Getting Started
Categories:
4 minute read
Goal
In this tutorial, we will create a dynamic_iac challenge, a new challenge type introduced by the plugin. We will create a challenge where each player gets their own instance. We want an instance without mana cost, must be destroyed after 10 minutes without a maximum due date.
Note
If you are unfamiliar with the new attributes of thedynamic_iac challenge type, please refer to the related design. For guidance on maintenance operations (e.g., modifying challenge attributes), please refer to the relevant guides. For details on the Infra-as-Code scenario, consult the appropriate documentation.Prerequisites
This tutorial requires the installation of Docker, Docker Compose, Golang, and ORAS.
Create the CTF Platform
Start all services with the registry:
cd hack
docker compose -f docker-compose-minimal.yml --profile registry up -d
Perform your CTFd setup at http://localhost:8000/setup.
Create the Challenge
Create the Scenario and Push It to the Registry
For this example, your challenge will consist of 2 elements:
- The Docker image of your challenge (SSH server, web server, …) that exposes 1 port.
- The scenario that indicates to Chall-Manager how to deploy your challenge (the Docker image).
The scenario used is generic, which allows you to use this scenario and have any Docker image that exposes 1 port.
To build the scenario and push it to the local registry:
cd hack/docker-scenario
bash build.sh
Note
The scenario used here allows you to run a Docker container locally only. This is far from the actual capabilities of Chall-Manager. For more information, refer to the dedicated Chall-Manager documentation.Create the Challenge on CTFd
We will follow the configuration presented in the goal, which includes the following classic CTFd settings:
| Key | Value |
|---|---|
| Name | example |
| Category | example |
| Message | example |
| Initial Value | 500 |
| Decay Function | Logarithmic |
| Decay | 10 |
| Minimum Value | 10 |
Since we want each player to have their own instance, disable the sharing option.
Next, disable the Destroy on Flag:
Next, set the mana cost. You can leave it empty or configure an explicit 0.
As mentioned, we want instances to be destroyed after 10 minutes of usage (600 seconds), without any due date:
Leave the Until value empty and configure the Timeout value at 600.
At the previous step, we pushed the scenario to the registry localhost:5000. In Chall-Manager scope, you need to refer to the scenario by this name inside the Docker network.
Finally, click Create to set up the challenge.
Note
The first challenge creation can be long depending on your Internet connection. Chall-Manager will download the Pulumi plugin associated with the given scenario. Please be patient.
Play the Challenge
Once the challenge has been created in CTFd and Chall-Manager, you can deploy on-demand instances of the scenario. To do this, go to the challenges page at http://localhost:8000/challenges.
To deploy the container, simply click on “Launch the challenge”. A URL will be returned by the plugin, and the challenge will be accessible. You can verify that the image is correctly deployed on your computer:
docker ps | grep challenge
7b22cfa739ac 870ac2311d4b "/opt/CTFd/docker-en…" 22 seconds ago Up 21 seconds 0.0.0.0:32771->8000/tcp challenge-f953808a2ddbcace
To monitor instances directly from CTFd, go to the instance monitoring page at http://localhost:8000/plugins/ctfd-chall-manager/admin/instances.
Conclusion
In this guide, you have successfully set up a dynamic_iac challenge using the CTFd-chall-manager plugin. You learned how to create a CTF platform, build and push a scenario to a local registry, and configure a challenge on CTFd. You also explored how to deploy and manage instances of the challenge on demand.
By following these steps, you now have a functional challenge that allows each player to have their own instance, with specific mana costs and timeout settings. This setup leverages the capabilities of Chall-Manager to provide a dynamic environment for CTF challenges."
What’s Next
For further customization and advanced configurations, refer to the design documentation, maintenance guides, and ChallMaker documentation. These resources will help you deepen your understanding and optimize your challenge setup.