Fixed posting flags towards the server

2017-04-15 14:01:34 +02:00
parent 6f633a0f78
commit 7ff5503241
7 changed files with 83 additions and 74 deletions
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
@ -32,18 +32,22 @@
            </div>
        </div>

-        <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+        <form class="attack-form form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
            <div class="form-group">
                <div class="input-group">
                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
                                                      style="font-size:20px"></i></div>
-                    <input type="text" class="form-control" id="flagInput1"
+                    <input type="text" class="form-control" id="flag" name="flag"
                           placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
                </div>
+                <div class="input-group" style="margin-top: 10px">
+                    <button type="submit" class="btn btn-primary">Submit flag</button>
+                </div>
            </div>
-            <button type="submit" class="btn btn-primary">Submit flag</button>
+
        </form>

+
        <br/>
        <div class="attack-feedback"></div>
        <div class="attack-output"></div>
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
@ -85,19 +85,20 @@

        </form>
        <br/>
-        <div>
-            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
-                <div class="form-group">
-                    <div class="input-group">
-                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
-                                                          style="font-size:20px"></i></div>
-                        <input type="text" class="form-control" id="flagInpu2"
-                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
-                    </div>
+        <form class="attack-form form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+            <div class="form-group">
+                <div class="input-group">
+                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                      style="font-size:20px"></i></div>
+                    <input type="text" class="form-control" id="flag" name="flag"
+                           placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
                </div>
-                <button type="submit" class="btn btn-primary">Submit flag</button>
-            </form>
-        </div>
+                <div class="input-group" style="margin-top: 10px">
+                    <button type="submit" class="btn btn-primary">Submit flag</button>
+                </div>
+            </div>
+
+        </form>

        <br/>
        <div class="attack-feedback"></div>
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
@ -35,7 +35,7 @@
                <div class="input-group">
                    <input class="form-control" id="commentInput" placeholder="Add a comment" type="text"/>
                    <span class="input-group-addon">
-                                <i id="postComment" class="fa fa-edit"></i>
+                                <i id="postComment" class="fa fa-edit" style="font-size: 20px"></i>
                            </span>
                </div>
                <ul class="comments-list">
@ -45,6 +45,21 @@
            </div>
        </div>

+        <form class="attack-form form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+            <div class="form-group">
+                <div class="input-group">
+                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                      style="font-size:20px"></i></div>
+                    <input type="text" class="form-control" id="flag" name="flag"
+                           placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                </div>
+                <div class="input-group" style="margin-top: 10px">
+                    <button type="submit" class="btn btn-primary">Submit flag</button>
+                </div>
+            </div>
+
+        </form>
+

        <br/>
        <div class="attack-feedback"></div>
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html
@ -85,19 +85,20 @@

        </form>
        <br/>
-        <div>
-            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
-                <div class="form-group">
-                    <div class="input-group">
-                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
-                                                          style="font-size:20px"></i></div>
-                        <input type="text" class="form-control"
-                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
-                    </div>
+        <form class="attack-form form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+            <div class="form-group">
+                <div class="input-group">
+                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                      style="font-size:20px"></i></div>
+                    <input type="text" class="form-control" id="flag" name="flag"
+                           placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
                </div>
-                <button type="submit" class="btn btn-primary">Submit flag</button>
-            </form>
-        </div>
+                <div class="input-group" style="margin-top: 10px">
+                    <button type="submit" class="btn btn-primary">Submit flag</button>
+                </div>
+            </div>
+
+        </form>

        <br/>
        <div class="attack-feedback"></div>
--- a/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
+++ b/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
@ -4,10 +4,15 @@ $(document).ready(function () {
        $.ajax({
            type: 'POST',
            url: 'challenge/3',
-            data: JSON.stringify ({comment: commentInput}),
+            data: JSON.stringify({comment: commentInput}),
            contentType: "application/json",
            dataType: 'json'
-        });
+        }).then(
+            function () {
+                getChallenges();
+                $("#commentInput").val('');
+            }
+        )
    })

    var html = '<li class="comment">' +
@ -23,13 +28,18 @@ $(document).ready(function () {
        '</div>' +
        '</li>';

-    $.get("challenge/3", function (result, status) {
-        for (var i = 0; i < result.length; i++) {
-            var comment = html.replace('USER', result[i].user);
-            comment = comment.replace('DATETIME', result[i].dateTime);
-            comment = comment.replace('COMMENT', result[i].comment);
-            $("#list").append(comment);
-        }
+    getChallenges();

-    });
+    function getChallenges() {
+        $("#list").empty();
+        $.get("challenge/3", function (result, status) {
+            for (var i = 0; i < result.length; i++) {
+                var comment = html.replace('USER', result[i].user);
+                comment = comment.replace('DATETIME', result[i].dateTime);
+                comment = comment.replace('COMMENT', result[i].comment);
+                $("#list").append(comment);
+            }
+
+        });
+    }
 })