NzrCTF

I’ve been struggling to figure out how to get this VPS to run multiple vulnerable web apps at the same time, since I’m also using it to host a BDS (Bedrock Dedicated Server). I could temporarily shut down the Minecraft server, but setting it up again later would be a hassle :(

For now, I’ll just stick with 3 stages. I’ve also finished writing the readme

It’s been a while since the last devlog. This update brings some major changes:

• Refactored the design to a neobrutalist style after some consideration. I liked it, so I decided to go all in.
• Added leaderboard and account pages
• Implemented a stage lock system (you must complete previous stages first)
• Switched submission time from server time to local time
• Fixed an issue where submission time was not updating
• Added various security headers
• Reorganized the project structure to make it cleaner
• Created a password generator to help new users create strong passwords

I forgot to make a devlog yesterday
I’ve added several changes:

• Fixed error when submitting flag
• Added stage 2
• Added submission page
• Create a responsive mobile menu

Finally, i’ve finished these features:

• Added the first stage with a real website
• Set up a VPS to host the vulnerable web and forward it via ngrok

I think designing even an easy quest is actually pretty complicated

Login works with username or email now. Added a landing page and story mode UI, more stages coming soon…

First time using supabase, it’s actually pretty easy to setup with its auth system