Closed dufferzafar closed 10 years ago
cabreraalex
commented
10 years ago Yeah that would actually be the best way to host the web challenges. The only thing I was wondering was how to host different technologies, say a PHP task vs a Django task
dufferzafar
commented
10 years ago I don't exactly get what you are trying to say. But Heroku offers many stacks - PHP, Node, Python. Though I have never given them a try,
cabreraalex
commented
10 years ago Sorry, I'll try to clarify: If we set up a website for this repository on Heroku, we would have to base it off of a certain technology, say a Django powered website. Once we have it running off of Django, I'm not sure how we would go around hosting a PHP challenge without faking the vulnerability.
It might be possible to run multiple technologies (PHP, Ruby, and Python for example) off of one site, but I would have to do some considerable research into that. For now I might just set up a simple heroku PHP powered site, as many of the web challenges are based off of PHP and SQL database back ends.
dufferzafar
commented
10 years ago If multiple stacks are a problem, why don't we setup multiple repositories (on heroku). Something like ctf-example-1.herokuapp.com for our first web example and so on.
cabreraalex
commented
10 years ago Ah very true, did not even think of that. We could just set up a seperate stack for each tech, one running off of PHP, another off of Ruby on Rails, etc.
Saw that you have mentioned the need of a webserver for web based levels.
We could write examples and push them to Heroku?
Check out - Backdoor CTF's Web 250. It's source code is here