ScoringEngine : Scoring Engine for Red/White/Blue Team Competitions

ScoringEngine for Red/White/Blue Team Competitions. Download Docker. If you are on Mac or Windows, Docker Compose will be automatically installed.

On Linux, make sure you have the latest version of Compose. If you’re using Docker for Windows on Windows 10 pro or later, you must also switch to Linux containers.

  • Run in this directory:

docker-compose build
docker-compose up

If you want to delete the database before starting, set the SCORINGENGINE_OVERWRITE_DB environment variable:

SCORINGENGINE_OVERWRITE_DB=true docker-compose up

We also provide the ability to run it in an ‘example’ mode. This means only the web ui runs, and the database is prepopulated with example data. Set the SCORINGENGINE_EXAMPLE environment variable to true:

SCORINGENGINE_EXAMPLE=true docker-compose up

The app will be running at http://localhost

Log in with any of the following logins at http://localhost:

whiteteamuser:testpass
team1user1:testpass
team2user1:testpass
team2user2:testpass
redteamuser:testpass

Installation

  • Docker

Note :It takes a minute or 2 for all of the containers to start up and get going!

TestBed Environment

make rebuild-testbed-new

This command will build, stop any pre-existing scoring engine containers, and start a new environment. As part of the environment, multiple containers will be used as part of the testbed environment.

Environment Variables

We use certain environment variables to control the functionality of certain docker containers.

  • SCORINGENGINE_OVERWRITE_DB:
    • If set to true, the database will be deleted and then recreated during startup.
  • SCORINGENGINE_EXAMPLE:
    • If set to true, the database is populated with sample db, and the engine container will be paused. This is useful for doing development on the web app.

You can set each environment variable before each command executed, for example:

SCORINGENGINE_EXAMPLE=true make rebuild-new

Production Environment

Modify the bin/competition.yaml file to configure the engine according to your competition environment. Then, run the following make command to build, and run the scoring engine.

Warning: This will delete the previous database, exclude the ‘new’ part from the command to not rebuild the db.

make rebuild-new

Then, to ‘pause’ the scoring engine (Ex: At the end of the day):

docker-compose -f docker-compose.yml stop engine

To ‘unpause’ the engine:

docker-compose -f docker-compose.yml start engine

Also Read – Lazydocker : The Lazier Way To Manage Everything Docker

Manual Setup

Note: Currently, the only OS we have documentation on is Ubuntu 16.04.

  • Install Dependencies via APT-Get

apt-get update
apt-get install -y python3.5 wget git python3.5-dev build-essential libmysqlclient-dev

  • Create engine user

useradd -m engine

  • Download and Install pip

wget -O /root/get-pip.py https://bootstrap.pypa.io/get-pip.py
python3.5 /root/get-pip.py
rm /root/get-pip.py

  • Setup virtualenvironment

pip install virtualenv
su engine
cd ~/
mkdir /home/engine/scoring_engine
virtualenv -p /usr/bin/python3.5 /home/engine/scoring_engine/env

  • Setup src directory

git clone https://github.com/scoringengine/scoringengine /home/engine/scoring_engine/src

  • Install scoring_engine src python dependencies

source /home/engine/scoring_engine/env/bin/activate pip install -e /home/engine/scoring_engine/src/

  • Copy/Modify configuration

cp /home/engine/scoring_engine/src/engine.conf.inc /home/engine/scoring_engine/src/engine.conf
vi /home/engine/scoring_engine/src/engine.conf

  • Create log file locations (run as root)

mkdir /var/log/scoring_engine
chown -R syslog:adm /var/log/scoring_engine

  • Copy rsyslog configuration

cp /home/engine/scoring_engine/src/configs/rsyslog.conf /etc/rsyslog.d/10-scoring_engine.conf

  • Restart rsyslog

systemctl restart rsyslog

R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

13 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

13 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

13 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

13 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

14 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

17 hours ago