-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Finished edit source code, started robots training, fixed header macro
Edit source code training is complete Training header macro has been changed to change image automatically Robots.txt added and secret page Started making robots training and added entry to db
- Loading branch information
Showing
27 changed files
with
367 additions
and
54 deletions.
There are no files selected for viewing
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| User-agent: Googlebot-Image | ||
| Disallow: / | ||
|
|
||
| User-agent: * | ||
| Disallow: /secret.html | ||
|
|
||
| Hey! What are you doing snooping around here! I sure hope you don't visit that secret site... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
97 changes: 97 additions & 0 deletions
97
cyber/templates/training/editing-source/editing-source-4.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,97 @@ | ||
| {% extends "layout.html" %} | ||
| <!-- this layout just goes back ../ for all the links so it doesn't break since it's in the /training/ directory --> | ||
| <!-- may be needed for other pages too --> | ||
|
|
||
| {% block content %} | ||
|
|
||
| <div class="content"> | ||
| <div class="container-fluid"> | ||
| <div class="row"> | ||
| <div class="card training_background"> | ||
| <!-- TRAINING HEADER (Args: Category, training name, points, t_name for image, background class=default "new-colour" so can be left empty) --> | ||
| {% call training_header("Web Hacking", training.display_name, training.points, training.training_name, "sky-blue") %} | ||
| {% endcall %} | ||
| <!-- TRAINING HEADER --> | ||
|
|
||
| <div class=""> | ||
| <div class="card-body training_card"> | ||
|
|
||
| <p>Here's a little bit of a summary of what we know so far:</p> | ||
| <ul> | ||
| <li>You can edit the source code by right clicking the part you want to edit, clicking "Inspect", then double clicking the tag you want to edit</li> | ||
| <li>You can edit the text of a website</li> | ||
| <li>You can disable/enable part of a website by adding/removing the <code>disabled</code> attribute</li> | ||
| <li>You can hide/show part of a website by adding/removing the <code>hidden</code>attribute</li> | ||
| </ul> | ||
| <p>You're going to need all these skills for the final challenge, so go back and practice if you're not feeling confident.</p> | ||
|
|
||
|
|
||
| <h2>Episode II: Revenge of the Frog</h2> | ||
| <img class="img-fluid mx-auto d-block" src="{{ url_for('static', filename='img/web-hacking/cody-book.png') }}"> | ||
| <p>So Cody's done some reading about web security, and he's finally removed those password reminder comments from his code. He's still pretty forgetful though, so he wanted to come up with <i>some way</i> to get into his website even if he had forgotten the usual password</p> | ||
| <p>In addition to the usual login form, there is a secret login page that accepts a different password. You'll want to find out the password, then press the login button.</p> | ||
|
|
||
| </div> | ||
| </div> | ||
| </div> | ||
| </div> | ||
| <!-- CHALLENGE (Args: Points, text, hint, training name) --> | ||
| {% call challenge(training.points, "Log in to Cody's secret website by editing the source code. You'll need to change the attributes we've learnt before", "There is more than one element you'll need to edit on Cody's website. Have a look for a hidden image to find out the password, then enable the button that let's you submit the password. Have another go at page 2 and 3 of this training if you're still stuck", training.training_name) %} | ||
| {% endcall %} | ||
| <!-- END CHALLENGE --> | ||
|
|
||
| <!-- PAGE NAV (Args: Current page passed from routes.py, training name passed from routes.py, total number of pages) --> | ||
| {% call pagination(current_page, training.training_name, 4) %} | ||
| {% endcall %} | ||
| <!-- END PAGE NAV --> | ||
|
|
||
| </div> | ||
| </div> | ||
|
|
||
|
|
||
| <script> | ||
| function prompt_login() { | ||
|
|
||
|
|
||
| swal("Oh no, you're not logged in! Making an account lets you save your progress, AND earn points and hacker ranks.", { | ||
| icon: "warning", | ||
| buttons: { | ||
| continue: { | ||
| text: "Continue anyway", | ||
| value: "continue", | ||
| className: "grey-bg", | ||
| }, | ||
| register: { | ||
| text: "Register", | ||
| value: "register", | ||
| }, | ||
| login: { | ||
| text: "Login", | ||
| value: "login", | ||
| }, | ||
| }, | ||
| }) | ||
| .then((value) => { | ||
| switch (value) { | ||
| case "login": | ||
| window.location.href = "../../login"; | ||
| break; | ||
|
|
||
| case "register": | ||
| window.location.href = "../../register"; | ||
| break; | ||
|
|
||
| case "continue": | ||
| window.open('../editing-source/challenge', '_blank'); | ||
| break; | ||
| } | ||
| }); | ||
| } | ||
|
|
||
| </script> | ||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
| {% endblock content %} |
35 changes: 35 additions & 0 deletions
35
cyber/templates/training/editing-source/editing-source-challenge.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| <head> | ||
| <style> | ||
| body { | ||
| background-color: aquamarine; | ||
| text-align: center; | ||
| } | ||
|
|
||
| h1 { | ||
| color: white; | ||
| } | ||
|
|
||
| </style> | ||
| </head> | ||
|
|
||
| <body> | ||
| <h1>My secret club</h1> | ||
| <h2>If I forget my password, here is my secret login form. Don't even try it if you're not Cody- you won't know how to find the password</h2> | ||
| <img src="{{ url_for('static', filename='img/web-hacking/cody.png') }}"> | ||
| <!-- There's no password hidden in the comments this time! Have a look at the attributes of the image and button" --> | ||
| <form method="POST" action="" autocomplete="off"> | ||
| {{ form.hidden_tag() }} | ||
| <img src="{{ url_for('static', filename='img/web-hacking/password.png') }}" width=1px height=1px> | ||
| <label for="password">{{ form.password.label }}</label> | ||
| {{ form.password(class="form-control") }} | ||
|
|
||
| <button disabled type="submit" value="Login">Login</button> | ||
| {% with messages = get_flashed_messages() %} | ||
| {% if messages %} | ||
|
|
||
| <p>{{ messages[-1] }}</p> | ||
|
|
||
| {% endif %} | ||
| {% endwith %} | ||
| </form> | ||
| </body> |
35 changes: 35 additions & 0 deletions
35
cyber/templates/training/editing-source/editing-source-success.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| <head> | ||
| <style> | ||
| body { | ||
| background-color: aquamarine; | ||
| text-align: center; | ||
| } | ||
|
|
||
| h1 { | ||
| color: white; | ||
| } | ||
|
|
||
| </style> | ||
| </head> | ||
|
|
||
| <body> | ||
| {% if message == "No Login" %} | ||
| <p>Congrats on completing the training! You could have earned points for this by <a href='{{ url_for("login") }}'>logging in</a> or <a href='{{ url_for("register") }}'>registering an account</a>.</p> | ||
| {% elif message == "Already Completed" %} | ||
| <p>You have already completed this challenge before, so you didn't earn any points this time!</p> | ||
| <h1>Hey totally real member!</h1> | ||
| <h2>Welcome to the secret club, now gaze upon our finest secrets</h2> | ||
| <p>We have managed to add to our collection of tiny bugs. Please take a look and enjoy!</p> | ||
| <img src="{{ url_for('static', filename='img/web-hacking/morebugs.png') }}"> | ||
| <p>P.S. Don't tell anyone the password!</p> | ||
| {% elif message == "Points" %} | ||
| <p>Congrats on completing the training! 150 points have been added to your account</p> | ||
| <h1>Hey totally real member!</h1> | ||
| <h2>Welcome to the secret club, now gaze upon our finest secrets</h2> | ||
| <p>We have managed to add to our collection of tiny bugs. Please take a look and enjoy!</p> | ||
| <img src="{{ url_for('static', filename='img/web-hacking/morebugs.png') }}"> | ||
| <p>P.S. Don't tell anyone the password!</p> | ||
| {% else %} | ||
| <p>You sneaky thing! You can't get points by coming to this link without completing the challenge, but nice try.</p> | ||
| {% endif %} | ||
| </body> |
Oops, something went wrong.