dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix green buttons

Browse Source
This commit is contained in:
René Zubcevic 2020-04-22 09:54:30 +02:00 committed by Nanne Baars
parent 6f532683a1
commit 58bc94d1f6
4 changed files with 62 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java
View File

@ -78,6 +78,17 @@ public class GeneralLessonTest extends IntegrationTest {
checkResults("/VulnerableComponents/"); checkResults("/VulnerableComponents/");
} }
@Test
public void insecureLogin() {
startLesson("InsecureLogin");
Map<String, Object> params = new HashMap<>();
params.clear();
params.put("username", "CaptainJack");
params.put("password", "BlackPearl");
checkAssignment(url("/WebGoat/InsecureLogin/task"), params, true);
checkResults("/InsecureLogin/");
}
@Test @Test
public void securePasswords() { public void securePasswords() {
startLesson("SecurePasswords"); startLesson("SecurePasswords");

12
webgoat-lessons/insecure-login/src/main/resources/html/InsecureLogin.html
View File

@ -14,16 +14,12 @@
<div class="adoc-content" th:replace="doc:InsecureLogin_Task.adoc"></div> <div class="adoc-content" th:replace="doc:InsecureLogin_Task.adoc"></div>
<div class="attack-container"> <div class="attack-container">
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div> <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
<script th:src="@{/lesson_js/credentials.js}" <script th:src="@{/lesson_js/credentials.js}"></script>
language="JavaScript"></script>
<form class="attack-form" accept-charset="UNKNOWN" name="task" <form class="attack-form" accept-charset="UNKNOWN" name="task"
method="POST" method="POST"
action="#attack/307/100"> action="/WebGoat/InsecureLogin/task">
<!---
<input type="hidden" value="" name="username" id="SecretUsername"/> <button onclick="javascript:submit_secret_credentials();return false;">Log in</button>
<input type="hidden" value="" name="password" id="SecretPassword"/>
<input type="button" value="Log in" onpress="submit_secret_credentials()"/>-->
<button onclick="submit_secret_credentials()">Log in</button>
</form> </form>
<br></br> <br></br>

51
webgoat-lessons/password-reset/src/main/resources/html/PasswordReset.html
View File

@ -19,6 +19,32 @@
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
method="POST"
action="/WebGoat/PasswordReset/simple-mail/reset">
<div style="display: none;" id="password-reset-2">
<h4 class="">Forgot your password?</h4>
<fieldset>
<span class="help-block">Please type your e-mail address</span>
<div class="form-group input-group">
<span class="input-group-addon">@</span>
<input class="form-control" placeholder="test1233@webgoat.org" name="emailReset"
type="email"/>
</div>
<button type="submit" class="btn btn-primary btn-block" id="btn-olvidado">Continue
</button>
<p class="help-block">
<a class="text-muted" href="#" id="acceso" onclick="showPassword()">
<small>Account Access</small>
</a>
</p>
</fieldset>
</div>
</form>
<form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate" <form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
method="POST" method="POST"
action="/WebGoat/PasswordReset/simple-mail"> action="/WebGoat/PasswordReset/simple-mail">
@ -52,31 +78,6 @@
</div> </div>
</form> </form>
<form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
method="POST"
action="/WebGoat/PasswordReset/simple-mail/reset">
<div style="display: none;" id="password-reset-2">
<h4 class="">Forgot your password?</h4>
<fieldset>
<span class="help-block">Please type your e-mail address</span>
<div class="form-group input-group">
<span class="input-group-addon">@</span>
<input class="form-control" placeholder="test1233@webgoat.org" name="emailReset"
type="email"/>
</div>
<button type="submit" class="btn btn-primary btn-block" id="btn-olvidado">Continue
</button>
<p class="help-block">
<a class="text-muted" href="#" id="acceso" onclick="showPassword()">
<small>Account Access</small>
</a>
</p>
</fieldset>
</div>
</form>
</div> </div>
</div> </div>
</div> </div>

41
webgoat-lessons/webwolf-introduction/src/main/resources/html/WebWolfIntroduction.html
View File

@ -14,26 +14,7 @@
<div class="attack-container"> <div class="attack-container">
<img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/> <img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div> <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
<form class="attack-form" accept-charset="UNKNOWN"
method="POST" name="form"
action="/WebGoat/WebWolf/mail/">
<div class="container-fluid">
<div class="row">
<div class="col-md-4">
<div class="input-group">
<input type="text" class="form-control"
placeholder="Type in your unique code"
name='uniqueCode'/>
<div class="input-group-btn">
<button class="btn btn-primary" type="submit">Go</button>
</div>
</div>
</div>
</div>
</div>
</form>
<br/>
<br/>
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div> <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
<form class="attack-form" accept-charset="UNKNOWN" <form class="attack-form" accept-charset="UNKNOWN"
method="POST" name="form" method="POST" name="form"
@ -57,6 +38,26 @@
</form> </form>
<br/> <br/>
<br/> <br/>
<form class="attack-form" accept-charset="UNKNOWN"
method="POST" name="form"
action="/WebGoat/WebWolf/mail/">
<div class="container-fluid">
<div class="row">
<div class="col-md-4">
<div class="input-group">
<input type="text" class="form-control"
placeholder="Type in your unique code"
name='uniqueCode'/>
<div class="input-group-btn">
<button class="btn btn-primary" type="submit">Go</button>
</div>
</div>
</div>
</div>
</div>
</form>
<br/>
<br/>
<div class="attack-feedback"></div> <div class="attack-feedback"></div>
<div class="attack-output"></div> <div class="attack-output"></div>