CodeExec is a sandboxed coding platform for use in info-security Capture the Flag (CTF) competitions. Initially created for GHCHS's CyberSecurity club, CodeExec was used in the club's two CTFs: BryceCTF and trevzCTF.
CodeExec uses the epicbox Python library to start one-use Docker containers to sandbox unsafe code.
Supports ASM64, C, C++, C#, Java 11, NodeJS 10.13.0, and Python 3.8.5.
Uses socket.io to communicate between a client and server.
- Install all of the necessary Docker images:
docker pull strellic/epicbox-asm64:latest && \
docker pull stepik/epicbox-gcc:6.3.0 && \
docker pull stepik/epicbox-mono:5.0.0 && \
docker pull stepik/epicbox-java:11.0.1 && \
docker pull strellic/epicbox-node:latest && \
docker pull strellic/epicbox-python:latest(OPTIONAL) Use venv to make a virtual environment:
python3 -m venv env
source env/bin/activate- Install the Python requirements with pip:
pip install -r requirements.txt- Run the app once in debug mode to generate
settings.jsonandproblems.jsonin thedatafolder:
python3 app.py-
Modify
settings.jsonandproblems.jsonto change the port and add challenges. -
When you want to switch to a production server, start the app with Gunicorn.
gunicorn -c config.py app:app(If at this point, gunicorn doesn't work, install gunicorn or gunicorn3 from your package manager and run the previous command again.)
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.