-
Notifications
You must be signed in to change notification settings - Fork 464
Create New Shepherd Level Entry
Mark Denihan edited this page Aug 17, 2018
·
20 revisions
- Build your level (Help me build my level)
- Open a securityShepherd core mysql instance (root / CowSaysMoo by default)
- Run the following procude, filling in the fields
call moduleCreate('theModuleName', 'lesson/challenge', 'moduleCategory', true/false, 'theModuleSolution');
moduleCategory - Defined by user and groups together levels. If the Category already exists, use it (Case Sensitive)
theModuleSolution - hard coded expected result or null with no single quotes.
true/false - Is the key hardcoded into the level or not?
- The procedure will return a hash, the stored moduleSolution, the ModuleName Translation Key and the ModuleCaegory Translation Key. If you left the moduleSolution as null, the returned value is now the answer for your module. Make note of the Hash - referred to as level hash as well as the Translation Keys
- Open the SecurityShepherdCore/src/i18n/moduleGenerics/moduleNames.properties file and add the Level Name Translation key followed by the English Name of the level separated by an equals sign and add the category translation key followed by the English Category Name if the Category does not already exist in the file. The category translation key should be preceeded by "category.". eg:
sql.injection = SQL Injection
category.injection = Injection
- Open the webLevelTemplate.jsp file in SecurityShepherdCore/src/jsp
- Save it as levelHash.jsp in SecurityShepherdCore/src/jsp/lesson or SecurityShepherdCore/src/jsp/challenge based on the type you chose in the procedure
- Fill out as much information as you can in the template and be careful of double quotes.
- If you are going to write your own HTML and do not want to use the template levelBlurb section, remove the levelBlurb scriptlet from the HTML contentDiv section of the page and put your stuff there
- If there is a downloadable associated with the level(PCAP, jar, stuff), archive it and put the zip in a folder named levelHash
- Once you have built your level's view and controller, make sure it is translation ready
- Run this SQL command to generate an insert statement to put in the core database script so your new level entry will persist when a new Shepherd instance is created(Changing the ? with the levelHash)
SELECT CONCAT("INSERT INTO modules (moduleId, moduleName, moduleNameLangPointer, moduleType, moduleCategory, moduleCategoryLangPointer, moduleResult, moduleHash, moduleStatus, incrementalRank, scoreValue, scoreBonus, hardcodedKey) VALUES ('", moduleId, "', '", moduleName, "', '", moduleNameLangPointer, "', '", moduleType,"', '", moduleCategory,"', '", moduleCategoryLangPointer, "', '", moduleResult, "', '", moduleHash, "', 'open', '", incrementalRank, "', '", scoreValue, "', '5', ", hardcodedKey,");") FROM modules WHERE moduleHash = '?';
- Add the outputted INSERT command from the Create Level function you ran on Shepherd to the SecurityShepherdCore/database/coreSchema.sql file in the HSS git repo. Review the statement first. Make sure it is valid. And make sure you add where the rest of the inserts are there for modules
- Next you need to create a cheat sheet entry for your level. Add the following cheat sheet line to the SecurityShepherdCore/database/coreSchema.sql file.
CALL cheatSheetCreate('moduleIdHere', "moduleIdHere.solution");
- Now open the SecurityShepherdCore/i18n/cheatsheets/solutions.properties file and add the following
moduleIdHere.solution = Steps to complete the level
- Fetch & Pull from remote and then Push your updates and your level will be live when the WAR file is deployed
It is recommended that you test your level on your local deployment. To set up your local instance of shepherd follow these steps. To test your level you will need to run the SQL command you added to the masterSchema.sql on your MySQL server