This is a scoring server built using Ruby on Rails by the Military Cyber Professionals Association (MCPA). It is free to use and extend under the MIT license (see LICENSE file). The goal of this project is to provide a standard generic scoring server that provides an easy way to add and modify problems and track statistics of a Cyber Capture the Flag event. While it's not recommended, this server can be hosted with your challenges but we do recommend sand-boxing your challenges so they do not affect the scoring server.
Want to see it in action? Live Demo hosted here and screenshots here!
We created this application after using the PicoCTF platform for our annual CTF. It was okay, but we found it lacking some features that we wanted. We wanted a way to be able to offer competitors hints for a cost, and we also wanted a way to create and modify problems from a web interface. We looked around and didn't see any others that met our requirements. CTFd: at the time, had no web admin interface for creating challenges. Root The Box: We didn't like all the extra stuff with the bank accounts and it just seemed too complex for our needs. So we decided to roll our own scoring server and now you can benefit from our hard work! This application implements an optional dynamic hint system which will deduct points for requesting hints and also implements a web interface for creating and modifying hints and challenges. We hope you enjoy this application and are open to feedback so let us know what you like, hate, would like to see added, etc...
A few things must be configured to deploy to Heroku:
HOST
environment variable that contains the url for your app
(e.g., HOST=hackthearch.herokuapp.com).heroku addons:create sendgrid:starter
). More info on Sendgrid
here.config/environments/production.rb
.bundle exec rails db:seed
. After
initialization, the admin login credentials will be: admin@gmail.com :
password