diff --git a/Dockerfile b/Dockerfile index 299e5f540..3ad41e94f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,7 +21,7 @@ RUN echo '{ "data-root": "/opt/pwn.college/data/docker" }' > /etc/docker/daemon. # TODO: this can be removed with docker-v22 (buildx will be default) RUN docker buildx install -RUN git clone --branch 3.4.0 https://github.com/CTFd/CTFd /opt/CTFd +RUN git clone --branch 3.6.0 https://github.com/CTFd/CTFd /opt/CTFd RUN wget -O /etc/docker/seccomp.json https://raw.githubusercontent.com/moby/moby/master/profiles/seccomp/default.json diff --git a/ctfd/requirements.txt b/ctfd/requirements.txt index c070a2dae..43584ef6f 100644 --- a/ctfd/requirements.txt +++ b/ctfd/requirements.txt @@ -7,37 +7,34 @@ ipython flask-shell-ipython # CTFd -Flask==1.1.2 -Werkzeug==1.0.1 -Jinja2==2.11.3 -Flask-SQLAlchemy==2.4.3 -Flask-Caching==1.8.0 +Flask==2.0.3 +Werkzeug==2.0.3 +Flask-SQLAlchemy==2.5.1 +Flask-Caching==2.0.2 Flask-Migrate==2.5.3 Flask-Script==2.0.6 -SQLAlchemy==1.3.17 -SQLAlchemy-Utils==0.36.6 -passlib==1.7.2 -bcrypt==3.1.7 -itsdangerous==1.1.0 -requests==2.26.0 # DOJO's docker dependency: 2.23.0 -> 2.26.0 -PyMySQL==0.9.3 -gunicorn==20.0.4 -dataset==1.3.1 -cmarkgfm==0.4.2 -redis==3.5.2 -gevent==20.9.0 +SQLAlchemy==1.4.48 +SQLAlchemy-Utils==0.41.1 +passlib==1.7.4 +bcrypt==4.0.1 +requests==2.28.1 +PyMySQL[rsa]==1.0.2 +gunicorn==20.1.0 +dataset==1.5.2 +cmarkgfm==2022.10.27 +redis==4.5.5 +gevent==22.10.2 python-dotenv==0.13.0 -flask-restx==0.2.0 +flask-restx==1.1.0 flask-marshmallow==0.10.1 marshmallow-sqlalchemy==0.17.0 boto3==1.20.0 # DOJO's docker dependency (bad urllib3 requirement): 1.13.9 -> 1.20.0 marshmallow==2.20.2 pydantic==1.6.2 WTForms==2.3.1 -python-geoacumen-city +python-geoacumen-city==2023.4.15 maxminddb==1.5.4 tenacity==6.2.0 -pybluemonday==0.0.7 - -markupsafe==1.1.1 # Fix: ImportError: cannot import name 'soft_unicode' from 'markupsafe' -greenlet==0.4.17 # Fix: ValueError: greenlet.greenlet size changed, may indicate binary incompatibility. +pybluemonday==0.0.12 +freezegun==1.2.2 +Flask-Babel==2.0.0 diff --git a/dojo_plugin/pages/desktop.py b/dojo_plugin/pages/desktop.py index 7b2bde834..de394fd4b 100644 --- a/dojo_plugin/pages/desktop.py +++ b/dojo_plugin/pages/desktop.py @@ -47,7 +47,7 @@ def view_desktop_res(route, user_id=None, password=None): active = bool(password) if get_current_dojo_challenge(user) is not None else None view_only = int(user_id != current_user.id) - iframe_src = f"/{route}/{user_id}/vnc.html?autoconnect=1&reconnect=1&path=/{route}/{user_id}/websockify&resize=remote&reconnect_delay=10&view_only={view_only}&password={password}" + iframe_src = f"/{route}/{user_id}/vnc.html?autoconnect=1&reconnect=1&path={route}/{user_id}/websockify&resize=remote&reconnect_delay=10&view_only={view_only}&password={password}" return render_template("iframe.html", iframe_src=iframe_src, active=active) @@ -79,13 +79,18 @@ def forward_desktop_res(route, socket_path, user_id, path=""): @desktop.route("/desktop//") @desktop.route("/desktop//") +@desktop.route("/desktop//", websocket=True) +@desktop.route("/desktop//", websocket=True) @authed_only def forward_desktop(user_id, path=""): + print("FORWARDING DESKTOP", path, flush=True) return forward_desktop_res("desktop", 6081, user_id, path) @desktop.route("/desktop-win//") @desktop.route("/desktop-win//") +@desktop.route("/desktop-win//", websocket=True) +@desktop.route("/desktop-win//", websocket=True) @authed_only def forward_desktop_win(user_id, path=""): return forward_desktop_res("desktop-win", 6082, user_id, path) diff --git a/dojo_plugin/pages/workspace.py b/dojo_plugin/pages/workspace.py index 2bed23d4d..c89368a2c 100644 --- a/dojo_plugin/pages/workspace.py +++ b/dojo_plugin/pages/workspace.py @@ -20,6 +20,8 @@ def view_workspace(): @workspace.route("/workspace/") @workspace.route("/workspace/") +@workspace.route("/workspace/", websocket=True) +@workspace.route("/workspace/", websocket=True) @authed_only def forward_workspace(path=""): prefix = "/workspace/"