dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ch1 less default (#814)

Browse Source 
* random pincode in challenge1

* unit test fix
This commit is contained in:
René Zubcevic
2020-05-12 08:49:48 +02:00
committed by GitHub
parent f520c3589c
commit c4a046bd12
6 changed files with 66 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge1/Assignment1.java
View File

@ -46,7 +46,7 @@ public class Assignment1 extends AssignmentEndpoint {
@ResponseBody
public AttackResult completed(@RequestParam String username, @RequestParam String password, HttpServletRequest request) {
boolean ipAddressKnown = true;
boolean passwordCorrect = "admin".equals(username) && PASSWORD.equals(password);
boolean passwordCorrect = "admin".equals(username) && PASSWORD.replace("1234", String.format("%04d",ImageServlet.PINCODE)).equals(password);
if (passwordCorrect && ipAddressKnown) {
return success(this).feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(1)).build();
} else if (passwordCorrect) {

44
webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/challenge1/ImageServlet.java Normal file
View File

@ -0,0 +1,44 @@
package org.owasp.webgoat.challenges.challenge1;
import java.io.IOException;
import java.security.SecureRandom;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.core.io.ClassPathResource;
import org.springframework.http.MediaType;
import org.springframework.util.FileCopyUtils;
@WebServlet(name = "ImageServlet", urlPatterns = "/challenge/logo")
public class ImageServlet extends HttpServlet {
private static final long serialVersionUID = 9132775506936676850L;
static final public int PINCODE = new SecureRandom().nextInt(10000);
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
byte[] in = new ClassPathResource("images/webgoat2.png").getInputStream().readAllBytes();
String pincode = String.format("%04d", PINCODE);
in[81216]=(byte) pincode.charAt(0);
in[81217]=(byte) pincode.charAt(1);
in[81218]=(byte) pincode.charAt(2);
in[81219]=(byte) pincode.charAt(3);
response.setContentType(MediaType.IMAGE_PNG_VALUE);
FileCopyUtils.copy(in, response.getOutputStream());
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}

2
webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
View File

@ -12,7 +12,7 @@
<div class="container-fluid">
<div class="panel panel-default">
<div class="panel-heading">
<img th:src="@{/images/webgoat2.png}" class="img-thumbnail"/>
<img th:src="@{/challenge/logo}" class="img-thumbnail"/>
</div>
<div class="panel-body">
<form class="attack-form" accept-charset="UNKNOWN"

4
webgoat-lessons/challenge/src/test/java/org/owasp/webgoat/challenges/Assignment1Test.java
View File

@ -29,12 +29,14 @@ import org.junit.runner.RunWith;
import org.mockito.junit.MockitoJUnitRunner;
import org.owasp.webgoat.assignments.AssignmentEndpointTest;
import org.owasp.webgoat.challenges.challenge1.Assignment1;
import org.owasp.webgoat.challenges.challenge1.ImageServlet;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import java.net.InetAddress;
import static org.mockito.Mockito.when;
import static org.owasp.webgoat.challenges.SolutionConstants.PASSWORD;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
import static org.springframework.test.web.servlet.setup.MockMvcBuilders.standaloneSetup;
@ -62,7 +64,7 @@ public class Assignment1Test extends AssignmentEndpointTest {
mockMvc.perform(MockMvcRequestBuilders.post("/challenge/1")
.header("X-Forwarded-For", host)
.param("username", "admin")
.param("password", SolutionConstants.PASSWORD))
.param("password", SolutionConstants.PASSWORD.replace("1234", String.format("%04d",ImageServlet.PINCODE))))
.andExpect(jsonPath("$.feedback", CoreMatchers.containsString("flag: " + Flag.FLAGS.get(1))))
.andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(true)));
}