dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Added new challenges

Browse Source 
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
This commit is contained in:
Nanne Baars
2017-08-13 11:22:52 +02:00
parent 56f19caed6
commit 46c536554c
104 changed files with 4199 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
webwolf/src/main/resources/application.properties Normal file
View File

@ -0,0 +1,41 @@
server.error.include-stacktrace=always
server.error.path=/error.html
server.session.timeout=600
#server.contextPath=/WebWolf
server.port=8081
server.session.cookie.name = WEBWOLFSESSION
logging.level.org.springframework=INFO
logging.level.org.springframework.boot.devtools=WARN
logging.level.org.owasp=DEBUG
logging.level.org.owasp.webwolf=TRACE
logging.level.org.apache.activemq=WARN
endpoints.trace.sensitive=false
management.trace.include=REQUEST_HEADERS,RESPONSE_HEADERS,COOKIES,ERRORS,TIME_TAKEN,PARAMETERS,QUERY_STRING
endpoints.trace.enabled=true
spring.resources.cache-period=0
spring.thymeleaf.cache=false
multipart.enabled=true
multipart.file-size-threshold=0 #
multipart.location=${java.io.tmpdir}
multipart.max-file-size=1Mb
multipart.max-request-size=1Mb
webwolf.fileserver.location=${java.io.tmpdir}/webwolf-fileserver
spring.data.mongodb.port=27017
spring.data.mongodb.database=webgoat
spring.jackson.serialization.indent_output=true
spring.jackson.serialization.write-dates-as-timestamps=false
spring.activemq.broker-url=tcp://localhost:61616
spring.activemq.in-memory=true
#For static file refresh ... and faster dev :D
spring.devtools.restart.additional-paths=webwolf/src/main/resources/static/

87
webwolf/src/main/resources/static/css/main.css Normal file
View File

@ -0,0 +1,87 @@
footer {
margin-top: 200px;
}
.thead-inverse th {
color: #fff;
background-color: #373a3c;
}
.left15 {
margin-left: 15px;
}
.top5 {
margin-top: 5px;
}
.top7 {
margin-top: 7px;
}
.top10 {
margin-top: 10px;
}
.top15 {
margin-top: 15px;
}
.top17 {
margin-top: 17px;
}
.top30 {
margin-top: 30px;
}
.bottom10 {
margin-bottom: 10px;
}
#accordion .panel-heading {
padding: 0;
}
#accordion .panel-title > a {
display: block;
padding: 0.4em 0.6em;
outline: none;
font-weight: bold;
text-decoration: none;
}
#accordion .panel-title > a.accordion-toggle::before, #accordion a[data-toggle="collapse"]::before {
content: "\e113";
float: left;
font-family: 'Glyphicons Halflings';
margin-right: 1em;
}
#accordion .panel-title > a.accordion-toggle.collapsed::before, #accordion a.collapsed[data-toggle="collapse"]::before {
content: "\e114";
}
textarea {
height: 250px;
overflow: auto;
width: 100%;
padding: 1%;
border: none;
}
/*Mailbox*/
.nav-tabs .glyphicon:not(.no-margin) { margin-right:10px; }
.tab-pane .list-group-item:first-child {border-top-right-radius: 0px;border-top-left-radius: 0px;}
.tab-pane .list-group-item:last-child {border-bottom-right-radius: 0px;border-bottom-left-radius: 0px;}
.tab-pane .list-group .checkbox { display: inline-block;margin: 0px; }
.tab-pane .list-group input[type="checkbox"]{ margin-top: 2px; }
.tab-pane .list-group .glyphicon { margin-right:5px; }
.tab-pane .list-group .glyphicon:hover { color:#FFBC00; }
a.list-group-item.read { color: #222;background-color: #F3F3F3; }
hr { margin-top: 5px;margin-bottom: 10px; }
.nav-pills>li>a {padding: 5px 10px;}

BIN
webwolf/src/main/resources/static/images/wolf.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

80
webwolf/src/main/resources/static/images/wolf.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 9.7 KiB

15
webwolf/src/main/resources/static/js/fileUpload.js Normal file
View File

@ -0,0 +1,15 @@
$(document).ready(function() {
window.setTimeout(function () {
$(".fileUploadAlert").fadeTo(500, 0).slideUp(500, function () {
$(this).hide();
});
}, 4000);
});
$(document).on('click','.fa-files-o',function(){
var link = $('#fileLink').attr("href");
console.log("testing" + document.protocol + "//" + (document.hostname || document.pathname + link));
document.execCommand('copy');
});

10
webwolf/src/main/resources/static/js/mail.js Normal file
View File

@ -0,0 +1,10 @@
$(document).ready(function () {
$('.showMail').click(function (e) {
e.preventDefault();
$(this).parent().find('.contents').toggle()
});
});
function refreshEmails() {
location.reload();
}

72
webwolf/src/main/resources/templates/files.html Normal file
View File

@ -0,0 +1,72 @@
<!DOCTYPE HTML>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<div th:replace="fragments/header :: header-css"/>
</head>
<body>
<div th:replace="fragments/header :: header"/>
<script type="text/javascript" th:src="@{/js/fileUpload.js}"></script>
<div class="container">
<div class="alert alert-info fade in">
<a href="#" class="close" data-dismiss="alert">&times;</a>
<p>
Upload a file which you need to host as an attacker.
</p>
<p>
Each file will be available under the following url:
http://localhost:8081/files/{username}/{filename}.
</p>
<p>
You can copy and paste the location from the table below.
</p>
</div>
<div class="panel panel-default">
<div class="panel-heading"><strong>Upload a file</strong>
<small></small>
</div>
<div class="panel-body">
<!-- Standar Form -->
<form th:action="@{/WebWolf/fileupload}" method="post" enctype="multipart/form-data">
<div class="form-inline">
<div class="form-group">
<input type="file" name="file"/>
</div>
<button type="submit" class="btn btn-md btn-primary">Upload files</button>
</div>
</form>
<div class="fileUploadAlert alert-success top10" role="alert">
<span th:text="${uploadSuccess}"></span>
</div>
</div>
</div>
<table class="table">
<thead class="thead-inverse">
<tr>
<th>Filename</th>
<th>Size</th>
<th>Link</th>
</tr>
</thead>
<tbody>
<tr th:each="f : ${files}">
<td th:text="${f.name}">filename</td>
<td th:text="${f.size}">size</td>
<td><a th:id="fileLink" th:href="@{'/' + ${f.link}}">link</a>
<span class="fa fa-files-o" title="Click to copy to clipboard"></span>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>

19
webwolf/src/main/resources/templates/fragments/footer.html Normal file
View File

@ -0,0 +1,19 @@
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org">
<head>
</head>
<body>
<div th:fragment="footer">
<div class="container">
<footer>
© 2017 WebGoat - Use WebWolf at your own risk
<script type="text/javascript"
src="webjars/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</footer>
</div>
</div>
</body>
</html>

51
webwolf/src/main/resources/templates/fragments/header.html Normal file
View File

@ -0,0 +1,51 @@
<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<title>WebWolf</title>
<div th:fragment="header-css">
<link rel="stylesheet" type="text/css"
href="/webjars/bootstrap/3.3.7/css/bootstrap.min.css"/>
<!--<link href="https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css" rel="stylesheet"/>-->
<link rel="stylesheet" th:href="@{/css/main.css}"/>
<script src="/webjars/jquery/3.2.1/jquery.min.js"></script>
<script src="/webjars/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</div>
</head>
<body>
<div th:fragment="header">
<nav class="navbar navbar-inverse">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand" th:href="@{/WebWolf/home}">WebWolf</a>
</div>
<ul class="nav navbar-nav">
<li class="active"><a th:href="@{/WebWolf/home}">Home</a></li>
</ul>
<ul class="nav navbar-nav">
<li><a th:href="@{/WebWolf/files}">Files</a></li>
</ul>
<ul class="nav navbar-nav">
<li><a th:href="@{/WebWolf/mail}">Mailbox</a></li>
</ul>
<ul class="nav navbar-nav">
<li><a th:href="@{/WebWolf/requests}">Incoming requests</a></li>
</ul>
<ul class="nav navbar-nav navbar-right">
<li><a href="#">
<span sec:authorize="isAuthenticated()">
<span class="glyphicon glyphicon-user"></span>
<span th:text="${#authentication.name}"></span></span></a>
</li>
<li><a th:href="@{/logout}">
<span sec:authorize="isAuthenticated()">
Sign out</span></a>
</li>
</ul>
</div>
</nav>
</div>
</body>
</html>

37
webwolf/src/main/resources/templates/home.html Normal file
View File

@ -0,0 +1,37 @@
<!DOCTYPE HTML>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<div th:replace="fragments/header :: header-css"/>
</head>
<body>
<div th:replace="fragments/header :: header"/>
<div class="container">
<div class="media">
<span class="media-left">
<img th:src="@{/images/wolf.png}" class="img-fluid"></img>
</span>
<div class="media-body">
<h1 class="media-heading">WebWolf</h1>
<br/>
<p>
Some challenges requires to have a local web server running. WebWolf is for you the attacker it
helps you while solving some of the assignments and challenges within
WebGoat. An assignment might for example require you to serve a file or connect back to your own
environment or to receive an e-mail.
In order to not let you run WebGoat open and connected to the internet we provided these tools in this
application, called WebWolf.
</p>
</div>
</div>
</div>
<!-- /.container -->
<div th:replace="fragments/footer :: footer"/>
</body>
</html>

58
webwolf/src/main/resources/templates/login.html Normal file
View File

@ -0,0 +1,58 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
>
<head>
<title>WebWolf</title>
<div th:replace="fragments/header :: header-css"/>
</head>
<body>
<div th:replace="fragments/header :: header"/>
<div class="container">
<div class="row" style="margin-top:20px">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3" th:style="'background:url(' + @{/images/wolf.png} + ') no-repeat right;'">
<form th:action="@{/login}" method="post">
<fieldset>
<h2>Sign in</h2>
Use your WebGoat account.
<br/>
<div th:if="${param.error}">
<div class="alert alert-danger">
Invalid username or password.
</div>
</div>
<div th:if="${param.logout}">
<div class="alert alert-info">
You have been logged out.
</div>
</div>
<div class="form-group">
<input type="text" name="username" id="username" class="form-control input-lg"
placeholder="UserName" required="true" autofocus="true"/>
</div>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg"
placeholder="Password" required="true"/>
</div>
<div class="row">
<div class="col-xs-6 col-sm-6 col-md-6">
<input type="submit" class="btn btn-lg btn-primary btn-block" value="Sign In"/>
</div>
<div class="col-xs-6 col-sm-6 col-md-6">
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
<div th:replace="fragments/footer :: footer"/>
</body>
</html>

150
webwolf/src/main/resources/templates/mailbox.html Normal file
View File

@ -0,0 +1,150 @@
<!DOCTYPE HTML>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<title>WebWolf</title>
<div th:replace="fragments/header :: header-css"/>
</head>
<body>
<div th:replace="fragments/header :: header"/>
<script type="text/javascript" th:src="@{/js/mail.js}"></script>
<div class="container">
<div class="alert alert-info fade in">
<a href="#" class="close" data-dismiss="alert">&times;</a>
<p>
The mailbox of you as an attacker, all the mail send to {user}@{random} will be send to this mailbox.
</p>
<p>
Only the user part is important the domain can be anything
</p>
</div>
<div class="panel panel-default">
<div class="panel-body">
<div class="row">
<div class="col-sm-3 col-md-2">
<div class="btn-group">
<button type="button" class="btn btn-primary dropdown-toggle" data-toggle="dropdown">
Mail <span class="caret"></span>
</button>
<ul class="dropdown-menu" role="menu">
<li><a href="#">Mail</a></li>
<li><a href="#">Contacts</a></li>
<li><a href="#">Tasks</a></li>
</ul>
</div>
</div>
<div class="col-sm-9 col-md-10">
<button type="button" class="btn btn-default" data-toggle="tooltip" title="Refresh" onclick="refreshEmails()">
   <span class="glyphicon glyphicon-refresh"></span>   
</button>
<!-- Single button -->
<div class="btn-group">
<button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
More <span class="caret"></span>
</button>
<ul class="dropdown-menu" role="menu">
<li><a href="#">Mark all as read</a></li>
<li class="divider"></li>
<li class="text-center">
<small class="text-muted">Select messages to see more actions</small>
</li>
</ul>
</div>
<div class="pull-right">
<span class="text-muted"><b>1</b><b><span th:text="${total}"> 50</span> </b> of <b><span th:utext="${total}"></span></b></span>
<div class="btn-group btn-group-sm">
<button type="button" class="btn btn-default">
<span class="glyphicon glyphicon-chevron-left"></span>
</button>
<button type="button" class="btn btn-default">
<span class="glyphicon glyphicon-chevron-right"></span>
</button>
</div>
</div>
</div>
</div>
<hr/>
<div class="row">
<div class="col-sm-3 col-md-2">
<a href="#" class="btn btn-danger btn-sm btn-block" role="button">COMPOSE</a>
<hr/>
<ul class="nav nav-pills nav-stacked">
<li class="active"><a href="#"><span class="badge pull-right" th:utext="${total}">42</span>
Inbox </a>
</li>
</ul>
</div>
<div class="col-sm-9 col-md-10">
<!-- Nav tabs -->
<ul class="nav nav-tabs">
<li class="active"><a href="#home" data-toggle="tab"><span class="glyphicon glyphicon-inbox">
</span>Primary</a></li>
<li><a href="#profile" data-toggle="tab"><span class="glyphicon glyphicon-user"></span>
Social</a></li>
<li><a href="#messages" data-toggle="tab"><span class="glyphicon glyphicon-tags"></span>
Promotions</a></li>
<li><a href="#settings" data-toggle="tab"><span class="glyphicon glyphicon-plus no-margin">
</span></a></li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div class="tab-pane fade in active" id="home">
<span th:each="mail : ${emails}" class="list-group">
<a href="#" class="showMail list-group-item">
<span class="glyphicon glyphicon-star-empty"></span>
<span class="name"
style="min-width: 120px; display: inline-block;"
th:text="${mail.shortSender}">WebGoat</span>
<span class="" th:text="${mail.title}">Title</span>
<span class="text-muted" style="font-size: 11px;" th:text="${mail.summary}">- summary</span>
<span class="badge" th:text="${mail.time}">12:10 AM</span>
<span class="pull-right">
<span class="glyphicon glyphicon-paperclip"></span>
</span>
</a>
<!---->
<div class="left15 contents panel panel-default top10" style="display:none" >
<div class="panel-heading" >
<b><span th:text="${mail.title}"></span></b>
<b><span class="pull-right" th:text="${mail.sender}"></span></b>
</div>
<div class="panel-body">
<pre th:utext="${mail.contents}"/>
</div>
</div>
</span>
</div>
<div class="tab-pane fade in" id="profile">
<div class="list-group">
<div class="list-group-item">
<span class="text-center">This tab is empty.</span>
</div>
</div>
</div>
<div class="tab-pane fade in" id="messages">
<div class="list-group-item">
<span class="text-center">Why the name "WebGoat"? Developers should not feel bad about not knowing security. Even the best programmers make security errors. What they need is a scapegoat, right? Just blame it on the 'Goat!</span>
</div>
</div>
<div class="tab-pane fade in" id="settings">
This tab is empty.
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>

56
webwolf/src/main/resources/templates/requests.html Normal file
View File

@ -0,0 +1,56 @@
<!DOCTYPE HTML>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<div th:replace="fragments/header :: header-css"/>
</head>
<body>
<div th:replace="fragments/header :: header"/>
<script type="text/javascript" th:src="@{js/fileUpload.js}"></script>
<div class="container">
<div class="alert alert-info fade in">
<a href="#" class="close" data-dismiss="alert">&times;</a>
<p>
Challenges in which you need to call your hacker machine WebWolf offers a simple httpd
server functionality which only logs the incoming request. You can use the following URL:
http://localhost:8081/ and the incoming request will be available below.
</p>
<p>
This is by no means a substitution of httpd but it offers enough functionality to callback to a safe
environment and does not require you to host your own httpd server on your local machine.
</p>
</div>
<h3>Requests</h3>
<div th:each="trace,iter : ${traces}" class="panel-group" id="accordion" role="tablist" aria-multiselectable="true">
<div class="panel panel-default">
<div class="panel-heading" role="tab" th:id="'heading' + ${iter.index}">
<h4 class="panel-title">
<a class="collapsed" role="button" data-toggle="collapse" data-parent="#accordion"
th:href="'#collapse' + ${iter.index}" aria-expanded="false" th:aria-controls="'collapse' + ${iter.index}">
<span th:utext="${trace.date}"/> | <span th:utext="${trace.path}"/>
</a>
</h4>
</div>
<div th:id="'collapse' + ${iter.index}" class="panel-collapse collapse" role="tabpanel"
th:aria-labelledby="'heading' + ${iter.index}">
<div class="panel-body">
<div>
<pre th:utext="${trace.json}"/>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>