - ./nginx/http.conf:/etc/nginx/nginx.conf   #這里注意
    user: root
    restart: always
    ports:
      #- "85:80"     #我將這里注釋掉了，這里通過nginx轉發感覺速度訪問速度會變慢，多次嘗試之后直接開8000端口訪問不會對服務造成影響
      - "443:443"
    networks:
        default:
        internal:
    depends_on:
      - ctfd
    cpus: '1.00'  #可改
    mem_limit: 150M     #可改
  ctfd:
    build: .
    user: root
    restart: always
    ports:
      - "8000:8000"     #這里原本沒開端口，直接打開訪問網站速度會加快
    environment:
      - UPLOAD_FOLDER=/var/uploads
      - DATABASE_URL=mysql+pymysql://root:ctfd@db/ctfd
      - REDIS_URL=redis://cache:6379
      - WORKERS=1
      - LOG_FOLDER=/var/log/CTFd
      - ACCESS_LOG=-
      - ERROR_LOG=-
      - REVERSE_PROXY=true
    volumes:
      - .data/CTFd/logs:/var/log/CTFd
      - .data/CTFd/uploads:/var/uploads
      - .:/opt/CTFd:ro
      - /var/run/docker.sock:/var/run/docker.sock     #這里是添加的
    depends_on:
      - db
    networks:
        default:
        internal:
        frp:
            ipv4_address: 172.1.0.2
    cpus: '1.00'     #可改
    mem_limit: 450M     #可改

  db:
    image: mariadb:10.4
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=ctfd
      - MYSQL_USER=ctfd
      - MYSQL_PASSWORD=ctfd
    volumes:
      - .data/mysql:/var/lib/mysql
    networks:
        internal:
    # This command is required to set important mariadb defaults
    command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci, --wait_timeout=28800, --log-warnings=0]
    cpus: '1.00'     #可改
    mem_limit: 750M     #可改

  cache:
    image: redis:4
    restart: always
    volumes:
      - .data/redis:/data
    networks:
        internal:
    cpus: '1.00'     #可改
    mem_limit: 450M     #可改

  frpc:    
    image: glzjin/frp:latest     #趙師傅tql
    restart: always
    volumes:
      - ./frpc:/conf/     #這里注意
    entrypoint:
        - /usr/local/bin/frpc
        - -c
        - /conf/frpc.ini
    networks:
        frp:
            ipv4_address: 172.1.0.3  #記住此處
        frp-containers:
    cpus: '1.00'     #可改
    mem_limit: 250M     #可改

networks:
    default:
    internal:
        internal: true
    frp:
        driver: bridge
        ipam:
            config:
                - subnet: 172.1.0.0/16
    frp-containers:
        driver: overlay
        internal: true
        ipam:
            config:
                - subnet: 172.2.0.0/16

在docker-compose.yml同目錄下建nginx文件夾

建立 http.conf 文件寫入以下內容

worker_processes 4;
events {
  worker_connections 1024;
}
http {
  # Configuration containing list of application servers
  upstream app_servers {
    server ctfd:8000;
  }
  server {
    listen 80;
    client_max_body_size 4G;
    # Handle Server Sent Events for Notifications
    location /events {
      proxy_pass http://app_servers;
      proxy_set_header Connection '';
      proxy_http_version 1.1;
      chunked_transfer_encoding off;
      proxy_buffering off;
      proxy_cache off;
      proxy_redirect off;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Host $server_name;
    }
    # Proxy connections to the application servers
    location / {
      proxy_pass http://app_servers;
      proxy_redirect off;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Host $server_name;
    }
  }
}

下載frp

wget https://github.com/fatedier/frp/releases/download/v0.29.0/frp_0.29.0_linux_amd64.tar.gz

tar -zxvf frp_0.29.0_linux_amd64.tar.gz

在docker-compose.yml同目錄下建frpc文件夾，然后進入解壓的/frp_0.29.0_linux_amd64文件夾，或直接上傳，將

frpc
frpc.ini
frpc_full.ini
LICENSE

放入frpc文件夾
接着配置frpc.ini，直接上配置

[common]
token = randomme
server_addr = 172.1.0.4
server_port = 6490     #此處必須與frpc.ini配置一致
pool_count = 200
tls_enable = true

admin_addr = 172.1.0.3 #一定要加！！與后面相應
admin_port = 7400

配置Dockerfile

FROM python:3.7-alpine  
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories && \
    apk update && \
    apk add linux-headers libffi-dev gcc g++ make musl-dev py-pip mysql-client git openssl-dev python3-dev python3
RUN adduser -D -u 1001 -s /bin/bash ctfd

WORKDIR /opt/CTFd
RUN mkdir -p /opt/CTFd /var/log/CTFd /var/uploads

COPY requirements.txt .

RUN pip install -r requirements.txt -i https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple/  --no-cache-dir

COPY . /opt/CTFd

RUN for d in CTFd/plugins/*; do \
      if [ -f "$d/requirements.txt" ]; then \
        pip install -r $d/requirements.txt -i https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple/ ; \
      fi; \
    done;

RUN chmod +x /opt/CTFd/docker-entrypoint.sh
RUN chown -R 1001:1001 /opt/CTFd
RUN chown -R 1001:1001 /var/log/CTFd /var/uploads

USER 1001
EXPOSE 8000
ENTRYPOINT ["/opt/CTFd/docker-entrypoint.sh"]

修改requirements.txt

只需要刪除 requirements.txt 中的 gevent 版本號

/requirements.txt
...
redis==3.3.11
datafreeze==0.1.0
gevent
python-dotenv==0.10.3
flask-restplus==0.13.0
...

開始運行了

docker-compose build
docker-compose up -d

訪問 http://ip:8000 即可訪問ctfd

配置CTFD

進入后隨便設置，然后進Admin Panel進行設置

 

 

 

 

設置docker網絡

這個時候運行docker ps
發現frpc在無限重啟，因為我們還沒有配置網絡

運行docker network inspect ctfd_frp

這個是docker-compose里compose后創建的網絡，我們將frps加入此網絡

例如我的frp容器id為12345，則運行docker network connect ctfd_frp 12345<即frp容器id>

 

 

這里可以看到ip與我們之前設置的相應。

此時運行docker restart ctfd_frpc_1 frp_frps_1

然后docker ps

 

設置題目

 

 

 

 

 

 成功

 

 

參考文章

https://blog.csdn.net/weixin_43802844/article/details/108572271

https://err0r.top/article/CTFD/