dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Tagging latest Docker build with Travis as well

Browse Source
This commit is contained in:
nbaars 2017-12-30 14:13:34 +01:00
parent 4811a9d563
commit d3ee9431d8
4 changed files with 43 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.MD
View File

@ -1,4 +1,4 @@
# WebGoat: A deliberately insecure Web Application
# WebGoat 8: A deliberately insecure Web Application
[![Build Status](https://travis-ci.org/WebGoat/WebGoat.svg?branch=develop)](https://travis-ci.org/WebGoat/WebGoat)
[![Coverage Status](https://coveralls.io/repos/WebGoat/WebGoat/badge.svg?branch=develop&service=github)](https://coveralls.io/github/WebGoat/WebGoat?branch=master)
@ -6,10 +6,6 @@
[![Dependency Status](https://www.versioneye.com/user/projects/562da95ae346d7000e0369aa/badge.svg?style=flat)](https://www.versioneye.com/user/projects/562da95ae346d7000e0369aa)
[![OWASP Labs](https://img.shields.io/badge/owasp-labs-orange.svg)](https://www.owasp.org/index.php/OWASP_Project_Inventory#tab=Labs_Projects)
# Important
This is the development version of WebGoat 8, if you are looking for a released stable version please go to: https://github.com/WebGoat/WebGoat/wiki/Running-WebGoat
# Introduction
@ -68,6 +64,11 @@ Download the latest WebWolf release from [https://github.com/WebGoat/WebGoat/rel
java -jar webgoat-server-<<version>>.jar
```
By default WebGoat starts at port 8080 in order to change this use the following property:
```Shell
java -jar webgoat-server-<<version>>.jar --server.port=9090
```
## 3. Run from the sources
@ -99,6 +100,7 @@ mvn -pl webgoat-server spring-boot:run
```
... you should be running webgoat on localhost:8080/WebGoat momentarily
To change IP addresss add the following variable to WebGoat/webgoat-container/src/main/resources/application.properties file
```

2
scripts/deploy-webgoat.sh
View File

@ -12,7 +12,7 @@ if [ "${BRANCH}" == "master" ] && [ ! -z "${TRAVIS_TAG}" ]; then
docker push $REPO
elif [ ! -z "${TRAVIS_TAG}" ]; then
# Creating a tag build we push it to Docker with that tag
docker build --build-arg webgoat_version=${TRAVIS_TAG:1} -f Dockerfile -t $REPO:${TRAVIS_TAG} .
docker build --build-arg webgoat_version=${TRAVIS_TAG:1} -f Dockerfile -t $REPO:${TRAVIS_TAG} -t $REPO:latest .
docker push $REPO
elif [ "${BRANCH}" == "develop" ]; then
docker build -f Dockerfile -t $REPO:snapshot .

35
webgoat-images/vagrant-training/Vagrantfile vendored Normal file
View File

@ -0,0 +1,35 @@
# Setup a Linux box headless which will start WebGoat and WebWolf helpful image to give away during training
Vagrant.configure(2) do |config|
config.vm.box = "ubuntu/trusty64"
config.vm.network :forwarded_port, guest: 8080, host: 8080
config.vm.network :forwarded_port, guest: 8081, host: 8081
config.vm.provider "virtualbox" do |vb|
vb.gui = false
vb.memory = "4096"
vb.cpus = 2
vb.name = "WebGoat-Training"
vb.customize ["modifyvm", :id, "--nictype1", "virtio"]
end
config.vm.provider "vmware_fusion" do |vf|
vf.gui = false
vf.vmx["memsize"] = 4096
vf.vmx["numvcpus"] = 2
vf.vmx["displayname"] = "WebGoat-Training"
end
config.vm.provision "shell", inline: <<-SHELL
wget https://github.com/WebGoat/WebGoat/releases/download/v8.0.0.M5/webgoat-server-8.0.0.M6.jar
wget https://github.com/WebGoat/WebGoat/releases/download/v8.0.0.M5/webwolf-8.0.0.M6.jar
sudo add-apt-repository ppa:openjdk-r/ppa
sudo apt-get update
sudo apt-get install openjdk-8-jre -y
SHELL
config.vm.provision "shell", run: "always", privileged: false, inline: <<-SHELL
java -jar webgoat-server-8.0.0.M6.jar &
sleep 40s
java -jar webwolf-8.0.0.M6.jar
SHELL
end

146
webgoat_developer_bootstrap.sh
View File

@ -1,146 +0,0 @@
#!/bin/bash
# Bootstrap the setup of WebGoat for developer use in Linux and Mac machines
# This script will clone the necessary git repositories, call the maven goals
# in the order the are needed and launch tomcat listening on localhost:8080
# Happy hacking !
# Find out what is our terminal size
COLS="$(tput cols)"
if (( COLS <= 0 )) ; then
COLS="${COLUMNS:-80}"
fi
# Colors
ESC_SEQ="\x1b["
COL_RESET=$ESC_SEQ"39;49;00m"
COL_RED=$ESC_SEQ"31;01m"
COL_GREEN=$ESC_SEQ"32;01m"
COL_YELLOW=$ESC_SEQ"33;01m"
COL_BLUE=$ESC_SEQ"34;01m"
COL_MAGENTA=$ESC_SEQ"35;01m"
COL_CYAN=$ESC_SEQ"36;01m"
# Horizontal Rule function
horizontal_rule() {
local WORD
for WORD in "#"
do
hr "$WORD"
done
}
hr() {
local WORD="$1"
if [[ -n "$WORD" ]] ; then
local LINE=''
while (( ${#LINE} < COLS ))
do
LINE="$LINE$WORD"
done
echo -e "${LINE:0:$COLS}"
fi
}
## test if command exists
ftest() {
echo -e "$COL_CYAN info: Checking if ${1} is installed $COL_RESET"
if ! type "${1}" > /dev/null 2>&1; then
return 1
else
return 0
fi
}
## feature tests
features() {
for f in "${@}"; do
ftest "${f}" || {
echo -e >&2 "***$COL_RED ERROR: Missing \`${f}'! Make sure it exists and try again. $COL_RESET"
return 1
}
done
return 0
}
tomcat_started () {
STAT=`netstat -na | grep 8080 | awk '{print $6}'`
if [ "$STAT" = "LISTEN" ]; then
echo -e "$COL_GREEN WebGoat has started successfully! Browse to the following address. $COL_RESET"
echo -e "$COL_CYAN Happy Hacking! $COL_RESET"
return 0
elif [ "$STAT" = "" ]; then
echo -e "$COL_RED WebGoat failed to start up.... please wait run the following command for debugging : $COL_RESET"
echo -e "$COL_MAGENTA mvn -q -file WebGoat/pom.xml -pl webgoat-container tomcat7:run-war"
fi
return 1
}
## main setup
developer_bootstrap() {
horizontal_rule
echo -e "$COL_RED
██╗ ██╗███████╗██████╗ ██████╗ ██████╗ █████╗ ████████╗
██║ ██║██╔════╝██╔══██╗██╔════╝ ██╔═══██╗██╔══██╗╚══██╔══╝
██║ █╗ ██║█████╗ ██████╔╝██║ ███╗██║ ██║███████║ ██║
██║███╗██║██╔══╝ ██╔══██╗██║ ██║██║ ██║██╔══██║ ██║
╚███╔███╔╝███████╗██████╔╝╚██████╔╝╚██████╔╝██║ ██║ ██║
╚══╝╚══╝ ╚══════╝╚═════╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝
$COL_RESET"
horizontal_rule
echo -e "Welcome to the WebGoat Developer Bootstrap script for Linux/Mac."
echo -e "Now checking if all the required software to run WebGoat is already installed."
echo -e "FYI: This Developer Bootstrap Script for WebGoat requires: Git, Java JDK and Maven accessible on the path"
## test for require features
features git mvn java || return $?
# Clone WebGoat from github
if [ ! -d "WebGoat" ]; then
echo -e "Cloning the WebGoat container repository"
git clone https://github.com/WebGoat/WebGoat.git
else
horizontal_rule
(
echo -e "$COL_YELLOW The WebGoat container repo has already been clonned before, pulling upstream changes. $COL_RESET"
cd WebGoat || {
echo -e >&2 "$COL_RED *** ERROR: Could not cd into the WebGoat Directory. $COL_RESET"
return 1
}
git pull origin develop
)
fi
# Start the embedded Tomcat server
echo -e "$COL_MAGENTA"
horizontal_rule
horizontal_rule
horizontal_rule
horizontal_rule
echo "$COL_MAGENTA"
echo "$COL_CYAN ***** Starting WebGoat using the embedded Tomcat ***** $COL_RESET"
echo " Please be patient.... The startup of the server takes about 5 seconds..."
echo " WebGoat will be ready for you when you see the following message on the command prompt:"
echo "$COL_YELLOW INFO: Starting ProtocolHandler ["http-bio-8080"] $COL_RESET"
echo "$COL_CYAN When you see the message above, open a web browser and navigate to http://localhost:8080/WebGoat/ $COL_RESET"
echo " To stop the WebGoat and Tomcat Execution execution, press CTRL + C"
echo "$COL_RED If you close this terminal window, Tomcat and WebGoat will stop running $COL_RESET"
echo "$COL_MAGENTA"
horizontal_rule
horizontal_rule
horizontal_rule
horizontal_rule
echo -e "$COL_RESET"
sleep 5
# Starting WebGoat
mvn -q -pl webgoat-server spring-boot:run
}
# Start main script
developer_bootstrap