team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
352 Commits 1 Branch 0 Tags
9a5f04cefd93d72170be8a96ef8aabd931ab5edd
Commit Graph

223 Commits

Author SHA1 Message Date
James Espinosa 9a5f04cefd Update button, for consistency 2013-11-24 20:48:07 -06:00
James Espinosa a9fad698e8 Minor code cleanup, for readability 2013-11-24 20:42:17 -06:00
James Espinosa 5db8eab564 Fix typo, should be password 2013-11-24 20:34:18 -06:00
Mike McCabe ce239e84be oops, maybe I should actually run the tests before committing 2013-11-23 17:59:41 -05:00
Mike McCabe c7515af6ab adding basic forgot password controller and views 2013-11-23 16:04:48 -05:00
cktricky 810c086130 Merge branch 'master' of github.com:OWASP/railsgoat 2013-11-14 15:05:14 -05:00
cktricky 53dcc75f74 I think there was a subtle bug in the intentional security bypass within the admin controller 2013-11-14 15:05:00 -05:00
Mike McCabe 4801dc518a fixing two A5 typos 2013-11-14 11:26:31 -05:00
Mike McCabe 3ec9765ca3 small update to A7 2013-11-14 11:24:15 -05:00
cktricky f53ab56e92 fixes a bug introduced during the transition from info_disclosure to A6 2013-11-14 11:06:27 -05:00
cktricky b9e2723175 closes issue #30 2013-11-14 10:59:20 -05:00
cktricky edfe5b646e fixed category number and this closes issue #35 2013-11-14 10:52:04 -05:00
cktricky 419a051da9 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-14 10:47:44 -05:00
cktricky b84c8d4cc7 finished write-up for broken auth 2013-11-14 10:47:27 -05:00
Mike McCabe e116d8b096 finishing A7 2013-11-14 10:34:35 -05:00
cktricky 890717b7ea write-up complete for exposure 2013-11-14 10:10:58 -05:00
cktricky e764efe1d4 working on A6 tutorial write-up now that the code is working 2013-11-14 09:39:57 -05:00
cktricky 98678b0364 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-13 19:51:59 -05:00
cktricky b605a42812 got the code kicked off so we can encrypt SSN(s) in the database 2013-11-13 19:51:42 -05:00
Mike McCabe 235b6418d0 A7 adding before filter to see if admin or admin_id is 1 2013-11-13 19:35:12 -05:00
Mike McCabe aeabbcf8c6 A7 - switching the var used in the view so that non-admins can view the admin panel 2013-11-13 19:14:12 -05:00
cktricky 4be667b606 working 2013-11-13 19:02:37 -05:00
cktricky 447c408699 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-13 18:24:33 -05:00
cktricky efcb7b8c4b working on encryption 2013-11-13 18:24:26 -05:00
Mike McCabe af8776a3ea halfway done A7 2013-11-13 18:23:38 -05:00
Mike McCabe 91e6797b40 adding broken functionality for A7 2013-11-13 18:23:38 -05:00
cktricky d9956caec1 removed orig file 2013-11-13 14:18:25 -05:00
cktricky 665ccb2167 removed orig file and also began encryption related stuff for ssn(s) 2013-11-13 14:01:29 -05:00
cktricky 8c672fd2fc fixed the route 2013-11-13 12:16:48 -05:00
Mike McCabe f0ca17df79 updating the information for A9 fixes #27 2013-11-13 11:47:29 -05:00
Mike McCabe fe9d8b266f adding security misconfig text 2013-11-12 18:55:14 -05:00
cktricky 6950accce4 a6 exposure, working on the wording for SSNs being stored in the clear 2013-11-12 17:44:27 -05:00
cktricky 655b636c38 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-12 16:12:49 -05:00
Mike McCabe c06140659c updated description with owasp one 2013-11-12 16:10:38 -05:00
cktricky 14bff998dd Merge branch 'master' of github.com:OWASP/railsgoat into top-10-2013 2013-11-12 16:07:23 -05:00
Michael McCabe 7833b85837 updating description with owasp 2013 description 2013-11-12 15:24:07 -05:00
Michael McCabe cf1b5dc124 updating description with owasp 2013 description 2013-11-12 13:55:24 -05:00
GSMcNamara 09c0f07d8b Lowercased a letter. 2013-11-07 15:06:05 -05:00
GSMcNamara 7ddec28bcc Removed apostrophe 2013-11-07 15:02:31 -05:00
GSMcNamara 813711d79e Grammar fix. 2013-11-07 14:56:18 -05:00
cktricky 1e93dc3d4d appears to have solved the issue with our code printing stderrs 2013-10-27 22:38:52 -04:00
cktricky 86035a1cbd appears to have solved the issue with our code printing stderrs 2013-10-27 22:38:38 -04:00
cktricky 11480ac853 tests are working again, I will work on surpressing the errors. Also merged @jasnow work 2013-10-27 21:46:12 -04:00
cktricky 6d1c0c7869 merging 2013-10-27 20:17:52 -04:00
cktricky 7c1d52320a does not fix the error that occurs (as it should, but that we want to obfuscate) when a command is injected into, however, it does pass the build and does not break the entire call 2013-10-23 17:11:28 -05:00
cktricky c6e42901c7 fixing a mistake 2013-10-22 10:38:23 -04:00
cktricky 1817251af5 changes 2013-10-22 10:38:00 -04:00
Mike McCabe 3820b78066 fixing this function that was not explicitly using the params 2013-10-22 10:16:09 -04:00
cktricky b7c3b04c74 this seems to have fixed a nuisance error within our unit-tests. Issue #57 2013-10-22 00:58:48 -04:00
cktricky 753840a276 this seems to have fixed a nuisance error within our unit-tests. Issue #57 2013-10-22 00:57:32 -04:00