Fix layout assignment 2

2021-11-02 14:01:17 +01:00 · 2021-11-02 14:01:17 +01:00 · 2bd6b36210
commit 2bd6b36210
parent bcaf4485c2
5 changed files with 70 additions and 97 deletions
--- a/webgoat-lessons/missing-function-ac/src/main/java/org/owasp/webgoat/missing_ac/MissingFunctionACHiddenMenus.java
+++ b/webgoat-lessons/missing-function-ac/src/main/java/org/owasp/webgoat/missing_ac/MissingFunctionACHiddenMenus.java
@ -45,7 +45,6 @@ public class MissingFunctionACHiddenMenus extends AssignmentEndpoint {
    @PostMapping(path = "/access-control/hidden-menu", produces = {"application/json"})
    @ResponseBody
    public AttackResult completed(String hiddenMenu1, String hiddenMenu2) {
-        //overly simple example for success. See other existing lesssons for ways to detect 'success' or 'failure'
        if (hiddenMenu1.equals("Users") && hiddenMenu2.equals("Config")) {
            return success(this)
                    .output("")
--- a/webgoat-lessons/missing-function-ac/src/main/resources/css/ac.css
+++ b/webgoat-lessons/missing-function-ac/src/main/resources/css/ac.css
@ -1,30 +0,0 @@
-.hidden-menu-item {
-    display:none;
-    visibility:hidden;
-}
-
-#ac-menu li {
-    list-style-type: none;
-    background-color: #aaa;
-    width: auto;
-    max-width: 20%;
-}
-
-#ac-menu li:hover {
-    color: white;
-    background-color: #333;
-}
-
-#ac-menu div {
-    margin-bottom: -60px;
-    margin-top: -10px;
-}
-
-#ac-menu h3 {
-    color:white;
-    background-color:#666;
-}
-
-#ac-menu-wrapper {
-    border-bottom: 2px solid #444;
-}
--- a/webgoat-lessons/missing-function-ac/src/main/resources/html/MissingFunctionAC.html
+++ b/webgoat-lessons/missing-function-ac/src/main/resources/html/MissingFunctionAC.html
@ -1,82 +1,92 @@
 <html xmlns:th="http://www.thymeleaf.org">

-    <div class="lesson-page-wrapper">
-        <div class="adoc-content" th:replace="doc:missing-function-ac-01-intro.adoc"></div>
-    </div>
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:missing-function-ac-01-intro.adoc"></div>
+</div>

-    <div class="lesson-page-wrapper">
-        <div class="adoc-content" th:replace="doc:missing-function-ac-02-client-controls.adoc"></div>
-        <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/ac.css}"/>
-        <script th:src="@{/lesson_js/missing-function-ac.js}" > </script>
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:missing-function-ac-02-client-controls.adoc"></div>

-        <div class="attack-container">
-            <div id="ac-menu-wrapper">
-                <div id="ac-menu">
-                    <h3 class="menu-header">Account</h3>
-                    <div class="menu-section">
-                        <ul>
-                            <li>My Profile</li>
-                            <li>Privacy/Security</li>
-                            <li>Log Out</li>
-                        </ul>
-                    </div>
-                    <h3 class="menu-header">Messages</h3>
-                        <div class="menu-section">
-                            <ul>
-                                <li>Unread Messages (3)</li>
-                                <li>Compose Message</li>
+    <div class="attack-container">
+        <nav class="navbar navbar-default">
+            <div class="container-fluid">
+
+                <div class="navbar-header">
+                    <a class="navbar-brand" href="#">WebGoat</a>
+                </div>
+
+                <div class="collapse navbar-collapse" id="alignment-example">
+
+                    <!-- Links -->
+                    <ul class="nav navbar-nav">
+                        <li class="dropdown">
+                            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Account<span class="caret"></span></a>
+                            <ul class="dropdown-menu" aria-labelledby="about-us">
+                                <li><a href="#">My Profile</a></li>
+                                <li><a href="#">Privacy/Security</a></li>
+                                <li><a href="#">Log Out</a></li>
                            </ul>
-                        </div>
-                    <h3 class="hidden-menu-item menu-header">Admin</h3>
-                        <div class="menu-section hidden-menu-item">
-                            <ul>
+                        </li>
+                        <li class="dropdown">
+                            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Messages<span class="caret"></span></a>
+                            <ul class="dropdown-menu" aria-labelledby="messages">
+                                <li><a href="#">Unread Messages (3)</a></li>
+                                <li><a href="#">Compose Message</a></li>
+                            </ul>
+                        </li>
+                        <li class="hidden-menu-item dropdown">
+                            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Admin<span class="caret"></span></a>
+                            <ul class="dropdown-menu" aria-labelledby="admin">
                                <li><a href="/users">Users</a></li>
                                <li><a href="/config">Config</a></li>
                            </ul>
-                        </div>
+                        </li>
+                    </ul>
                </div>
+
            </div>
+        </nav>

+        <br/>
+
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <form class="attack-form" accept-charset="UNKNOWN"
+              method="POST" name="form"
+              action="/WebGoat/access-control/hidden-menu">
+
+            <p>Hidden item 1 <input name="hiddenMenu1" value="" type="TEXT"/></p>
+            <p>Hidden item 2 <input name="hiddenMenu2" value="" type="TEXT"/></p>
            <br/>
+            <input name="submit" value="Submit" type="SUBMIT"/>

-            <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-            <form class="attack-form" accept-charset="UNKNOWN"
-                  method="POST" name="form"
-                  action="/WebGoat/access-control/hidden-menu">
-
-                <p>Hidden Item 1 <input name="hiddenMenu1" value="" type="TEXT" /></p>
-                <p>Hidden Item 2 <input name="hiddenMenu2" value="" type="TEXT" /></p>
-                <br/>
-                <input name="submit" value="Submit" type="SUBMIT"/>
-
-            </form>
-
-            <div class="attack-feedback"></div>
-            <div class="attack-output"></div>
-        </div>
+        </form>

+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
    </div>

-    <div class="lesson-page-wrapper">
+</div>

-        <div class="adoc-content" th:replace="doc:missing-function-ac-03-users.adoc"></div>
+<div class="lesson-page-wrapper">

-        <div class="attack-container">
-            <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-            <form class="attack-form" accept-charset="UNKNOWN"
-                  method="POST" name="form"
-                  action="/WebGoat/access-control/user-hash">
+    <div class="adoc-content" th:replace="doc:missing-function-ac-03-users.adoc"></div>

-                <p>Your Hash: <input name="userHash" value="" type="TEXT" /></p>
-                <br/>
-                <input name="submit" value="Submit" type="SUBMIT"/>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <form class="attack-form" accept-charset="UNKNOWN"
+              method="POST" name="form"
+              action="/WebGoat/access-control/user-hash">

-            </form>
+            <p>Your Hash: <input name="userHash" value="" type="TEXT"/></p>
+            <br/>
+            <input name="submit" value="Submit" type="SUBMIT"/>

-            <div class="attack-feedback"></div>
-            <div class="attack-output"></div>
-        </div>
+        </form>

+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
    </div>

+</div>
+
 </html>
--- a/webgoat-lessons/missing-function-ac/src/main/resources/js/missing-function-ac.js
+++ b/webgoat-lessons/missing-function-ac/src/main/resources/js/missing-function-ac.js
@ -1,6 +0,0 @@
-webgoat.customjs.accessControlMenu = function() {
-    //webgoat.customjs.jquery('#ac-menu-ul').menu();
-    webgoat.customjs.jquery('#ac-menu').accordion();
-}
-
-webgoat.customjs.accessControlMenu();
--- a/webgoat-lessons/missing-function-ac/src/main/resources/lessonPlans/en/missing-function-ac-02-client-controls.adoc
+++ b/webgoat-lessons/missing-function-ac/src/main/resources/lessonPlans/en/missing-function-ac-02-client-controls.adoc
@ -1,9 +1,9 @@
-== Relying on Obscurity
+== Relying on obscurity

 One could rely on HTML, CSS, or javascript to hide links that users don't normally access.
 In the past, a network router tried to protect (hide) admin functionality with javascript in the UI: https://www.wired.com/2009/10/routers-still-vulnerable.

-=== Finding Hidden Items
+=== Finding hidden items

 There are usually hints to finding functionality the UI does not openly expose in:

@ -11,6 +11,6 @@ There are usually hints to finding functionality the UI does not openly expose i
 * Commented out elements
 * Items hidden via CSS controls/classes

-=== Your Mission
+=== Your mission

 Find two invisible menu items in the menu below that are or would be of interest to an attacker/malicious user and submit the labels for those menu items (there are no links right now in the menus).