Team creation and service implementation

[xiao-pi]

Hi I have two questions.

First is the demo01.py file. If I understand the process correct we need to run a changed demo file to run our dashboard. Or is there another file which allows us to run the dashboard. Because if we need to run the changed demo file we need to change the amount of the teams or the passwords manually. It would be better to load them from the DB. Or did I understand something wrong or didn't find the correct file.

Secondly is the implementation of the services. We were wondering if we are correct that this happens in the reset1.py file. Or is this somewhere else.

Thank you for your support.

[c-goes]

1. the demo is for testing the flag scripts in the development environment. it’s an automated script to make the testing of flags scripts easier for the service developer. There is no automation for the actual game but you can make one of course.

For the other questions: https://github.com/hsasctf/lxctf/blob/master/docs/run_a_game.md

[c-goes]

Normally the Team and AttendingTeam entries are created via register_app. The reason why this is in demo is that the public repo contains no existing db dump with teams that could be used. Because of the hard coded passwords used it’s only really useful for vagrant environments.

[c-goes]

The use of tornado is just an example. I’m unsure if this method is the best. It can only fulfill one request at a time. I would use gunicorn now, with multiple threads and processes. Or another method to run flask apps.