-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathchallenge.yml
106 lines (88 loc) · 3.52 KB
/
challenge.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# This file represents the base specification of your challenge. It is used by
# other tools to install and deploy your challenge.
# Required sections
name: "pecel"
author: "Dimas"
category: Web
description: |
**Author**: `Dimas`
Pecel PHP?
value: 100
type: dynamic
# The extra field provides additional fields for data during the install/sync commands/
# Fields in extra can be used to supply additional information for other challenge types
# For example the follow extra field is for dynamic challenges. To use these following
# extra fields, set the type to "dynamic" and uncomment the "extra" section below
extra:
initial: 500
decay: 100
minimum: 50
# Settings used for Dockerfile deployment
# If not used, remove or set to null
# If you have a Dockerfile set to .
# If you have an imaged hosted on Docker set to the image url (e.g. python/3.8:latest, registry.gitlab.com/python/3.8:latest)
# Follow Docker best practices and assign a tag
image: null
# Specify a protocol that should be used to connect to the running image
# For example if the image is a website you can specify http or https
# Otherwise you can specify tcp
protocol: null
# Specify a host to deploy the challenge onto.
# The currently supported URI schemes are ssh:// and registry://
# ssh is an ssh URI where the above image will be copied to and deployed (e.g. ssh://[email protected])
# registry is a Docker registry tag (e.g registry://registry.example.com/test/image)
# host can also be specified during the deploy process: `ctf challenge deploy challenge --host=ssh://[email protected]`
host: null
# Optional settings
# connection_info is used to provide a link, hostname, or instructions on how to connect to a challenge
connection_info: http://ctf.ukmpcc.org:44366
# healthcheck is a tool/script used to check a challenge
# If connection_info was provided to CTFd when the challenge was installed, it will be passed to the healthcheck script:
# ./writeup/exploit.sh --connection-info "nc hostname 12345"
# healthcheck: writeup/exploit.sh
# Can be removed if unused
# attempts: 5
# Flags specify answers that your challenge use. You should generally provide at least one.
# Can be removed if unused
# Accepts strings or dictionaries of CTFd API data
flags:
- TCF2024{pecel.php_to_rce_i_mean_peclcmd:(}
# Topics are used to help tell what techniques/information a challenge involves
# They are generally only visible to admins
# Accepts strings
topics:
- Remote File Inclusion
- RCE
# Tags are used to provide additional public tagging to a challenge
# Can be removed if unused
# Accepts strings
tags:
- php
# Provide paths to files from the same directory that this file is in
# Accepts strings
files:
- dist.zip
# Hints are used to give players a way to buy or have suggestions. They are not
# required but can be nice.
# Can be removed if unused
# Accepts dictionaries or strings
# hints:
# - {
# content: "This hint costs points",
# cost: 10
# }
# - This hint is free
# Requirements are used to make a challenge require another challenge to be
# solved before being available.
# Can be removed if unused
# Accepts challenge names as strings or challenge IDs as integers
# requirements:
# - "Warmup"
# - "Are you alive"
# The state of the challenge.
# If the field is omitted, the challenge is visible by default.
# If provided, the field can take one of two values: hidden, visible.
state: visible
# Specifies what version of the challenge specification was used.
# Subject to change until ctfcli v1.0.0
version: "0.1"