tosu
/
hackhpi23-cyber-range
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

No escape for easy xss

This commit is contained in:
cubernetes 2023-04-14 07:46:33 +02:00
parent a6d76791ad
commit 3a70d69f29
5 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webserver/database/logs/blue.json
View File

@ -1 +1 @@
[{"data": "archtosu@172.23.7.203: echo hi\n", "timestamp": "1681450590"}, {"data": "archtosu@172.23.7.203: ls\n", "timestamp": "1681450591"}, {"data": "archtosu@172.23.7.203: x\n", "timestamp": "1681450591"}, {"data": "archtosu@172.23.7.203: ls\n", "timestamp": "1681450593"}]
[{"data": "archtosu@172.23.7.203: ./auto.sh", "timestamp": "1681451149"}, {"data": "<b style='color: yellow'>Snort: Intrusion Detected!</b>", "timestamp": "1681451149"}, {"data": "archtosu@172.23.7.203: mv auto.sh blueteam1.sh", "timestamp": "1681451169"}, {"data": "archtosu@172.23.7.203: git s", "timestamp": "1681451171"}, {"data": "archtosu@172.23.7.203: git status", "timestamp": "1681451173"}]

2
webserver/database/logs/red.json
View File

@ -1 +1 @@
[{"data": "141.89.221.182: start of attack", "timestamp": "1681450591"}, {"data": "141.89.221.182: command 0: ATTACK", "timestamp": "1681450591"}, {"data": "141.89.221.182: command 1: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 2: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 3: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 4: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 5: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 6: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 7: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 8: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 9: ATTACK", "timestamp": "1681450592"}, {"data": "141.89.221.182: command 10: ATTACK", "timestamp": "1681450593"}]
[{"data": "141.89.221.182: Start of post-exploitation", "timestamp": "1681451149"}]

2
webserver/database/temp/sim_start.txt
View File

@ -1 +1 @@
1681450588
1681451148

2
webserver/main.py
View File

@ -15,7 +15,6 @@ from shutil import copyfile
from werkzeug.middleware.shared_data import SharedDataMiddleware
from oauthlib.oauth2 import WebApplicationClient
from discord_webhook import DiscordWebhook, DiscordEmbed
from base64 import b64decode
STARTED = 0
@ -313,7 +312,6 @@ def api_red_logs():
def api_blue_logs():
global STARTED
temp_json_n = request.json
temp_json_n['data'] = b64decode(temp_json_n['data']).decode('utf-8')
if STARTED:
with open('./database/logs/blue.json') as f:

3
webserver/templates/main/dashboard_main1.html
View File

@ -1564,8 +1564,7 @@
timestamp_h2 = document.createElement('h2');
data_tag = document.createElement('p');
timestamp_txt = document.createTextNode(to_min_s(document.getElementById('simstart').getAttribute('data-start'), data_entry.timestamp));
data_txt = document.createTextNode(data_entry.data);
data_tag.appendChild(data_txt);
data_tag.innerHTML = data_entry.data;
timestamp_h2.appendChild(timestamp_txt);
container.appendChild(timestamp_h2);
container.appendChild(data_tag);