HS-Esslingen/swb6-it-sec
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

write the get request for sql injection in comment

Browse source
This commit is contained in:
Florian Hoss 2022-04-08 14:28:21 +02:00
parent 3e59c0601e
commit 8ddd8b2942
1 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
Lab01/app/webpage/webpage.go
View file

@ -38,17 +38,18 @@ func (wp *Webpage) defineRoutes() {
tasks := wp.Router.Group("/tasks") tasks := wp.Router.Group("/tasks")
{ {
tasks.GET("", func(c *gin.Context) { tasks.GET("", func(c *gin.Context) {
//if wp.isLoggedInMiddleware(c) { // FOR SQL INJECTION (username=Florian OR 1=1 in Header) if wp.isLoggedInMiddleware(c) {
username := c.Request.Header.Get("username") username := c.Request.Header.Get("username")
filter := c.Query("filter") filter := c.Query("filter")
if filter != "" { if filter != "" {
// SQL Injection: http://localhost:8080/tasks?filter=' or 1=1--
tasks := wp.Database.FilteredTasks(username, filter) tasks := wp.Database.FilteredTasks(username, filter)
c.JSON(200, gin.H{"tasks": tasks}) c.JSON(200, gin.H{"tasks": tasks})
return return
} }
tasks := wp.Database.GetAllTasks(username) tasks := wp.Database.GetAllTasks(username)
c.JSON(200, gin.H{"tasks": tasks}) c.JSON(200, gin.H{"tasks": tasks})
//} }
}) })
tasks.POST("", func(c *gin.Context) { tasks.POST("", func(c *gin.Context) {
if wp.isLoggedInMiddleware(c) { if wp.isLoggedInMiddleware(c) {