pbrucla / cyber-instancer Goto Github PK
View Code? Open in Web Editor NEWChallenge Instancer Project
Home Page: https://instancer.acmcyber.com
License: GNU Affero General Public License v3.0
Challenge Instancer Project
Home Page: https://instancer.acmcyber.com
License: GNU Affero General Public License v3.0
add some sort of captcha to prevent users from spamming starting challenges. If interested, ping me or jason and we can get you added to the lactf recaptcha account
Need to add an API endpoint that deletes the session token from Redis.
Related to #21
Homepage right now is just an svg - need to update to be more responsive and not have a scrollbar. Does not need to be anything fancy, just maybe update page to have no scrolling or something.
When a timer for a challenge expires, the number simply becomes negative and keeps decreasing, with some funky rounding issues as well.
Test the ability for the kube cluster to be in a multi-node setup temporarily
Right now, almost everything is ephemeral, and as such, if something happens, we won't know what happened. As such, we need proper logging for:
This will allow for challenges to have randomized passwords, paths, etc. Have a config file define env variables to place a random value for each challenge different per instance, and also pass this value to the frontend for displaying to the user as e.g. ssh password.
If a challenge takes more than like a second to boot up, the user is given the connection details before it is fully booted up. Instead, this should wait to give the connection details for a duration specified per-challenge to give some time for it to boot up (similarly to tryhackme)
Also, add API data for the timestamp that the challenge can display its connection data.
Ratelimit:
Ratelimiting should have an option to use cloudflare's appropriate headers, and must take into account both IPv4 and IPv6 addresses (note that IPv6 ratelimiting should be done at the /64 block level, NOT individual IPv6 address level).
setup custom error pages for traefik so users aren't confronted with a super generic no-format "404 not found" text or similar
Admin API should have for user management:
Display team username on login screen. This requires:
Add config toggle for "rctf mode":
support logging in via google for ucla students to remove account signup friction and also add protection on signing up for accounts
API error handling is not very good right now - for example, there is no difference between "unable to create challenge right now because it is shutting down" and "unable to create challenge because cache got corrupted" or something actually serious
We need some sort of docs to make onboarding for both devs and challenge writers easier and more streamlined beyond the 50 page readme.md that's there right now. Some docs are available at ACM Drive > 2022-23 > Cyber > Reference Docs > Cyber Instancer
Admin API for challenge management should implement:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.