diff --git a/src/main/java/org/t246osslab/easybuggy/core/dao/DBClient.java b/src/main/java/org/t246osslab/easybuggy/core/dao/DBClient.java
index cf6cd9e1..6c2e09d9 100644
--- a/src/main/java/org/t246osslab/easybuggy/core/dao/DBClient.java
+++ b/src/main/java/org/t246osslab/easybuggy/core/dao/DBClient.java
@@ -69,16 +69,22 @@ private static void createUsersTable(Statement stmt) throws SQLException {
// create users table
stmt.executeUpdate("create table users (id varchar(10) primary key, name varchar(30), password varchar(30), secret varchar(100), ispublic varchar(5), phone varchar(20), mail varchar(100))");
- // insert sample records
- stmt.executeUpdate("insert into users values ('0','Mark','password','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
- stmt.executeUpdate("insert into users values ('1','David','pas2w0rd','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
- stmt.executeUpdate("insert into users values ('2','Peter','pa33word','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
- stmt.executeUpdate("insert into users values ('3','James','pathwood','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
- stmt.executeUpdate("insert into users values ('4','Benjamin','password','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
- stmt.executeUpdate("insert into users values ('5','Eric','pas2w0rd','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
- stmt.executeUpdate("insert into users values ('6','Sharon','pa33word','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
- stmt.executeUpdate("insert into users values ('7','Pamela','pathwood','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
- stmt.executeUpdate("insert into users values ('8','Jacqueline','password','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
- stmt.executeUpdate("insert into users values ('9','Michelle','pas2w0rd','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
+ // insert private (invisible) user records
+ stmt.executeUpdate("insert into users values ('admin','admin','password','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
+ stmt.executeUpdate("insert into users values ('admin02','admin02','pas2w0rd','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
+ stmt.executeUpdate("insert into users values ('admin03','admin03','pa33word','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
+ stmt.executeUpdate("insert into users values ('admin04','admin04','pathwood','" + RandomStringUtils.randomNumeric(10) + "','false', '', '')");
+
+ // insert public (test) user records
+ stmt.executeUpdate("insert into users values ('user00','Mark','pastword','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user01','David','pa32w0rd','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user02','Peter','pa23word','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user03','James','patwired','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user04','Benjamin','password','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user05','Eric','pas2w0rd','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user06','Sharon','pa3world','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user07','Pamela','pathwood','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user08','Jacqueline','password','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
+ stmt.executeUpdate("insert into users values ('user09','Michelle','pas2w0rd','" + RandomStringUtils.randomNumeric(10) + "','true', '', '')");
}
}
diff --git a/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java b/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java
index ed492018..620599aa 100644
--- a/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java
+++ b/src/main/java/org/t246osslab/easybuggy/vulnerabilities/SQLInjectionServlet.java
@@ -71,7 +71,7 @@ private String selectUsers(String name, String password, HttpServletRequest req)
try {
conn = DBClient.getConnection();
stmt = conn.createStatement();
- rs = stmt.executeQuery("SELECT * FROM users WHERE name='" + name + "' AND password='" + password + "'");
+ rs = stmt.executeQuery("SELECT * FROM users WHERE ispublic = 'true' AND name='" + name + "' AND password='" + password + "'");
StringBuilder sb = new StringBuilder();
while (rs.next()) {
sb.append("| " + rs.getString("name") + " | " + rs.getString("secret") + " |
");
diff --git a/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java b/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java
index cbb23ccf..f62c38c8 100644
--- a/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java
+++ b/src/main/java/org/t246osslab/easybuggy/vulnerabilities/XEEandXXEServlet.java
@@ -67,11 +67,11 @@ protected void doGet(HttpServletRequest req, HttpServletResponse res) throws Ser
bodyHtml.append(ESAPI.encoder().encodeForHTML("") + "
");
bodyHtml.append(TAB);
bodyHtml.append(ESAPI.encoder().encodeForHTML(
- ""));
+ ""));
bodyHtml.append("
");
bodyHtml.append(TAB);
bodyHtml.append(ESAPI.encoder().encodeForHTML(
- ""));
+ ""));
bodyHtml.append("
");
bodyHtml.append(ESAPI.encoder().encodeForHTML(""));
bodyHtml.append("");