Part1 - Redhat + CTFd.io: Breaking new things

The CentOS Linux distribution is a stable, predictable, manageable and reproducible platform derived from the sources of Red Hat Enterprise Linux (RHEL). Currently, I am considering hosting an air-gapped CTF using CTFd.io's platform. To test out installing and configurating the setup, I am using the following software:

Proxmox

Proxmox is an open sourced virtual environment which I have already configured and on a Supermicro server. It works really well for with a few issues:

  • Uploading ISOs larger then 2GB must be transferred through SCP or other methods and not through the GUI. Location: /var/lib/vz/template/iso
  • Windows VMs must use BIOS and SATA connections or may not boot properly. See: Windows 10 guest best practices (Proxmox Wiki)
    • Thanks for @dahellstern for point out this being incorrect (Update: 2021/07/24).
  • High Available (HA) storage and servers can be odd to configure. You really need at least 3 servers for clustering and need the same storage on each server.

RedHat Enterprise Linux

RedHat is an open sourced Linux operating systems. Recently, RedHat killed CentOS in January 2021 (ArsTechnica's Why Read Hat killed CentOS). "The CentOS Linux distribution is a stable, predictable, manageable and reproducible platform derived from the sources of Red Hat Enterprise Linux (RHEL)." (About CentOS). Since CentOS is basically dead, I am configuring RedHat with their new community version. The downside to using RedHat is you need a subscription. You can use their "RedHat Developer Subscription for Individuals" which provides 16 servers and up to 128 sockets.

You are required to provide a subscription service. You can do this either online or offline.

Online is fairly easy; you just need to add the subscription to the system and attach your server to it. Offline is a bit of a pain since you need to auto-generate all the files from the site; then copy it over to the server and perform several commands to wire everything together.

Installation

I am not going to go over the steps to install RedHat. I found that it installs generally like most other Linux distros. However, for RedHat, you can choose a Security Policy during the installation phase. I choose to do the CIS policy (See: CIS Controls) which had wants you to manually configure your partitions.

For this, I setup a 62G virtual hard drive:

Virtual Hard Drive FDisk

Then, configured the following LVM volumes during the install (shown is the lvscan after installation):

LVM

The fstab:

fstab

In the fstab, several of the partitions are hardened. You cannot run any binaries from "/tmp" folder for example which is a common attack technique. These changes are due to the security profile chosen when the system was installed.

CTF.io needs to build a few python packages and tells you to install the "build-essential" packages. However, for Red Hat you need to do the following command: dnf groupinstall 'Development Tools' (See: What would be the RHEL package corresponding to build-essential in Ubuntu?)

Installing the rest of the packages for RedHat: dnf install python39 python39-devel python39-cffi libffi-devel

Then, install the python requirements from the CTFd cloned-repo: pip3 install -r requirements.txt

CTF.io

CTF.io Github repo contains some docker files to run the whole thing in 3 different containers (webserver, database, and webpage). However, RedHat does not support docker-compose. So, this is not going to help me. I did run across an article from Nathan Lager -- Moving from docker-compose to Podman pods -- which shows how to set it up to a degree.

Part 2 will probably be this configuration migration from the docker-compose.yml for CTF.io to Podman, but I need to workout the configuration first. I will probably break something. XD

Stay tunned...