Skip to content

Commit 38c980b

Browse files
inkustrinkustr
committed
Final version
1 parent 46b0fe6 commit 38c980b

File tree

1 file changed

+7
-11
lines changed

1 file changed

+7
-11
lines changed

documentation/README.md

Lines changed: 7 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -21,29 +21,25 @@
2121
- [Admin Challenge](#admin-challenge)
2222
- [Admin Dashboard](#admin-dashboard)
2323
- [Admin Feedback View](#admin-feedback-view)
24-
- [Flagstores](#flagstores)
25-
- [FS0: Draft Problem Descriptions](#fs0-draft-problem-descriptions)
26-
- [FS1: Saved Solution Files](#fs1-saved-solution-files)
27-
- [FS2: Feedback and Admin View](#fs2-feedback-and-admin-view)
2824
- [Intended Exploits and Fixes](#intended-exploits-and-fixes)
2925
- [SQL Injection in Problems API](#sql-injection-in-problems-api)
3026
- [Sandbox Breakout via Code Execution](#sandbox-breakout-via-code-execution)
3127
- [Stored XSS via SVG in Admin Feedback](#stored-xss-via-svg-in-admin-feedback)
3228
- [File Structure](#file-structure)
3329
- [Service](#service)
3430
- [Checker](#checker)
35-
- [Documentation Assets](#documentation-assets)
31+
3632

3733
## Introduction
3834

39-
ShetCode is a [LeetCode](https://leetcode.com/)-like platform built with Symfony and PostgreSQL. It supports public/private coding problems, sandboxed Python execution, and feedback submission. It is designed as a CTF service with multiple flagstores and intended vulnerabilities.
35+
ShetCode is a [LeetCode](https://leetcode.com/)-like platform built with Symfony and PostgreSQL. It supports public/private coding problems, sandboxed Python execution, and feedback submission. It is designed as a CTF service with multiple flagstores and intentional vulnerabilities.
4036

4137
## Architecture
4238

4339
- Web app: Symfony (PHP-FPM + Nginx)
4440
- DB: PostgreSQL
4541
- Cache: Redis (for application caching)
46-
- Code execution: nsjail + Python3, per-submission directory under `public/submissions`
42+
- Code execution: nsjail + Python3, with a separate directory for each submission under `public/submissions`
4743

4844
## Installation
4945

@@ -59,7 +55,7 @@ export POSTGRES_PASSWORD=postgres
5955
export APP_SECRET=$(openssl rand -hex 32)
6056

6157
docker compose up --build -d
62-
# Service: http://localhost:8055
58+
# Service is available under http://localhost:8055
6359
```
6460

6561
### Running the Checker
@@ -69,18 +65,18 @@ git clone https://github.com/enowars/enowars9-service-shetcode.git
6965
cd enowars9-service-shetcode
7066
cd checker
7167
docker compose up --build -d
72-
# Checker HTTP: http://localhost:18055 (for ENOEngine)
68+
# Checker is available under http://localhost:18055 (for ENOEngine)
7369
```
7470

7571
## Usage
7672

7773
### Landing Page
78-
- `GET /` → login/register page if not authenticated, else redirect to problems.
74+
- `GET /` → login/register page if the user is not authenticated; otherwise, redirects to problems.
7975
![img](./imgs/registration.png)
8076

8177
### Registration
8278
- `POST /register` with `username`, `password`.
83-
- Password hashing: `md5(password + 'ctf_salt_2024')` (not too weak for CTF, but tricking AI).
79+
- Password hashing: `md5(password + 'ctf_salt_2024')` (not too weak for a CTF, but intended to trick AI models).
8480

8581
### Login
8682
- `POST /login` with `username`, `password`.

0 commit comments

Comments
 (0)