下载地址:
https://github.com/CTFd/CTFd
1、centos(未成功)
下载后执行
pip install -r requirements.txt
Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-2ttv2w42/gevent/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-lhqh6i_1-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-2ttv2w42/gevent/以上为centos,后来改用debian/Ubuntu:
注:2024-01-06:centos 安装成功。
需要执行操作:pip3 install –upgrade pip 即可
2、debian/Ubuntu(成功)
bash prepare.sh
到后面会提示错误:
Could not find a version that satisfies the requirement gunicorn==20.0.4 (from -r requirements.txt (line 29)) (from versions: 0.1, 0.2, 0.2.1, 0.3, 0.3.1, 0.3.2, 0.4, 0.4.1, 0.4.2, 0.5, 0.5.1, 0.6, 0.6.1, 0.6.2, 0.6.3, 0.6.4, 0.6.5, 0.6.6, 0.7.0, 0.7.1, 0.7.2, 0.8.0, 0.8.1, 0.9.0, 0.9.1, 0.10.0, 0.10.1, 0.11.0, 0.11.1, 0.11.2, 0.12.0, 0.12.1, 0.12.2, 0.13.0, 0.13.1, 0.13.2, 0.13.3, 0.13.4, 0.14.0, 0.14.1, 0.14.2, 0.14.3, 0.14.4, 0.14.5, 0.14.6, 0.15.0, 0.16.0, 0.16.1, 0.17.0, 0.17.1, 0.17.2, 0.17.3, 0.17.4, 17.5, 18.0, 19.0.0, 19.1.0, 19.1.1, 19.2.0, 19.2.1, 19.3.0, 19.4.0, 19.4.1, 19.4.2, 19.4.3, 19.4.4, 19.4.5, 19.5.0, 19.6.0, 19.7.0, 19.7.1, 19.8.0, 19.8.1, 19.9.0, 19.10.0)
No matching distribution found for gunicorn==20.0.4 (from -r requirements.txt (line 29))
因为sh脚本中写的python,而实际上需要python3 故需要python3下执行 pip install -r requirements.txt
安装python3的pip:
apt install python3-pip
python3 -m pip install -r requirements.txt
安装完成:
执行python3 serve.py 此处估计会报错:
* Importing gevent and monkey patching. Use --disable-gevent to disable.
Traceback (most recent call last):
File "serve.py", line 18, in <module>
monkey.patch_all()
File "/usr/local/lib/python3.6/dist-packages/gevent/monkey.py", line 1212, in patch_all
_notify_patch(events.GeventWillPatchAllEvent(modules_to_patch, kwargs), _warnings)
File "/usr/local/lib/python3.6/dist-packages/gevent/monkey.py", line 185, in _notify_patch
notify_and_call_entry_points(event)
File "/usr/local/lib/python3.6/dist-packages/gevent/events.py", line 104, in notify_and_call_entry_points
subscriber = plugin.load()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2323, in load
self.require(*args, **kwargs)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2346, in require
items = working_set.resolve(reqs, env, installer, extras=self.extras)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 778, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'psutil>=5.7.0; sys_platform != "win32" or platform_python_implementation == "CPython" and extra == "test"' distribution was not found and is required by the application
执行flask run 即可:
需要连接外网或者变更端口的话
flask run --port=8000 --host=0.0.0.0
访问界面如下:
一步步设置即可:
后台配置:
题库添加:
设置附件及题库状态:
添加后,可以在前台浏览:
答题成功:
如需修改首页信息:
进入目录编辑:
CTFd/view.py
文件即可
外网映射
(1)由于服务器上不止一个应用,端口设置在8000上,oracle设置防火墙放行端口需要登录比较麻烦,直接通过nginx映射反代即可,参考:
(2)在文件目录CTFd-3.4.0/conf/nginx/下有个nginx.conf文件,如果你设置了虚拟主机vhost,按照以下格式修改下域名,放入/usr/local/nginx/conf/vhost/目录,从起nginx即可:
upstream app_servers {
server 127.0.0.1:8000;
}
server {
listen 80;
server_name www.domain.com;
client_max_body_size 4G;
# Handle Server Sent Events for Notifications
location /events {
proxy_pass http://app_servers;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
# Proxy connections to the application servers
location / {
proxy_pass http://app_servers;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
其他
待研究
使用场景
内部或者CTF培训时
![[测试]WEB日志审计工具 teler-微慑信息网-VulSee.com](https://vulsee.com/wp-content/uploads/2024/03/695a48b0bc02a11b7d41de2b76f6a7f9.png)
![[CTFd] ctfd迁移の宝塔环境-微慑信息网-VulSee.com](https://vulsee.com/wp-content/uploads/2024/03/f14df9ce90c84d123ee4b413176ba391-1.png)
![[DB] sqlite转mysql-微慑信息网-VulSee.com](https://vulsee.com/wp-content/uploads/2024/03/2c594863e1da2e1d4c46e3f67a547a96.png)
![折腾warp记录 [vulsee . com]-微慑信息网-VulSee.com](https://vulsee.com/wp-content/uploads/2024/01/8c6551049e6e6dc36be392b816d591f0.png)
![[娱乐] 超女厉娜竟是靠贞操晋级5强的-微慑信息网-VulSee.com](http://8341.b.lunqun.com/attachment/m127/28/69/28692/Type_jpg/18892_6471_7483f150a147cad.jpg)
![[八卦] 王婷婷—揭秘一个大三女生的性爱录像-微慑信息网-VulSee.com](http://free.86hy.com/crack/pic/1.jpg)
![[随笔]今天国际警察节-微慑信息网-VulSee.com](http://photo.sohu.com/20041017/Img222528326.jpg)
青云网
