Host a competition?

[ankerbachryhl]

Hi, I want to host a CTF competition with this platform, how can I set it up on a webserver so everyone will be able to play it?

Thank you!

[byronfisher]

Hello @ankerbachryhl,

Please take a look at my Wiki i have also provided cheap affordable hosting solutions. https://github.com/mehnomy/FBCTF-Ubuntu-Setup

If you require any more assistance please feel free to reply back anytime we're all here to help.

Kind Regards, Byron Fisher

[ankerbachryhl]

Thank your @mehnomy but I don't understand if I set this up on a virtual machine in for exampel virtual box how can everyone get access to it? Can I set it up on a virtual machine? I know that this is some noob questions I'm sorry.

[Ttech]

Setup is pretty easy, you need a Ubuntu 14.04 install and an SSL Cert (so probably a domain). This means you can install it on a Virtual Machine, VPS, AWS Instance, Physical Box, your desktop, etc.

If you don't have a cert but you have a domain you can use lets encrypt - https://letsencrypt.org/getting-started/

For the rest of the FB CTF

1. update the system apt-get update && apt-get -y upgrade (possible apt-get dist-upgrade)
2. apt-get install curl git
3. git clone https://github.com/facebook/fbctf
4. cd fbctf
5. ./extra/provision.sh dev $PWD
6. follow instructions on screen

[ankerbachryhl]

@Ttech ahhh Now I understand, Thanks! So if I just have a local virtual machine with Ubuntu 14.04 and a domain name it will work? Or do I need a webserver with Ubuntu 14.04?

[Ttech]

@ankerbachryhl The setup script (provision.sh) will configure things for you including the webserver portion.

[ankerbachryhl]

@Ttech Thanks alot now I just need a virtual machine with Ubuntu 14.04!

[byronfisher]

Hello @ankerbachryhl,

If you want others to see it like e.g: Click me

This is running on a Dedicated Server however for smaller scales a VPS which i have provided in the wiki with the server specs would be my minimum recommendations on having a live platform.

The example link which i have provided you is running on a monster of a machine with a professional network setup, as it will be used for live production for hundreds of concurrent users and most likely mischief students who want to attempt to knock it out.

These Live machines are running back to back DDOS Mitigation on the machines networks themselves, rerouted using voxility who provide DDOS Protected IP addresses and then Cloudflare ontop for Protection and a CDN. Its backed with 2Gbps up and down. The specs on the machines themselves are 64GB of RAM and 16cores.

So in short terms depending on what your expectations are and how much traffic you're expecting to the website will determine what kind of setup you want, and obviously how much you want to fork out.

If you're setting this up for you and a couple of friends to maybe 50 concurrent people, then the specs i have provided within my Wiki will do you just fine at affordable price.

• a VPS provides you with a IP address which is accessible once configured (or after running the provision script), you will still require a domain i would recommend using Cloudflare as your DNS for more information on this please refer back to my Wiki.

To Clarify a Virtual machine which is situated on your machine is not available to the world wide web, and is only available to anyone else on your network.

Kind Regards, Byron Fisher

[ankerbachryhl]

Thanks! Sorry I'm dumb :( But when I run it on my vagrant virtual machine, I am the only one who is able to go to https://10.10.10.5/ has this something to do with that I'm connected to the internet using LAN?

[byronfisher]

Hey @ankerbachryhl,

could you please use ifconfig to find your IP Address -> Copy that IP address into your Browser and hit enter you will then hopefully see the website.

If you have any more issues feel free to reply back anytime.

p.s we all start somewhere don't worry if you feel like your asking silly questions just ask them!

Kind Regards, Byron Fisher

[ankerbachryhl]

Sorry @mehnomy I am able to go to the site and play the game, but my brother which is also connected to the internet via LAN cabel can't... And you said it was available to all the others on the network? Do you maybe know why? ;)

[byronfisher]

@ankerbachryhl

What IP address is your brother using in the web browser, with or without https? can your brother ping the IP address?

Kind Regards, Byron Fisher

[ankerbachryhl]

@mehnomy

No he can't ping it... Does it have something to do with that we are connected over lan, and not wifi?

[byronfisher]

LAN is perfect for testing,

can you copy and paste your whole output for (within the vm): ifconfig

Kind Regards, Byron Fisher

[ankerbachryhl]

Here you go (I can't copy inside the vm so you are getting the first 3 lines for eth1 and lo which are the only ones showing up):

eth1: Link encap:Ethernet HWaddr 08:00:27:76:f8:4d inet addr: 10.10.10.5 Bcast:10.10.10.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe76:f84d/64 Scope: Link

lo: Link encap: Local Loopback inet addr: 127.0.0.1 Mask: 255.0.0.0 inet6 addr: ::1/128 Scope:Host

[byronfisher]

i'm quite stumped do apologise but i don't have a solution everything looks fine, you will need to wait for another developer to reply.

Kind Regards, Byron Fisher

[ankerbachryhl]

@mehnomy No proplem i'm just glad you helped me! Do I need to ask for permission if I wanna do this online on a web server?

Kind Regards, Anker

[byronfisher]

@ankerbachryhl

Do I need to ask for permission if I wanna do this online on a web server?

Under the license which Facebook has released this platform it specifically says its not for Commercial use so as long as you're not charging anyone to use the Capture the Flag platform, then no you do not need to ask for permission to have this online.

This is why it was released:

The platform allows students, enthusiasts and developers to test their skills in a safe fun and legal environment, a couple days ago Facebook released the code so users could create their own competitions such as University Hackathons, contests and other event driven competitions.

It also allows users to produce the platform on their own machine which allows them to run it for themselves to learn by challenging themselves with the demo challenges which is within the package and innovate by creating their own challenges.

Have an awesome time and don't forget to innovate, feel free to ask for help if your having any issues on your server.

If any other developers can try and help resolve his local hosting issues that would be great +1!

Kind Regards, Byron Fisher

[ankerbachryhl]

@mehnomy Awesome Thank you for all your help!

[MikeMichel]

you can play the dockerized version (will be merged soon i guess) at sloppy.io using the quickstarter

[byronfisher]

@MikeMichel,

Just from one developer to another, this platform is about helping others to learn or advance their skills not for business(s) like sloppy.io to make business, the only thing you have brought with your small comment is a way for yourself to bring new customers by signing up for free which leads them to:

We're thrilled you joined our Container Hosting Cloud. To get you started we have set you up with a free 14-days trial of our SHARED HOST | S plan.

Followed on with 12EUR per month.

Kind Regards, Byron Fisher

[MikeMichel]

well, checking you own hosting advise i am lead to a hosting provider using your affiliate link which is absolutely fine as it's a common thing to provide ways to deploy a github project to make it public available. thread starter asked for it, i answered. however, feel free to delete my comment.

[byronfisher]

@MikeMichel,

A Quick statistics run down, 102 Unique Visitors, 8 of which have clicked on the link, 0 of which have purchased anything its a cheap option for those who are strapped for cash.

The Wiki was created to allow users who might be struggling with installation issues like i was, i had the 502 errors others were having, i had the flow not installing errors others were having, i had several other errors which have been appointed on this github so i decided to log down everything i did on a editor once i had it working i scrapped the VPS and restarted from scratched rinsed and repeated until i had a working solution which could be simply executed by someone who didn't have as much knowledge as i did.

I have offered a solution which doesn't at the end of 14days push them into making a purchase, the wiki allows anyone to use a Virtual Machine on their own computers or utilise a host of their choice for a VPS and recreate it on there.

So if we then compare what you have provided to what i have provided with an affiliation link, there is no comparison.

thread starter asked for it:

• If you actually read the comments he is actually hosting it on a local machine for him and his brother, he also requires help if you wanted to help him out instead of thinking about your pocket.

p.s not here to bicker, i'm active to help those who are in need of help to the best of my capabilities.

Kind Regards, Byron Fisher

[sergiownd]

So someone can make a guide (that should be on the wiki), for once u hace already setup the platform, be able to host a LAN competition? I've tried with the ip of my "host" computer, and its not working from another one. Thanks