team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
662 Commits 1 Branch 0 Tags
80e1ede02bab3bdfdff59bf26822403c8fc20667
Commit Graph

662 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Al Snow 21b7de06f9 Rebuilt Gemfile.lock file (4 gems) 2014-03-26 09:53:02 -04:00
cktricky 70b44b36ad oops, mikes password changed for some reason which conflicts with our tutorials and such 2014-03-25 11:57:11 -04:00
Al Snow cee5030047 Added rack-ssl (1.3.4) gem 2014-03-24 09:58:41 -04:00
Al Snow bdeef0508b Rebuilt Gemfile.lock file 2014-03-24 09:50:49 -04:00
Al Snow e53d5c928d Rebuilt Gemfile.lock file 2014-03-20 09:10:12 -04:00
cktricky 7a89ae6f17 added the tutorial for the newest logic flaw 2014-03-16 22:10:19 -04:00
cktricky 8140cb3a1b added the basic template of a tutorial guide for the newly added logic flaw, now I have to fill it out :-( (j/k) 2014-03-16 16:19:07 -04:00
cktricky d11617f272 while the pay page could use further refinement from a visual aspect, it is completely working and ready for a tutorial 2014-03-16 16:10:12 -04:00
cktricky 41a596aba0 added some necessary comments to the pay page 2014-03-16 15:37:47 -04:00
cktricky 87f9c825ba a function to decrypt has been added to the mix 2014-03-16 15:26:33 -04:00
cktricky 3a5818c493 the basics of a working remember-me-logic-flaw completed :-) 2014-03-15 22:30:31 -04:00
cktricky 1f922916d2 have the ability now to update a row of direct deposit information as well as leverage the encryption routine to introduce a serious flaw 2014-03-15 21:58:42 -04:00
cktricky 9951af6170 added row, now working on deletion of a column 2014-03-15 15:46:01 -04:00
cktricky 16eaefefdf view portion of adding a column almost complete, then backend logic 2014-03-15 15:29:45 -04:00
cktricky ed73ab47e7 Merge branch 'master' of github.com:OWASP/railsgoat 2014-03-15 14:20:41 -04:00
Ken Johnson 31a4cc779f Merge pull request #98 from jasnow/master 
Increase Poltergeist timeout to 60; Rebuild Gemfile.lock file
 2014-03-15 14:20:18 -04:00
Al Snow bdc529972d Increase Poltergeist timeout to 60; Rebuild Gemfile.lock file 2014-03-15 12:49:42 -04:00
cktricky 7a4efaa950 added the basic components to begin working on the pay index view 2014-03-15 10:28:52 -04:00
cktricky a06788ff58 commented out currently unused spec tests for the pay controller and model 2014-03-14 20:30:57 -04:00
cktricky 2c8781ebc1 added a pay controller and model 2014-03-14 20:29:14 -04:00
Ken Johnson 419b5bbfdc Merge pull request #97 from OWASP/pr-96 
Pr 96
 2014-03-14 16:58:52 -04:00
cktricky caaa3ba96d commented out unused spec tests as well as removed unnecessary require statement 2014-03-14 16:57:55 -04:00
cktricky 0a647cbbe6 this appears to fix the issue of our test cases breaking. I had specified that if the rails env was a dev env, the key would be a certain value. Instead, it has been changed to any env other than prod 2014-03-14 16:53:44 -04:00
cktricky 7823eadf3c first round of tests look okay, now we can re-use this function :-) 2014-03-14 16:32:44 -04:00
cktricky 62920b535c Merge branch 'master' of github.com:OWASP/railsgoat into pr-96 2014-03-14 14:00:56 -04:00
cktricky d0e825fc17 making sure this is up to date 2014-03-14 14:00:51 -04:00
cktricky ec8a187833 fixed the checkbox layout, etc. 2014-03-14 12:50:45 -04:00
cktricky 8daeee09f2 working on cleaning up and testing if I can push changes to a PR 2014-03-14 09:07:52 -04:00
cktricky e49b43f899 added the verbose model attributes finding under the exposure section within the tutorials 2014-03-12 20:28:59 -04:00
cktricky 4b0560a250 whew, now THAT is a huge tutorial explanation for a relatively simple issue! 2014-03-12 18:59:38 -04:00
cktricky 48ddc99955 some basic api functionality with a few gotchas 2014-03-12 17:45:08 -04:00
Ken Johnson ed800fd601 Merge pull request #95 from OWASP/cktricky_mar_2014_updates 
Cktricky mar 2014 updates
 2014-03-12 16:01:33 -04:00
cktricky 95eb5a56fd added vulnerable auth check for the API 2014-03-12 15:40:12 -04:00
cktricky f4f5d5744c working on the auth structure for the API 2014-03-12 13:24:37 -04:00
cktricky 932d2304f9 okay first run at making an API for railsgoat 2014-03-12 12:38:41 -04:00
relotnek b9f61b3686 stylistic elements 2014-03-11 21:18:48 -04:00
relotnek b101c286ce application controller edits 2014-03-11 20:54:38 -04:00
relotnek 6a4bc922bd added user lookup in application controller by auth_token 2014-03-11 20:40:10 -04:00
relotnek a5c4dc37a2 added logic in sessions controller for rememberme checkbox 2014-03-11 20:38:26 -04:00
relotnek 18a1e219b7 added rememberme checkbox to new session form 2014-03-11 20:34:47 -04:00
relotnek 015b36d379 added cookie delete to session destroy method 2014-03-11 20:32:12 -04:00
relotnek a707e75662 added cookies.permanent in replacement of session 2014-03-11 20:31:32 -04:00
relotnek 4e6006dcc8 added before_create generate token to user model 2014-03-11 20:29:43 -04:00
relotnek e7c30151d4 added token to users model and generate token method to users controller 2014-03-11 20:28:15 -04:00
cktricky c559bd5602 updated tutorial to reflect changes to the correct code listed within the user model 2014-03-09 20:16:54 -04:00
Ken Johnson 12f3bc0378 Merge pull request #93 from ecneladis/master 
Removed duplicated code from exemplary validations for password
 2014-03-09 20:13:57 -04:00
ecneladis 84fd9503ca Removed duplicated code from exemplary validations for password 2014-03-06 19:40:33 +01:00
Mike McCabe 38584b703d updating brakeman 2014-02-23 13:43:56 -05:00
mccabe615 e83e86e097 Merge pull request #92 from jasnow/master 
Upgraded 3 gems by rebuilding Gemfile.lock file
 2014-02-22 18:35:19 -05:00
Al Snow b99385dff5 Rebuilt Gemfile.lock file 2014-02-18 16:15:42 -05:00