H1ve
H1ve copied to clipboard
Published
20 hours ago •
D0g3-Lab
D0g3-Lab
subdomain using redirect_type HTTP does not work
New Issue Checklist (自检清单)
- [x] Updated H1ve to the latest version (是否更新到最新版本)
- [X] I have read the README
- [X] I searched for existing GitHub issues
Issue Description (问题描述)
I tried to use subdomain generate by h1ve to spawn docker challenge, i already setup exactly like on README at https://github.com/D0g3-Lab/H1ve/tree/master/CTFd/plugins/ctfd-owl
Docker run as expected, I get test challenge (file-upl0ad) using direct IP but not subdomain, when launch instance, I get direct IP, not d916e71a000a315f902e6bd9a739bfe5.node.jj.com
I can access the challenge using direct IP
ctfd-owl setting
file-upl0ad setting
test@scoreboard:~/H1ve$ cat frp/frpc.ini
[common]
token = random_this
server_addr = frps
server_port = 80
admin_addr = 0.0.0.0
admin_port = 7400
[http_user1_file-upl0ad_service_1]
type = http
local_ip = user1_file-upl0ad_service_1
local_port = 80
subdomain = d916e71a000a315f902e6bd9a739bfe5
use_compression = true
test@scoreboard:~/H1ve$ cat frp/frps.ini
# 下面这句开头必须要有,表示配置的开始
[common]
# frp 服务端端口(必须)
bind_port = 80
# frp 服务端密码(必须)
token = random_this
# 认证超时时间,由于时间戳会被用于加密认证,防止报文劫持后被他人利用
# 因此服务端与客户端所在机器的时间差不能超过这个时间(秒)
# 默认为900秒,即15分钟,如果设置成0就不会对报文时间戳进行超时验证
authentication_timeout = 900
# 仪表盘端口,只有设置了才能使用仪表盘(即后台)
# dashboard_port = 7500
# 仪表盘访问的用户名密码,如果不设置,则默认都是 admin
# dashboard_user =
# dashboard_pwd =
# 如果你想要用 frp 穿透访问内网中的网站(例如路由器设置页面)
# 则必须要设置以下两个监听端口,不设置则不会开启这项功能
vhost_http_port = 80
vhost_https_port = 443
# 此设置需要配合客户端设置,仅在穿透到内网中的 http 或 https 时有用(可选)
# 假设此项设置为 example.com,客户端配置 http 时将 subdomain 设置为 test,
# 则你将 test.example.com 解析到服务端后,可以使用此域名来访问客户端对应的 http
subdomain_host = node.jj.com
Version & Environment (系统/环境版本)
- Docker Version 19.03.13, build 4484c46d9d
- Docker-compose Version
docker-py version: 4.3.1
CPython version: 3.7.7
OpenSSL version: OpenSSL 1.1.0l 10 Sep 2019
- Os Version : Ubuntu 20.04.1 LTS
- Browser Version : Edge Version 87.0.664.47
