Skip to content

Create New Shepherd Level Entry

Jump to bottom
markdenihan edited this page May 2, 2014 · 20 revisions
  1. Build your level (Easier said than done)
  2. Open a securityShepherd core mysql instance (root / CowSaysMoo)
  3. Run the following procude, filling in the fields

call moduleCreate('theModuleName', 'lesson/challenge', 'moduleCategory', 'theModuleSolution', true/false);

moduleCategory - Defined by user but groups together levels. theModuleSolution - hard coded expected result or null with no single quotes. true/false - Is the key hardcoed or not?

  1. The procedure will return a hash and the stored moduleSolution. If you left it as null this is now the answer for your module. Make note of the Hash - referred to as level hash
  2. Open the levelTemplate.jsp in OwaspSecurityShepherdExposed/jsp
  3. Save it as levelHash.jsp in OwaspSecurityShepherdExposed/jsp/lesson or tOwaspSecurityShepherdExposed/jsp/challenge based on the tyep you chose in the procedure
  4. Fill out as much information as you can in the template and be careful of double quotes. Because you are populating double quote encapsulated strings.
  5. If you are going to write your own HTML and do not want to use the template levelBlurb section, remove the levelBlurb scriptlet from the contentDiv section of the page and put your stuff there
  6. If there is a downloadable associated with the level, archive it and put the archive in a folder named levelHash
  7. Run this SQL command to generate an insert statement to put in the core database script (Changing the ? with the levelHash)

SELECT CONCAT("INSERT INTO modules (moduleId, moduleName, moduleType, moduleCategory, moduleResult, moduleHash, moduleStatus, incrementalRank, scoreValue, scoreBonus) VALUES ('", moduleId, "', '", moduleName, "', 'lesson', 'ctf', '", moduleResult, "', '", moduleHash, "', 'closed', '", scoreValue, "', '", incrementalRank, "', '5');") FROM modules WHERE moduleHash = '?';

  1. Add the outputted INSERT command from the Create Level function you ran on Shepherd to the SecurityShepherdCore/database/coreSchema.sql file in the HSS git repo. Review the statement first. Make sure it is valid. And make sure you add where the rest of the inserts are there for modules
  2. You may need to check the uniquness of your new line's module id. this process will have to be fixed
  3. Push your updates and your level will be live when the Exposed Server is redeployed

It is recommended that you test your level on your local deployment. To set up your local instance of shepherd follow these steps. To test your level you will need to run the SQL command you added to the masterSchema.sql on your MySQL server

Clone this wiki locally