diff --git a/.github/workflows/build-and-publish-dev.yml b/.github/workflows/build-and-publish-dev.yml new file mode 100644 index 000000000..935905287 --- /dev/null +++ b/.github/workflows/build-and-publish-dev.yml @@ -0,0 +1,63 @@ +name: build-and-publish-dev +on: + push: + branches: + - "dev" + +permissions: + contents: read + id-token: write + +jobs: + build-and-publish: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - id: "auth" + name: "Authenticate to Google Cloud" + uses: "google-github-actions/auth@v0" + with: + token_format: "access_token" + workload_identity_provider: ${{secrets.WORKLOAD_IDENTITY_PROVIDER_DEV}} + service_account: ${{secrets.SERVICE_ACCOUNT_ID_DEV}} + + - name: Login to GCR + uses: docker/login-action@v2 + with: + registry: us-docker.pkg.dev + username: oauth2accesstoken + password: ${{ steps.auth.outputs.access_token }} + + - name: Set environment variables + uses: c-py/action-dotenv-to-setenv@v2 + with: + env-file: .env + + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build Maven with Docker Profile + run: mvn clean install -Pdocker -DskipTests -B + - name: Build and push + uses: docker/bake-action@master + with: + push: true + env: + IMAGE_TOMCAT: us-docker.pkg.dev/elastic-infosec-dev/security-shepherd/security-shepherd:latest + IMAGE_MARIADB: us-docker.pkg.dev/elastic-infosec-dev/security-shepherd/security-shepherd_mariadb:latest + IMAGE_MONGO: us-docker.pkg.dev/elastic-infosec-dev/security-shepherd/security-shepherd_mongo:latest + CONTAINER_TOMCAT: secshep-tomcat + CONTAINER_MARIADB: secshep-mariadb + CONTAINER_MONGO: secshep-mongo + MONGO_BIND_ADDRESS: "0.0.0.0" + # - name: Setup tmate session + # uses: mxschmitt/action-tmate@v3 + # with: + # limit-access-to-actor: true + # if: ${{ failure() }} diff --git a/Dockerfile b/Dockerfile index def962b4b..7e5d6cb7e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,7 +25,7 @@ COPY target/docker/tomcat/$TLS_KEYSTORE_FILE $TLS_KEYSTORE_FILE COPY docker/tomcat/serverxml.patch serverxml.patch COPY docker/tomcat/webxml.patch webxml.patch -RUN printf "databaseConnectionURL=$MARIADB_URI/\nDriverType=$DB_DRIVER\ndatabaseSchema=$DB_SCHEMA\ndatabaseUsername=$DB_USER\ndatabasePassword=$DB_PASS\ndatabaseOptions=useUnicode=true&character_set_server=utf8mb4\n" >> database.properties +# RUN printf "databaseConnectionURL=$MARIADB_URI/\nDriverType=$DB_DRIVER\ndatabaseSchema=$DB_SCHEMA\ndatabaseUsername=$DB_USER\ndatabasePassword=$DB_PASS\ndatabaseOptions=useUnicode=true&character_set_server=utf8mb4\n" >> database.properties RUN printf "connectionHost=$MONGO_HOST\nconnectionPort=$MONGO_PORT\ndatabaseName=shepherdGames\nconnectTimeout=$MONGO_CONN_TIMEOUT\nsocketTimeout=$MONGO_SOCK_TIMEOUT\nserverSelectionTimeout=$MONGO_SVR_TIMEOUT" >> mongo.properties RUN sed -i 's/keystoreFile="conf\/TLS_KEYSTORE_FILE" keystorePass="TLS_KEYSTORE_PASS" keyAlias="ALIAS">/keystoreFile="conf\/'"$TLS_KEYSTORE_FILE"'" keystorePass="'"$TLS_KEYSTORE_PASS"'" keyAlias="'"$ALIAS"'">/g' serverxml.patch &&\ sed -i 's/redirectPort="HTTPS_PORT" \/>/redirectPort="'"$HTTPS_PORT"'" \/>/g' serverxml.patch @@ -35,7 +35,7 @@ COPY --from=builder /workdir/ROOT.war /usr/local/tomcat/webapps/ COPY --from=builder /workdir/$TLS_KEYSTORE_FILE /usr/local/tomcat/conf/ COPY --from=builder /workdir/serverxml.patch /usr/local/tomcat/conf/ COPY --from=builder /workdir/webxml.patch /usr/local/tomcat/conf/ -COPY --from=builder /workdir/database.properties /usr/local/tomcat/conf/ +# COPY --from=builder /workdir/database.properties /usr/local/tomcat/conf/ COPY --from=builder /workdir/mongo.properties /usr/local/tomcat/conf/ ENV RUN_USER tomcat diff --git a/pom.xml b/pom.xml index 86e577992..3e3087c5c 100644 --- a/pom.xml +++ b/pom.xml @@ -327,7 +327,7 @@ io.fabric8 docker-maven-plugin - 0.40.1 + 0.40.2 start diff --git a/src/main/webapp/css/images/grassTile-elastic.jpg b/src/main/webapp/css/images/grassTile-elastic.jpg new file mode 100644 index 000000000..46988841c Binary files /dev/null and b/src/main/webapp/css/images/grassTile-elastic.jpg differ diff --git a/src/main/webapp/css/images/resized-banner.png b/src/main/webapp/css/images/resized-banner.png new file mode 100644 index 000000000..86afd3df3 Binary files /dev/null and b/src/main/webapp/css/images/resized-banner.png differ diff --git a/src/main/webapp/css/lessonCss/theCss.css b/src/main/webapp/css/lessonCss/theCss.css index bc0c121a7..b665df767 100644 --- a/src/main/webapp/css/lessonCss/theCss.css +++ b/src/main/webapp/css/lessonCss/theCss.css @@ -39,7 +39,7 @@ p, ul, ol { } a { - color: #9B1AC8; + color: #FF957D; word-wrap: break-word; } @@ -49,7 +49,6 @@ b { a:hover { text-decoration: none; - color: #E6B715; } td { @@ -70,7 +69,7 @@ td { #header h1, #header p { margin: 0; - color: #A878EF; + color: #FA744E; } #header h1 { @@ -83,7 +82,7 @@ td { } #header a { - color: #A878EF; + color: #FA744E; text-decoration: none; } @@ -131,7 +130,7 @@ td { .title { margin: 0; padding-bottom: 5px; - border-bottom: 2px solid #A878EF; + border-bottom: 2px solid #FA744E; } #sidebar { @@ -196,4 +195,4 @@ td { word-wrap: break-word; z-index: 1000000; -webkit-font-smoothing: subpixel-antialiased; -} \ No newline at end of file +} diff --git a/src/main/webapp/css/theCss.css b/src/main/webapp/css/theCss.css index 748ce84e0..e3e5f9f8e 100644 --- a/src/main/webapp/css/theCss.css +++ b/src/main/webapp/css/theCss.css @@ -39,12 +39,11 @@ p, ul, ol { } a { - color: #9B1AC8; + color: #FF957D; } a:hover { text-decoration: none; - color: #E6B715; } #wrapper { @@ -54,14 +53,14 @@ a:hover { #header { width: 757px; - height: 240px; + height: 340px; margin: 0 auto; background: url(images/shepherd_and_sheep_v2.png) no-repeat right top; } #header h1, #header p { margin: 0; - color: #A878EF; + color: #FA744E; } #header h1 { @@ -74,7 +73,7 @@ a:hover { } #header a { - color: #A878EF; + color: #FA744E; text-decoration: none; } @@ -116,7 +115,7 @@ a:hover { .title { margin: 0; padding-bottom: 5px; - border-bottom: 2px solid #A878EF; + border-bottom: 2px solid #FA744E; } #sidebar { @@ -196,12 +195,10 @@ a:hover { .menuButton { display: block; - border-bottom: 3px solid #A878EF; - background: #D4D4D4; + background: #0077CC; padding: 5px 5px; border-radius: 5px; - color: black; - font-size: 1.5em; + color: white; text-align: center; text-decoration: none; vertical-align: middle; @@ -209,17 +206,16 @@ a:hover { } .menuButton:hover { - border-top-color: #CC99FF; - background: #BFBFBF; + background: #005A9E; } .menuButton:active { - border-top-color: #8660BF; - background: #8660BF; + border-top-color: #005A9E; + background: #005A9E; } .scoreBar { - background-color: #965BED; + background-color: #FA744E; height: 30px; position: relative; font-size: 25px; @@ -234,7 +230,7 @@ a:hover { } .scoreBar:hover { - background-color: #AC7DF2; + background-color: #F990C6; height: 30px; position: relative; font-size: 25px; @@ -332,9 +328,9 @@ a:hover { .informationBox { display: block; margin 0; - border-color: #A878EF; + border-color: #FA744E; border-style: dashed; - background-color: #D4D4D4; + background-color: #E6EbF2; padding-top: 5px; padding-bottom: 5px; padding-right: 5px; @@ -345,9 +341,9 @@ a:hover { .cheatBox { float: right; margin 0; width: 685px; - border-color: #A878EF; + border-color: #FA744E; border-style: dashed; - background-color: #D4D4D4; + background-color: #E6EBF2; padding-top: 5px; padding-bottom: 5px; padding-right: 5px; @@ -498,4 +494,4 @@ a:hover { width: 100%; margin-top: 0; } -} \ No newline at end of file +} diff --git a/src/main/webapp/index.jsp b/src/main/webapp/index.jsp index f751bc971..6306ee04e 100644 --- a/src/main/webapp/index.jsp +++ b/src/main/webapp/index.jsp @@ -61,7 +61,7 @@ if (request.getSession() != null) -OWASP Security Shepherd +Elastic CTF - Powered by OWASP Security Shepherd @@ -81,8 +80,12 @@ style="margin-right: auto; margin-left: auto; width: 40%; max-width: 320px;">

- + Get Started

+

+ 1) Download and install + Burp Suite +

<% if (ScoreboardStatus.isPublicScoreboard()) { %> @@ -102,17 +105,20 @@ if (LoginMethod.isLogin()) { %>

- + <% if (OpenRegistration.isEnabled()) { %>

- + 2) Register an account on the CTF platform.

<% } %> +

+ 3) Login Below +

@@ -147,36 +153,38 @@ %>

- -
- - - - - - - - - -
-
-
+
+
+

CTF Rules

+
    +
  • With great power comes great responsibility - The levels within the CTF are for + educational purposes only. Do not use the skills and techniques that you learn from this + platform elsewhere without authorization. Always keep it ethical and legal.
    • +
  • Scope - don’t attempt to bypass the platform's mechanisms which include, but not limited to +
      +
    • The login / logout mechanisms
      • +
    • The registration page
      • +
    • The CTF key submission
      • +
    • The scoreboard
      • +
    • The admin console
      • +
    + However, if you stumble across something report it and we'll award points +
    • +
  • Exploiting - automated tools are forbidden where the platform will deduct points for multiple + wrongly submitted result keys
    • +
  • Collaborate - If you're super helpful to your fellow Elasticians and they nominate you there's + bonus points up for grabs
    • +
  • They're out there - post on the #capture-the-flag channel, reach out to a colleague or use + Google to understand a concept, don't just look up the answer
    • +
  • Have fun! - these are fun challenges that range from beginner to advanced difficulty and if + you learn something along the way then that’s a bonus!
    • +
+

+