Releases: phannhat17/CTFd-Docker-Plugin
Releases · phannhat17/CTFd-Docker-Plugin
Version 2.0.3
Security Features: Hybrid Network Isolation
Implemented a new Hybrid Network Strategy to maximize isolation without breaking functionality:
- Host:Port Mode (Web/TCP): Now deployed in a strictly isolated network (
ctfd-isolated) withenable_icc=false. This enforces Layer 2 isolation, preventing containers from communicating with each other (no lateral movement between challenges) while maintaining internet access. - Subdomain Routing: Web challenges continue to use the shared setup (
ctfd-challenges) to ensure seamless Traefik integration.
Bug Fixes & UI Improvements
- Multi-Port Subdomain UI: Fixed a display issue where challenges exposing multiple ports would incorrectly fall back to showing Host:Port addresses. The UI now correctly renders individual Subdomain URLs for every exposed port (e.g., https://chal-uuid.ctf.com and https://chal-uuid-8888.ctf.com).
- Internal Routing Logic: Updated backend and frontend logic to correctly prioritize URL lists in the connection information payload.
Version 2.0.2
Version 2.0.2
UI Changes
- Optimize admin dashboard
Version 2.0.1
Version 2.0.1
New Features
- Discord Webhooks: Real-time notifications for critical system events.
- Cheat Alerts: Instant notification when flag sharing is detected.
- Error Alerts: Notifications for container provisioning failures.
- Testing: Built-in connection tester and demo alert generator.
UI Changes
- Webhook Settings: Added visual Test/Demo buttons in configuration.
Version 2.0.0
Version 2.0.0
New Features
- Multi-Port Support: Support multiple port mapping per image (e.g. 80, 22), allowing complex challenges with multiple exposed services.
- Configurable Container Limit: Admins can now set a maximum number of concurrent containers per user/team (default: 3).
UI Changes
- Admin Dashboard Pagination: Performance optimization for large instances list, adding pagination controls.
- Improved Port Display: Admin dashboard now uses stacked badges for multi-port display to prevent overflow.
Performance & Security
- Race Condition Fix: Implemented Redis distributed locking for robust port allocation.
- Provisioning Retry: Added retry logic to handle temporary resource contention.
- Faster Termination: Reduced container stop timeout for quicker cleanup.
- Flag Trimming: Automatic whitespace trimming for flag submissions.
Version 1.1.1
Version 1.1.1
No New Features
Changes
- Minors UI fix
- Update documents
Version 1.1.0
Version 1.1.0
New Features
- SSH docker connect
- Sub domain routing for web challenge
Version 1.0.0
Version 1.0.0
Major Features
- Dynamic Container Spawning: Isolated Docker containers per team/user with automatic lifecycle management
- Anti-Cheat System: Automatic detection and banning for flag sharing
- Dynamic Scoring: Linear and logarithmic decay options
- Redis-Based Expiration: Precise container termination (0-second accuracy)
- CSV Bulk Import: Import multiple challenges at once via CSV file
- Random Flag Generation: Per-team unique flags with pattern system (e.g.,
CTF{prefix_<ran_8>_suffix})
Admin Features
- Real-time dashboard with auto-reload every 15 seconds
- Global resource limits (CPU, memory, timeout)
- Container naming:
challengename_accountidformat - Cheat detection logs and audit trail
- Docker status monitoring
Security
- CRITICAL: Added security warnings for cookie theft prevention
User Experience
- Simplified challenge creation UI
- Flag pattern preview
- Container extend (+5 minutes)
- Multiple connection types (HTTP, TCP)
Technical Improvements
- Redis keyspace notifications for precise expiration
- Frontend CSV parsing
- Template system with reusable components
- Timezone-independent timestamp handling
Requirements:
- CTFd 3.8+
- Docker with socket access
- Redis with keyspace notifications enabled
archive
archive