diff --git a/config.schema.yml b/config.schema.yml
index f46af515ced..e1f9f825c37 100644
--- a/config.schema.yml
+++ b/config.schema.yml
@@ -384,7 +384,7 @@ ctf:
type: string
code:
type: string
- resetPasswordScarChallenge:
+ resetPasswordUvoginChallenge:
name:
type: string
code:
diff --git a/config/default.yml b/config/default.yml
index 31412ebda5e..a2bb01022a4 100644
--- a/config/default.yml
+++ b/config/default.yml
@@ -88,6 +88,8 @@ products:
price: 2.99
deluxePrice: 2.49
image: orange_juice.jpg
+ reviews:
+ - { text: 'y0ur f1r3wall needs m0r3 musc13' author: uvogin }
-
name: 'Eggfruit Juice (500ml)'
description: 'Now with even more exotic flavour.'
@@ -251,7 +253,7 @@ products:
price: 2.99
image: carrot_juice.jpeg
reviews:
- - { text: 'Just left a 0 star review for the horrible security. -msc4r', author: scar }
+ - { text: '0 st4rs f0r 7h3 h0rr1bl3 s3cur17y', author: uvogin }
-
name: 'OWASP Juice Shop Sweden Tour 2017 Sticker Sheet (Special Edition)'
description: '10 sheets of Sweden-themed stickers with 15 stickers on each.'
diff --git a/config/fbctf.yml b/config/fbctf.yml
index 14c7805eff1..c1d617ffd71 100644
--- a/config/fbctf.yml
+++ b/config/fbctf.yml
@@ -295,6 +295,6 @@ ctf:
xssBonusChallenge:
name: Ethiopia
code: ET
- resetPasswordScarChallenge:
+ resetPasswordUvoginChallenge:
name: Republic of South Africa
code: RSA
diff --git a/data/static/challenges.yml b/data/static/challenges.yml
index 876d75d66db..b1dff822b42 100644
--- a/data/static/challenges.yml
+++ b/data/static/challenges.yml
@@ -818,10 +818,10 @@
tutorial:
order: 3
-
- name: 'Reset Scar''s Password'
+ name: 'Reset Uvogin''s Password'
category: 'Sensitive Data Exposure'
- description: 'Reset Scar''s password via the Forgot Password mechanism with the original answer to his security question.'
+ description: 'Reset Uvogin''s password via the Forgot Password mechanism with the original answer to his security question.'
difficulty: 3
hint: 'Maybe you can find some hints across his social media. If only you could find something like an alias...'
hintUrl: ''
- key: resetPasswordScarChallenge
\ No newline at end of file
+ key: resetPasswordUvoginChallenge
\ No newline at end of file
diff --git a/data/static/users.yml b/data/static/users.yml
index faced13959a..2a1c7eb9443 100644
--- a/data/static/users.yml
+++ b/data/static/users.yml
@@ -198,9 +198,9 @@
id: 7
answer: 'sdAffsdfrefrbgreq3423'
-
- email: scar
+ email: uvogin
password: 'muda-muda > ora-ora' # https://www.youtube.com/watch?v=vnJv8IoLMwc
- key: scar
+ key: uvogin
role: 'customer'
walletBalance: 100
securityQuestion:
diff --git a/routes/resetPassword.js b/routes/resetPassword.js
index 4dad32eb888..6f6d367f5aa 100644
--- a/routes/resetPassword.js
+++ b/routes/resetPassword.js
@@ -55,5 +55,5 @@ function verifySecurityAnswerChallenges (user, answer) {
utils.solveIf(challenges.resetPasswordBjoernChallenge, () => { return user.id === users.bjoern.id && answer === 'West-2082' })
utils.solveIf(challenges.resetPasswordMortyChallenge, () => { return user.id === users.morty.id && answer === '5N0wb41L' })
utils.solveIf(challenges.resetPasswordBjoernOwaspChallenge, () => { return user.id === users.bjoernOwasp.id && answer === 'Zaya' })
- utils.solveIf(challenges.resetPasswordScarChallenge, () => { return user.id === users.scar.id && answer === 'Silence of the Lambs' })
+ utils.solveIf(challenges.resetPasswordUvoginChallenge, () => { return user.id === users.uvogin.id && answer === 'Silence of the Lambs' })
}
diff --git a/test/e2e/forgotPasswordSpec.js b/test/e2e/forgotPasswordSpec.js
index 6b3cf9c6f92..daee7a0fcfd 100644
--- a/test/e2e/forgotPasswordSpec.js
+++ b/test/e2e/forgotPasswordSpec.js
@@ -102,9 +102,9 @@ describe('/#/forgot-password', () => {
protractor.expect.challengeSolved({ challenge: 'Reset Morty\'s Password' })
})
- describe('as Scar', () => {
+ describe('as Uvogin', () => {
it('should be able to reset password with his security answer', () => {
- email.sendKeys('scar@' + config.get('application.domain'))
+ email.sendKeys('Uvogin@' + config.get('application.domain'))
browser.wait(EC.visibilityOf(securityAnswer), 1000, 'Security answer field did not become visible')
securityAnswer.sendKeys('Silence of the Lambs')
newPassword.sendKeys('ora-ora > muda-muda')
@@ -114,6 +114,6 @@ describe('/#/forgot-password', () => {
expect($('.confirmation').getAttribute('hidden')).not.toBeTruthy()
})
- protractor.expect.challengeSolved({ challenge: 'Reset Scar\'s Password' })
+ protractor.expect.challengeSolved({ challenge: 'Reset Uvogin\'s Password' })
})
})