FIC Forensic CTF Platform

This is a CTF server for distributing and validating challenges. It is design to be robust, so it uses some uncommon technics like client certificate for authentication, lots of state of the art cryptographic methods and aims to be deployed in a DMZ network architecture.

Local developer setup

The importance of clone location

This is a monorepo, primarly intended for Go programming. If you want to be able to do programming stuff, you should take care of the path where you clone this repository, as it should be located inside your GOPATH:

git clone https://git.nemunai.re/fic/server.git $GOPATH/src/srs.epita.fr/fic-server

Using Docker

Use docker-compose build, then docker-compose up to launch the infrastructure.

After booting, you'll be able to reach the main interface at: http://localhost:8042/ and the admin one at: http://localhost:8081/.

Import folder

Local import folder

The following changes is only required if your are trying to change the local import folder ~/fic location.

Make the following changes inside this file docker-compose.yml:

23    volumes:
24 -     - ~/fic:/mnt/fic:ro
24 +     - <custom-path-to-import-folder>/fic:/mnt/fic:ro

Owncloud import folder

If your are trying to use the folder available with the Owncloud service, make the following changes inside this file docker-compose.yml:

29 -    command: --baseurl /admin/ -localimport /mnt/fic -localimportsymlink
29 +    command: --baseurl /admin/ -clouddav=https://owncloud.srs.epita.fr/remote.php/webdav/FIC%202019/ -clouduser <login_x> -cloudpass '<passwd>'

Manual builds

Running this project requires a web server (configuration is given for nginx), a database (currently supporting only MySQL/MariaDB), a Go compiler for the revision 1.9 at least and a inotify-aware system.

1. First, you'll need to retrieve the dependencies:

    go get -d srs.epita.fr/fic-server/admin
    go get -d srs.epita.fr/fic-server/backend
    go get -d srs.epita.fr/fic-server/dashboard
    go get -d srs.epita.fr/fic-server/frontend
   

2. Then, build the three Go projects:

    go build -o $GOPATH/src/srs.epita.fr/fic-server/fic-admin srs.epita.fr/fic-server/admin
    go build -o $GOPATH/src/srs.epita.fr/fic-server/fic-backend srs.epita.fr/fic-server/backend
    go build -o $GOPATH/src/srs.epita.fr/fic-server/fic-dashboard srs.epita.fr/fic-server/dashboard
    go build -o $GOPATH/src/srs.epita.fr/fic-server/fic-frontend srs.epita.fr/fic-server/frontend
   

3. Before launching anything, you need to create a database:

    mysql -u root -p <<EOF
    CREATE DATABASE fic;
    CREATE USER fic@localhost IDENTIFIED BY 'fic';
    GRANT ALL ON fic.* TO fic@localhost;
    EOF
   

   By default, expected credentials for development purpose is fic, for both username, password and database name. If you want to use other credentials, define the corresponding environment variable: MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD and MYSQL_DATABASE. Those variables are the one used by the mysql docker image, so just link them together if you use containers.

4. Launch it!

    ./fic-admin &
   

   After initializing the database, the server will listen on http://localhost:8081/: this is the administration part.

    ./fic-backend &
   

   This daemon generates static and team related files and then waits for new submissions (expected in submissions directory). It only watchs modifications on the file system, it has no web interface.

    ./fic-frontend &
   

   This one exposes an API that gives time synchronization to clients and handle submission reception (but without treating them).

    ./fic-dashboard &
   

   This last server runs the public dashboard. It serves all file, without the need of a webserver. It listens on port 8082 by default.

For the moment, a web server is mandatory to serve static files, look at the samples given in the configs/ directory.