How to host a CTF event | VULNCON 2020 CTF | International CTF Infrastructure Management

Host CTF for Free

VULNCON 2020 CTF Home Page
vulncon 2020 challenge page

Top Teams

What is a CTF?

Creating the CTF Event

Section

Stats

user statics
submissions

Statistics by Cloudflare

web traffic by cloudflare
unique visitor
top countries

Platform Infrastructure

Details

web challenge instances
web challenge instances
pwn challenge instances
pwn challenge instances

Platform we used

CTFd Setup on your Server

Some extra tips to configure CTFd:

Setting up rate limit, Nginx and Firewall

nginx
nginx
limit_req_zone  $http_cf_connecting_ip zone=mylimit:10m rate=10r/s;
limit_conn_zone $http_cf_connecting_ip zone=addr:10m;
server {
server_name mydomain.com;
limit_req zone=mylimit burst=15;
limit_conn addr 10;
limit_req_status 429;
client_max_body_size 8M;
location / {
proxy_pass http://localhost:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Rate Limit
Rate Limit
Rate Limit is implemented Properly
ips
ips
Users IP

Cloudflare

cloudflare
cloudflare

Mail Server

Issues we faced

All the quotas available in GCP were exhausted

Site was a bit slow at the starting

Some Detailed Insights of Server Status

cpu usage of CTfd
cpu usage of CTfd
Main Instace of CTFd

CPU usage of SQL based web challenge

web graph
web graph
Web SQL based challenge

Insights of PWN challenges server

pwn-1
pwn-1
Easy Pwn Challenge Server
pwn-2
pwn-2
Requires Bruteforcing

Feedback

Feedback
Feedback
Feedback
feedback
feedback
Feedback

Conclusion