kCTF Learnings - WolvSec/Knowledge-Base GitHub Wiki
For PWN challenges and Crypto challenges which require TCP connection. Web challenges that use HTTPS can use GCloud Run.
Read all of https://google.github.io/kctf/! The docs are really good and cover a lot.
First it is recommended to get used to kctf by running it locally. Follow the instructions here: https://google.github.io/kctf/local-testing.html
Then install the gcloud SDK:
sudo apt-get install apt-transport-https ca-certificates gnupg
echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
sudo apt-get update && sudo apt-get install google-cloud-cli google-cloud-sdk-gke-gcloud-auth-plugin kubectlFollow the guide here: https://google.github.io/kctf/google-cloud.html
It is smart to use an account when has the free $300 in credits to start. You must also set up billing to start using all of the features necessary to run kCTF. It may be smart to set up a budget with alerts to make sure you don't go over during testing.
kctf cluster stop Shuts down the current cluster. This takes a while on GCloud.
kctf chal start Use when you are in a challenge directory (e.g. there is a challenge.yaml present) to build the Docker containers and roll out a new version.
kctf chal stop Use when you are in a challenge directory to stop a challenge.
kctf chal list Lists all challenges. It finds them by looking for directories with challenge.yaml
kctf cluster create local-cluster --start --type kind Create a local cluster for testing (fast).
kctf cluster create --project <GCloud project ID> --domain-name <name>-codelab.kctf.cloud --start remote-cluster
https://google.github.io/kctf/custom-domains.html
Make sure to use different ports for each challenge!