thomashaw
428d39a279
vulnerabilities/onlinestore: parameterised dealer_id / murderer_id / murdered_ids / murdered_on. Updated scenarios/../leeds_beckett_online_store.xml
2017-05-13 20:00:32 +01:00
thomashaw
5c24e13577
Date generator module_name fix
2017-05-13 17:46:22 +01:00
thomashaw
2686331510
encoders/string_selector_with_exclusions
2017-05-13 16:29:36 +01:00
thomashaw
034c2ec409
generators/date_generator: added mysql_datetime format
2017-05-13 16:29:19 +01:00
thomashaw
58907d171d
parameterised online_store
2017-05-11 15:02:56 +01:00
thomashaw
577272aa61
generators/compression/zip: Added optional password to zip file generator
2017-05-09 16:29:27 +01:00
thomashaw
2f05fd4797
undo accidental removal of rot13 puppet files
2017-05-09 16:21:31 +01:00
thomashaw
a15211822f
changed vignere to vigenere
2017-05-09 15:48:06 +01:00
thomashaw
22cfa3027e
removing special chars from b64 flag generator + changed qr code link
2017-05-09 15:24:46 +01:00
thomashaw
66aa51dd9d
Updating hints
2017-05-09 12:37:12 +01:00
thomashaw
e8d12deb0e
parameterised_website: changed error message
2017-05-08 13:11:00 +01:00
thomashaw
366fe6cbdd
Cleaning up some TODOs
2017-05-04 11:46:39 +01:00
thomashaw
342b64e481
hidden_zip_in_image_file: added example & now removes the archive from disk after storing it in memory
2017-05-04 11:38:45 +01:00
thomashaw
66893ee6cd
generators/compression/zip (takes strings_to_leak) & generators/challenges/hidden_zip_in_image_file (takes a zip file + concats)
2017-05-03 13:53:33 +01:00
thomashaw
455907842b
marker.xml now picks up <hint> tags. edited a couple of the <hints>
2017-05-03 11:58:31 +01:00
thomashaw
313773bd57
moved to parameterised_website from /webapp/ to /http/
2017-05-03 11:57:53 +01:00
thomashaw
8db4c6ab81
Image Generators no longer select from readme_gifs. Moved png's into /misc directory.
2017-05-02 16:54:59 +01:00
thomashaw
943a614db7
Added hints to string encoders. Prepend leading 0's to decimal and octal encoders.
2017-05-02 16:46:54 +01:00
thomashaw
1dd5f400b3
spelling corrections: vignere to vigenere, _reversable to _reversible
2017-05-02 14:45:27 +01:00
thomashaw
bacd0b5f78
Add <hint> links to generator and encoder challenge modules including schema change to include <hint> tags.
...
Added exif_metadata scenario.
2017-05-02 14:42:03 +01:00
thomashaw
815a5915e6
moved parameterised_website from vulnerabilities to services
2017-05-01 14:44:32 +01:00
thomashaw
4d6d2a1ed1
null check on tab parameters
2017-05-01 14:28:32 +01:00
thomashaw
f65d7a5d15
Moved js loading back to the to footer
2017-05-01 14:27:17 +01:00
thomashaw
288f70fbd2
Moved the images below the tabs
2017-05-01 14:00:17 +01:00
thomashaw
c7047e4e12
Parameterised 'Start here!' tab
2017-05-01 13:21:25 +01:00
thomashaw
4d34a7a89d
Changed the tab position and updated the scenario.xml
2017-05-01 11:57:40 +01:00
thomashaw
f2df7485ba
Added hidden_tabs to parameterised website
2017-04-29 12:06:50 +01:00
thomashaw
fa88a0fc6b
Tabbed pane now displays in main_container.html.erb + generate the tab pages from new read_fact = visible_tabs.
...
Also added read_fact = hidden_tabs which needs implementing next. The hidden tabs names should begin with tab_0.html, then increment from tab_(visible_tabs.length+1).html. The hidden tabs should not be indexed on the main page.
2017-04-27 20:02:43 +01:00
thomashaw
6f7b2f0edf
generators/html_snippet: input header and paragraphs, wrap them in <h3> and <p> tags.
2017-04-27 20:00:42 +01:00
thomashaw
9781976467
active tab changes on click
2017-04-27 13:48:40 +01:00
thomashaw
25e3065768
AJAX loading data into <div> from from html files.
2017-04-27 13:13:03 +01:00
thomashaw
a78af06f9b
Added JQuery + custom .js file, updated bootstrap / css
2017-04-27 12:28:28 +01:00
thomashaw
ce61074bf1
vulnerabilities/unix/webapp/onlinestore - db_password is now dynamically generated
2017-04-18 16:22:52 +01:00
thomashaw
0b99e58c27
CTF module - vulnerabilities/unix/webapp/onlinestore (by Meehein @ University of Birmingham)
2017-04-18 15:46:13 +01:00
thomashaw
398ca4df47
vulnerabilities/unix/system/symlinks - CTF module with symlink (TOCTTOU) vulnerability with binary setgid shadow + crackable weak password
2017-04-18 14:37:16 +01:00
thomashaw
ce9a6f3de7
CTF module - vulnerabilities/unix/system/two_shell_calls (by Meehein @ University of Birmingham)
2017-04-14 12:44:58 +01:00
thomashaw
07eaad8199
Project Vagrantfile's now use relative paths. This enables distribution of project's without having to mess with paths.
2017-04-11 11:46:44 +01:00
thomashaw
b245a168e5
leaked_filename reduced chance of clashes + consolidated both random filename modules into 1
2017-04-04 22:27:57 +01:00
thomashaw
f4a0f54758
symlink traversal, better handling of 1 flag
2017-04-04 21:53:36 +01:00
thomashaw
5e852da39b
word flag generator name update
2017-04-04 16:58:28 +01:00
thomashaw
eac3b86674
fixed word flag generator: remove non alpha-numerical characters from flag (umlauts were being interpreted incorrectly)
2017-04-04 16:49:36 +01:00
thomashaw
a0af1a5fef
fixed random boolean conversion error
2017-04-04 16:38:53 +01:00
thomashaw
57a7dc69f6
ssh_leaked_keys - dynamically generated key
...
(cherry picked from commit b3e248c)
2017-04-04 16:30:52 +01:00
thomashaw
d93d3fdfed
samba symlink traversal, fixed the permissions error(cherry picked from commit b62a06f)
2017-04-04 16:30:26 +01:00
thomashaw
f068d698d0
leaked_file privilege changes (cherry picked from commit 3f4ddad)
2017-04-04 16:30:03 +01:00
thomashaw
8977559f8a
exif metadata challenge + jpg converter/generator (cherry picked from commit e51347f)
2017-04-04 16:29:17 +01:00
thomashaw
aad46803ca
fixes / modifications - strong pw generator strip illegal characters, gitlist_040 changed leak flag position
...
(cherry picked from commit dc7e77f)
2017-04-04 16:26:53 +01:00
thomashaw
f6b7cc41cf
removing final name="" from fortress
2017-03-31 21:29:06 +01:00
thomashaw
04399470f2
updated scenarios, metadata changes + updated qr code
2017-03-31 19:21:36 +01:00
thomashaw
bf8d15e395
added a flag drop in root directory to samba_symlink_traversal
2017-03-31 14:57:06 +01:00
