fixes and improvements

jhimansh · Jun 11, 2019 · 6a0063a · 6a0063a
1 parent e387dda
commit 6a0063a
Show file tree

Hide file tree

Showing 12 changed files with 100 additions and 135 deletions.
diff --git a/README.rst b/README.rst
@@ -7,14 +7,72 @@ Vulpy is a web application developed in Python / Flask / SQLite that has two fac
 **BAD**: Tries to code like (possibly) you. :p
 
 
-Kali Linux Dependencies
+Installation
+------------
+
+git clone https://github.com/portantier/vulpy
+
+cd vulpy
+
+pip3 install --user -r requirements.txt
+pip3 install -e .
+
+
+Features
+--------
+
+- Login/Logout
+- Read posts from other users
+- Publish posts
+- Multi-Factor Authentication (MFA)
+- API for read and write posts
+- Content Security Policy
+- SSL/TLS Server
+
+
+Vulnerabilities
+---------------
+
+Some of the vulnerabilities present on the "BAD" version:
+
+- Cross-Site Scripting (XSS)
+- SQL Injection
+- Cross Site Request Forgery (CSRF)
+- Session Impersonation
+- Authentication Bruteforce
+- Authentication Bypass
+
+**Note:** The "GOOD" version (not finished yet) is supposed to don't have vulnerabilities, but I'm a human being, so...
+
+
+Database Initialization
 -----------------------
 
-Packages that must be installed on a Kali Linux system:
+Both, "BAD" and "GOOD" versions, requires an initialization of the database.
+
+This is done with the script "db_init.py" inside each of the directories (bad, and good).
+
+Each version has their own sqlite files for the users and posts.
+
+The execution of the script is, for example:
+
+::
+   ./db_init.py
+
+
+Default Credentials
+-------------------
+
+After database initialization, three users are created:
+
+::
+   Username    Password
+   --------    -----------
+   admin       SuperSecret
+   elliot      123123123
+   tim         12345678
+
+
+You can login with any user, the application doesn't have a permissions system, so, the three have the same permissions.
 
-- python3-bcrypt
-- python3-click
-- python3-cryptography
-- python3-flask
-- python3-geoip2
 
diff --git a/bad/db_init_users1.py → bad/db_init.py b/bad/db_init_users1.py → bad/db_init.py
@@ -3,7 +3,8 @@
 import os
 import sqlite3
 
-def db_init():
+
+def db_init_users():
 
     users = [
         ('admin', 'SuperSecret'),
@@ -22,12 +23,28 @@ def db_init():
     conn.close()
 
 
+def db_init_posts():
+
+    conn = sqlite3.connect('posts1.sqlite')
+    c = conn.cursor()
+    c.execute("CREATE TABLE posts (date date, username text, text text)")
+
+    conn.commit()
+    conn.close()
+
+
 if __name__ == '__main__':
 
     try:
-        os.remove('users1.sqlite')
+        os.remove('db_users.sqlite')
+    except FileNotFoundError:
+        pass
+
+    try:
+        os.remove('db_posts.sqlite')
     except FileNotFoundError:
         pass
 
-    db_init()
+    db_init_users()
+    db_init_posts()
 
diff --git a/bad/db_init_posts1.py b/bad/db_init_posts1.py
diff --git a/bad/libposts.py b/bad/libposts.py
@@ -6,7 +6,7 @@
 
 def get_posts(username):
 
-    conn = sqlite3.connect('posts1.sqlite')
+    conn = sqlite3.connect('db_posts.sqlite')
     conn.set_trace_callback(print)
     conn.row_factory = sqlite3.Row
     c = conn.cursor()
@@ -20,7 +20,7 @@ def get_posts(username):
 
 def post(username, text):
 
-    conn = sqlite3.connect('posts1.sqlite')
+    conn = sqlite3.connect('db_posts.sqlite')
     conn.set_trace_callback(print)
     conn.row_factory = sqlite3.Row
     c = conn.cursor()

diff --git a/bad/libuser.py b/bad/libuser.py
@@ -4,7 +4,7 @@
 
 def login(username, password):
 
-    conn = sqlite3.connect('users1.sqlite')
+    conn = sqlite3.connect('db_users.sqlite')
     conn.set_trace_callback(print)
     conn.row_factory = sqlite3.Row
     c = conn.cursor()
@@ -19,7 +19,7 @@ def login(username, password):
 
 def create(username, password):
 
-    conn = sqlite3.connect('users1.sqlite')
+    conn = sqlite3.connect('db_users.sqlite')
     c = conn.cursor()
 
     c.execute("INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')" %(username, password, 0, 0, ''))
@@ -30,7 +30,7 @@ def create(username, password):
 
 def userlist():
 
-    conn = sqlite3.connect('users1.sqlite')
+    conn = sqlite3.connect('db_users.sqlite')
     conn.set_trace_callback(print)
     conn.row_factory = sqlite3.Row
     c = conn.cursor()
@@ -45,7 +45,7 @@ def userlist():
 
 def password_change(username, password):
 
-    conn = sqlite3.connect('users1.sqlite')
+    conn = sqlite3.connect('db_users.sqlite')
     conn.set_trace_callback(print)
     conn.row_factory = sqlite3.Row
     c = conn.cursor()

diff --git a/bad/packages.list b/bad/packages.list
diff --git a/bad/requirements.txt b/bad/requirements.txt
diff --git a/bad/script.txt b/bad/script.txt
diff --git a/good/packages.list b/good/packages.list
diff --git a/good/requirements.txt b/good/requirements.txt
diff --git a/good/script.txt b/good/script.txt
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,9 @@
+click
+cryptography
+Flask
+geoip2
+jsonschema
+PyJWT
+pyotp
+qrcode
+requests