/** * Description of the Method * * @param s Description of the Parameter * @return Description of the Return Value */ protected Element makeLogin(WebSession s) { ElementContainer ec = new ElementContainer(); ec.addElement(new H1().addElement("Sign In ")); Table t = new Table() .setCellSpacing(0) .setCellPadding(2) .setBorder(0) .setWidth("90%") .setAlign("center"); if (s.isColor()) { t.setBorder(1); } TR tr = new TR(); tr.addElement( new TH() .addElement( "Please sign in to your account. See the OWASP admin if you do not have an account.") .setColSpan(2) .setAlign("left")); t.addElement(tr); tr = new TR(); tr.addElement(new TD().addElement("*Required Fields").setWidth("30%")); t.addElement(tr); tr = new TR(); tr.addElement(new TD().addElement(" ").setColSpan(2)); t.addElement(tr); TR row1 = new TR(); TR row2 = new TR(); row1.addElement(new TD(new B(new StringElement("*User Name: ")))); row2.addElement(new TD(new B(new StringElement("*Password: "******""); Input input2 = new Input(Input.PASSWORD, PASSWORD, ""); row1.addElement(new TD(input1)); row2.addElement(new TD(input2)); t.addElement(row1); t.addElement(row2); Element b = ECSFactory.makeButton("Login"); t.addElement(new TR(new TD(b))); ec.addElement(t); return (ec); }
/** * Description of the Method * * @param s Description of the Parameter * @return Description of the Return Value */ protected Element createContent(WebSession s) { ElementContainer ec = new ElementContainer(); String regex1 = "^[0-9]{3}$"; // any three digits Pattern pattern1 = Pattern.compile(regex1); try { checkSuccess(s); String param1 = s.getParser().getRawParameter("field1", "111"); // String param2 = HtmlEncoder.encode(s.getParser().getRawParameter("field2", "4128 3214 // 0002 1999")); float quantity = 1.0f; float total = 0.0f; float runningTotal = 0.0f; // FIXME: encode output of field2, then s.setMessage( field2 ); ec.addElement("<script src='javascript/eval.js'> </script>"); // <script src='javascript/sameOrigin.js' language='JavaScript'></script> ec.addElement(new HR().setWidth("90%")); ec.addElement(new Center().addElement(new H1().addElement("Shopping Cart "))); Table t = new Table() .setCellSpacing(0) .setCellPadding(2) .setBorder(1) .setWidth("90%") .setAlign("center"); if (s.isColor()) { t.setBorder(1); } TR tr = new TR(); tr.addElement(new TH().addElement("Shopping Cart Items -- To Buy Now").setWidth("80%")); tr.addElement(new TH().addElement("Price").setWidth("10%")); tr.addElement(new TH().addElement("Quantity").setWidth("3%")); tr.addElement(new TH().addElement("Total").setWidth("7%")); t.addElement(tr); tr = new TR(); tr.addElement( new TD().addElement("Studio RTA - Laptop/Reading Cart with Tilting Surface - Cherry ")); tr.addElement(new TD().addElement("69.99").setAlign("right")); tr.addElement( new TD() .addElement( new Input(Input.TEXT, "QTY1", s.getParser().getStringParameter("QTY1", "1"))) .setAlign("right")); quantity = s.getParser().getFloatParameter("QTY1", 0.0f); total = quantity * 69.99f; runningTotal += total; tr.addElement(new TD().addElement("$" + total)); t.addElement(tr); tr = new TR(); tr.addElement(new TD().addElement("Dynex - Traditional Notebook Case")); tr.addElement(new TD().addElement("27.99").setAlign("right")); tr.addElement( new TD() .addElement( new Input(Input.TEXT, "QTY2", s.getParser().getStringParameter("QTY2", "1"))) .setAlign("right")); quantity = s.getParser().getFloatParameter("QTY2", 0.0f); total = quantity * 27.99f; runningTotal += total; tr.addElement(new TD().addElement("$" + total)); t.addElement(tr); tr = new TR(); tr.addElement( new TD().addElement("Hewlett-Packard - Pavilion Notebook with Intel® Centrino™")); tr.addElement(new TD().addElement("1599.99").setAlign("right")); tr.addElement( new TD() .addElement( new Input(Input.TEXT, "QTY3", s.getParser().getStringParameter("QTY3", "1"))) .setAlign("right")); quantity = s.getParser().getFloatParameter("QTY3", 0.0f); total = quantity * 1599.99f; runningTotal += total; tr.addElement(new TD().addElement("$" + total)); t.addElement(tr); tr = new TR(); tr.addElement(new TD().addElement("3 - Year Performance Service Plan $1000 and Over ")); tr.addElement(new TD().addElement("299.99").setAlign("right")); tr.addElement( new TD() .addElement( new Input(Input.TEXT, "QTY4", s.getParser().getStringParameter("QTY4", "1"))) .setAlign("right")); quantity = s.getParser().getFloatParameter("QTY4", 0.0f); total = quantity * 299.99f; runningTotal += total; tr.addElement(new TD().addElement("$" + total)); t.addElement(tr); ec.addElement(t); t = new Table() .setCellSpacing(0) .setCellPadding(2) .setBorder(0) .setWidth("90%") .setAlign("center"); if (s.isColor()) { t.setBorder(1); } ec.addElement(new BR()); tr = new TR(); tr.addElement(new TD().addElement("The total charged to your credit card:")); tr.addElement(new TD().addElement("$" + runningTotal)); Input b = new Input(); b.setType(Input.BUTTON); b.setValue("Update Cart"); b.addAttribute("onclick", "purchase('lessons/Ajax/eval.jsp');"); tr.addElement(new TD().addElement(b)); t.addElement(tr); tr = new TR(); tr.addElement(new TD().addElement(" ").setColSpan(2)); t.addElement(tr); tr = new TR(); tr.addElement(new TD().addElement("Enter your credit card number:")); tr.addElement( new TD() .addElement( "<input id='field2' name='field2' type='TEXT' value='4128 3214 0002 1999'>")); t.addElement(tr); tr = new TR(); tr.addElement(new TD().addElement("Enter your three digit access code:")); tr.addElement( new TD().addElement("<input id='field1' name='field1' type='TEXT' value='123'>")); // tr.addElement(new TD().addElement(new Input(Input.TEXT, "field1",param1))); t.addElement(tr); b = new Input(); b.setType(Input.BUTTON); b.setValue("Purchase"); b.addAttribute("onclick", "purchase('lessons/Ajax/eval.jsp');"); tr = new TR(); tr.addElement(new TD().addElement(b).setColSpan(2).setAlign("right")); t.addElement(tr); ec.addElement(t); ec.addElement(new BR()); ec.addElement(new HR().setWidth("90%")); } catch (Exception e) { s.setMessage("Error generating " + this.getClass().getName()); e.printStackTrace(); } return (ec); }
/** * Description of the Method * * @param s Description of the Parameter * @return Description of the Return Value */ protected Element createContent(WebSession s) { ElementContainer ec = new ElementContainer(); try { Table t = new Table().setCellSpacing(0).setCellPadding(2).setWidth("90%").setAlign("center"); if (s.isColor()) { t.setBorder(1); } List<File> htmlFiles = findHtmlFiles(LessonUtil.getLessonDirectory(s, this).getParentFile()); List<String> htmlFilenames = Lists.newArrayList( Iterables.transform( htmlFiles, new Function<File, String>() { @Override public String apply(File input) { return input.getName(); } })); String[] list = htmlFilenames.toArray(new String[htmlFilenames.size()]); String listing = " <p><B>" + getLabelManager().get("CurrentDirectory") + "</B> " + Encoding.urlDecode(htmlFiles.get(0).getParent()) + "<br><br>" + getLabelManager().get("ChooseFileToView") + "</p>"; TR tr = new TR(); tr.addElement(new TD().setColSpan(2).addElement(new StringElement(listing))); t.addElement(tr); tr = new TR(); tr.addElement( new TD().setWidth("35%").addElement(ECSFactory.makePulldown(FILE, list, "", 15))); tr.addElement(new TD().addElement(ECSFactory.makeButton(getLabelManager().get("ViewFile")))); t.addElement(tr); ec.addElement(t); // FIXME: would be cool to allow encodings here -- hex, percent, // url, etc... final String file = s.getParser().getRawParameter(FILE, ""); if (!file.equals("")) // first time in or missing parameter - just kick out { // defuse file searching boolean illegalCommand = true; // allow them to look at any file in the webgoat hierachy. // Don't allow them to look about the webgoat root, // except to see the LICENSE file if (upDirCount(file) == 3 && !file.endsWith("LICENSE")) { s.setMessage(getLabelManager().get("AccessDenied")); s.setMessage(getLabelManager().get("ItAppears1")); } else { if (upDirCount(file) > 5) { s.setMessage(getLabelManager().get("AccessDenied")); s.setMessage(getLabelManager().get("ItAppears2")); } else { illegalCommand = false; } } // provide a little guidance to help them along. If the allowed file comes back as // null we have the potential for a real attack vector File allowedFile = guideTheAtack(s, file, htmlFiles); if (!illegalCommand) { File attemptedFile = new File(LessonUtil.getLessonDirectory(s, this) + "/lessonPlans/en/" + file); if (allowedFile == null) { // We have a potential attack if (file != null && attemptedFile.isFile() && attemptedFile.exists()) { // They have accessed something meaningful s.setMessage( getLabelManager().get("CongratsAccessToFileAllowed") + " ==> " + Encoding.urlDecode(attemptedFile.getCanonicalPath())); makeSuccess(s); } else if (file != null && file.length() != 0) { s.setMessage( getLabelManager().get("AccessToFileDenied1") + Encoding.urlDecode(file) + getLabelManager().get("AccessToFileDenied2")); } else { // do nothing, probably entry screen } } else { attemptedFile = allowedFile; } displayAttemptedFile(ec, attemptedFile); } } } catch (Exception e) { s.setMessage(getLabelManager().get("ErrorGenerating") + this.getClass().getName()); e.printStackTrace(); } return (ec); }
/** output HTML for button */ protected void endHTML(PrintWriter out) { Span span = new Span(); Table table = new Table(); TR top = new TR(); TD topLeft = new TD(); TD topCenter = new TD(); TD topRight = new TD(); TR middle = new TR(); TD midLeft = new TD(); TD midCenter = new TD(); TD midRight = new TD(); TR bottom = new TR(); TD botLeft = new TD(); TD botCenter = new TD(); TD botRight = new TD(); Span textContainer = new Span(); org.apache.ecs.html.Button button = new org.apache.ecs.html.Button(); boolean disabled = getContext().processBool(getId() + ".disabled"); // build table table.addElement(top); top.addElement(topLeft); top.addElement(topCenter); top.addElement(topRight); table.addElement(middle); middle.addElement(midLeft); middle.addElement(midCenter); middle.addElement(midRight); table.addElement(bottom); bottom.addElement(botLeft); bottom.addElement(botCenter); bottom.addElement(botRight); // set pixels IMG spacer = new IMG("./images/wgt/1.gif"); spacer.setWidth(1); spacer.setHeight(1); topLeft.addElement(new IMG("./images/wgt/1.gif")); topCenter.addElement(new IMG("./images/wgt/1.gif")); topRight.addElement(new IMG("./images/wgt/1.gif")); midLeft.addElement(new IMG("./images/wgt/1.gif")); midRight.addElement(new IMG("./images/wgt/1.gif")); botLeft.addElement(new IMG("./images/wgt/1.gif")); botCenter.addElement(new IMG("./images/wgt/1.gif")); botRight.addElement(new IMG("./images/wgt/1.gif")); // format table table.setCellPadding(0); table.setCellSpacing(0); table.setBorder(0); // set classes topLeft.setClass("btn_lt"); topCenter.setClass("btn_ct"); topRight.setClass("btn_rt"); midLeft.setClass("btn_lm"); midCenter.setClass("btn_cm"); midRight.setClass("btn_rm"); botLeft.setClass("btn_lb"); botCenter.setClass("btn_cb"); botRight.setClass("btn_rb"); button.setClass("btn_btn"); button.setID(getId() + "_btn"); midCenter.addElement(button); textContainer.setID(id4Text()); textContainer.setClass("btn_txt"); if (StringUtils.isNotEmpty(getSrc())) { if (StringUtils.isEmpty(this.getLabel())) { button.setStyle( "width:" + iconWidth + "px;height:" + iconHeight + "px;background: transparent url(" + getSrc() + ") no-repeat; background-position: center;"); } else { button.setStyle("background: transparent url(" + getSrc() + ") no-repeat;"); } } if (StringUtils.isNotEmpty(this.getLabel())) { if (StringUtils.isNotEmpty(getSrc()) && iconWidth > -1) { if (displayMode == DISPLAY_MODE_VERTICAL) { // image top String s = button.getAttribute("style"); s = s + "background-position: center top;padding-top:" + String.valueOf(iconHeight) + "px;"; button.setStyle(s); } else { // image left textContainer.setStyle("padding-left: " + String.valueOf(iconWidth) + "px;"); } } textContainer.addElement(this.getLabel()); button.addElement(textContainer); } // this.getStyle().add("table-layout", "fixed"); if (this.hasStyle()) { table.setStyle(this.getStyleAsString()); } midCenter.setID(getId()); // midCenter.setOnClick(JSUtil.jsFireEvent(getId(), // ClientEvent.TYPE_ACTION) // + " return false;"); button.setOnClick(JSUtil.jsFireEvent(getId(), ClientEvent.TYPE_ACTION) + " return false;"); // action goes to onClick handler if (getConfirmMsg() != null) { button.setOnClick( JSUtil.jsConfirm( TextService.getString(getConfirmMsg()), JSUtil.jsFireEvent(getId(), ClientEvent.TYPE_ACTION))); } else { button.setOnClick(JSUtil.jsFireEvent(getId(), ClientEvent.TYPE_ACTION) + " return false;"); } // table.output(out); span.addElement(table); span.setID(getId() + "_sspan"); if (block && isVisible()) { span.setStyle("display:block;"); } span.output(out); this.initJaveScript(); }
protected Element createContent(WebSession s) { ElementContainer ec = new ElementContainer(); Table t1 = new Table().setCellSpacing(0).setCellPadding(2); if (s.isColor()) { t1.setBorder(1); } TR tr = new TR(); tr.addElement(new TD("Enter your account number: ")); tr.addElement(new TD(new Input(Input.TEXT, "id", "101"))); t1.addElement(tr); tr = new TR(); tr.addElement(new TD("Select the fields to return: ")); tr.addElement( new TD( new Select("field") .setMultiple(true) .addElement(new Option(firstName).addElement("First Name")) .addElement(new Option(lastName).addElement("Last Name")) .addElement(new Option(loginCount).addElement("Login Count")))); t1.addElement(tr); tr = new TR(); Element b = ECSFactory.makeButton("Submit"); tr.addElement(new TD(b).setAlign("CENTER").setColSpan(2)); t1.addElement(tr); ec.addElement(t1); try { String[] fields = s.getParser().getParameterValues("field"); int id = s.getParser().getIntParameter("id"); Table t = new Table().setCellSpacing(0).setCellPadding(2).setBorder(1); if (s.isColor()) { t.setBorder(1); } TR header = new TR(); TR results = new TR(); int port = s.getRequest().getServerPort(); for (int i = 0; i < fields.length; i++) { header.addElement(new TD().addElement(fields[i])); results.addElement( new TD() .addElement( (String) accessWGService( s, "WSDLScanning", port, fields[i], "acct_num", new Integer(id)))); } if (fields.length == 0) { s.setMessage("Please select a value to return."); } t.addElement(header); t.addElement(results); ec.addElement(new P().addElement(t)); } catch (Exception e) { } try { A a = new A("services/WSDLScanning?WSDL", "WebGoat WSDL File"); ec.addElement( new P() .addElement( "View the web services definition language (WSDL) to see the complete API:")); ec.addElement(new BR()); ec.addElement(a); // getLessonTracker( s ).setCompleted( completed ); if (completed && !getLessonTracker(s).getCompleted() && !beenRestartedYet) { makeSuccess(s); beenRestartedYet = true; } else if (completed && !getLessonTracker(s).getCompleted() && beenRestartedYet) { completed = false; beenRestartedYet = false; } // accessWGService("WSDLScanning", "getCreditCard", "acct_num", new Integer(101)); } catch (Exception e) { s.setMessage("Error generating " + this.getClass().getName()); e.printStackTrace(); } return (ec); }