CTFd
0x00 前言
搭个CTF平台,看能不能带动一下学校的CTF参与度。
一个下午都在搭这个平台:O 抓瞎摸索,最后成功用Apache+mod_wsgi也算是功德圆满了。
进入正题:
- 系统: CentOS release 6.8 (Final)
- Apache: Apache/2.2.15 (Unix)
- Mysql: Ver 14.14 Distrib 5.1.73
- Python: 2.7.10
0x01 下载项目&环境配置
|
1
|
git clone https://github.com/isislab/CTFd.git |
根据文档4个大步骤:
Install:
- ./prepare.sh to install dependencies using apt.
- Modify CTFd/config.py to your liking.
- Use python serve.py in a terminal to drop into debug mode.
- Here are some deployment options
apache和mysql的搭建我不再赘述,python系统自带是2.6,我升到2.7,可参见这里,记得还要装下PyMySQL。
0x02 安装&排错
环境配置好了之后运行(root权限)CTFd目录下的./prepare.sh
之后修改CTFd/config.py文件,我的配置文件如下:
进mysql里新建一个数据库:
|
1
2
|
CREATE DATABASE CTFd;exit; |
然后
|
1
2
3
4
5
6
|
# python serve.py * Running on http://0.0.0.0:4000/ (Press CTRL+C to quit) * Restarting with stat * Debugger is active! * Debugger pin code: 286-009-634 |
这里先别进网站,再次进入mysql数据库,输入下面的命令:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
USE CTFd;show tables;ALTER TABLE awards CONVERT TO CHARACTER SET utf8;ALTER TABLE challenges CONVERT TO CHARACTER SET utf8;ALTER TABLE config CONVERT TO CHARACTER SET utf8;ALTER TABLE containers CONVERT TO CHARACTER SET utf8;ALTER TABLE files CONVERT TO CHARACTER SET utf8;ALTER TABLE keys CONVERT TO CHARACTER SET utf8;ALTER TABLE pages CONVERT TO CHARACTER SET utf8;ALTER TABLE solves CONVERT TO CHARACTER SET utf8;ALTER TABLE tags CONVERT TO CHARACTER SET utf8;ALTER TABLE teams CONVERT TO CHARACTER SET utf8;ALTER TABLE tracking CONVERT TO CHARACTER SET utf8;ALTER TABLE wrong_keys CONVERT TO CHARACTER SET utf8; |
把编码改成utf8,之后再访问http://IPorDomain:4000/进行配置,这样中文就不会变成??????了
如果一切都OK的话,就开始转移到Apache上去,先安装下mod_wsgi,Centos需要自己编译安装,具体可以看这里在 Centos 下安裝 mod_wsgi
安装好mod_wsgi后还要配置下CTFd目录下的wsgi.py文件,改成如下:
|
1
2
3
4
5
|
import syssys.path.insert(0, '/var/www/html/CTFd')from CTFd import create_appapplication = create_app() |
装好之后配置下Apache:
|
1
|
vim /etc/httpd/conf/httpd.conf |
httpd.conf这个文件篇幅相当长,具体内容可以参见这里,写的很详细:
Web服务基础二之Apache主配置文件httpd.conf
主要有三部分(Section),
- Global Environment
- Main server configuration
- Virtual Hosts
我们只需要在Section 1 中加入一句
|
1
2
3
4
5
|
LoadModule auth_basic_module modules/mod_auth_basic.so...LoadModule version_module modules/mod_version.so#在这个位置加入下面这句,就是加载wsgi模块LoadModule wsgi_module modules/mod_wsgi.so |
在Section 2中加入这句:
|
1
|
WSGISocketPrefix /var/run/wsgi |
然后在Section 3 中编辑虚拟主机:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
<VirtualHost *:80> ServerName ctf.ifuryst.com WSGIDaemonProcess CTFd user=apache group=apache threads=5 WSGIScriptAlias / /var/www/html/CTFd/wsgi.py <Directory /var/www/html/CTFd> WSGIProcessGroup CTFd WSGIApplicationGroup %{GLOBAL} Order deny,allow AllowOverride All #Require all granted Allow from all </Directory></VirtualHost> |
之后重启Apache
|
1
|
/etc/init.d/httpd restart |
之后访问http://ctf.ifuryst.com/先后出现了500和503的错误,纳闷了半天,去查看错误日志
|
1
|
tail -n 20 /etc/httpd/logs/error_log |
我遇到的错误分别是下面几个:
|
1
2
3
|
[Tue Sep 20 06:11:10 2016] [error] [client 58.23.13.241] IOError: [Errno 13] Permission denied: '.ctfd_secret_key'[Tue Sep 20 06:12:26 2016] [error] [client 58.23.13.241] IOError: [Errno 13] Permission denied: '/var/www/html/CTFd/CTFd/logs/keys.log'[Tue Sep 20 06:13:39 2016] [error] [client 58.23.13.241] IOError: [Errno 13] Permission denied: '/var/www/html/CTFd/CTFd/logs/logins.log' |
CTFd/config.py里的
|
1
2
3
|
with open('.ctfd_secret_key', 'a+') as secret:#改为绝对路径with open('/var/www/html/CTFd/.ctfd_secret_key', 'a+') as secret: |
CTFd/logs目录下的三个日志文件全部给足权限(读写权限),可以直接:
|
1
|
chmod -R 777 CTFd/logs |
不出意外的话,这样就搞定了。