Published on May 7th, 2018 📆 | 2859 Views ⚑
0Kurukshetra – A Framework For Teaching Secure Coding By Means Of Interactive Problem Solving
Detailed Tool Documentation:
Installation
Supported Platforms
Kurukshetra has been tested both on Ubuntu/Debian (apt-get based distros) and as well as Mac OS. It should ideally work with any linux based distributions with PHP 7.2, MySQL and Docker (along with remote API enabled) installed.
Prerequisites:
There are a few packages which are necessary before proceeding with the installation:
- Git client:
sudo apt-get install git
- PHP 7.2: Read the instructions on how to install on ubuntu (along with php-curl -
sudo apt-ge install php7.2-curl php7.2-mbstring php7.2-mysql
) - MySQL:
sudo apt-get install mysql-server
- Docker: Read the official installation guide (Also: ubuntu installation)
- Enable Docker API: Read - How do I enable the remote Docker API
- Create a folder
/var/config/
with write permission towww-data
user
[adsense size='1' ]
Installing
Installing is as simple as moving the downloaded files into webroot:
git clone https://github.com/a0xnirudh/kurukshetra.git
cd kurukshetra
cp -r * /var/www/html/
chmod 755 -R /var/www/html
- Move all the files into webroot (which is usually
/var/www/html
):cp -r kurukshetra/* /var/www/html
- Give appropriate permissions for the moved files:
chmod 755 -R /var/www/html/
- Give
challenges/uploads
directory write permissions forwww-data
user (seeuploads/README.md
). - Visit
http://localhost
orhttp://127.0.0.1
to navigate into installation (will auto redirect into /installation/).
- Enter the MySQL DB credentials (user should have the permission to create database) and click on validate to see if the credentials are correct.
- Enter the Google OAuth
Client ID
andClient secret
and make sure the redirect URL is set to the pathhttp://your-domain.com/login/index.php
Configuring Docker
Kurukshetra make uses of Dockers API's for running the user submitted code. A one time configuration is required before we can make use of the docker API's which is as follows:
- Pull the docker image:
docker pull phusion/baseimage:latest
- Goto installation directory:
cd installation/optional/
- Build kurukshetra image from the Dockerfile:
docker build -t kurukshetra .
Alternatively, you can just run python install.py
from within the directory installation/optional
which will go ahead and install Docker (if not installed already) and will configure the Kurukshetra docker image automatically.
[adsense size='1' ]
Roadmap
The following are couple of ideas which we have in mind to do going ahead with Kurukshetra. If you have any ideas/feature requests which is not listed below, feel free to raise an issue in github.
- Support for more languages including but not limited to JAVA, NodeJs and Ruby on Rails.
- Write more challenges along with unittests to cover all the OWASP Top 10 vulnerabilities.
- Gamification of the whole framework by introducing scorebard based on challenge solving points (predefined points are already available for challenges based on difficulties).
Contributors
Awesome people who built this project:
Lead Developers:
Anirudh Anand (@a0xnirudh)
Mohan KK (@MohanKallepalli)
Project Contributors:
Ankur Bhargava (@_AnkurB)
Prajal Kulkarni (@prajalkulkarni)
Gloss