ajdumanhug · August 28, 2024 08:23
diff --git a/vulnerable.js b/vulnerable.js
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Vulnerable JavaScript Example</title>
    <script>
        const secret = "SuperSecret123";

        function login() {
            const username = document.getElementById('username').value;
            const password = document.getElementById('password').value;

            if (password === secret) {
                alert('Login successful!');
                redirectToHomePage();
            } else {
                alert('Invalid password.');
            }
        }

        function redirectToHomePage() {
            const redirectUrl = document.getElementById('redirectUrl').value;

            window.location.href = redirectUrl;
        }

        function searchDatabase() {
            const query = document.getElementById('searchQuery').value;

            // Simulating a SQL query (insecure implementation)
            const sqlQuery = `SELECT * FROM users WHERE name = '${query}'`;

            // Normally here you would send the query to a server
            // But we'll just log it for demonstration purposes
            console.log('Executing SQL Query:', sqlQuery);
        }
    </script>
 </head>
 <body>
    <h1>Vulnerable JavaScript Example</h1>
    <h2>Login</h2>
    <input type="text" id="username" placeholder="Username">
    <input type="password" id="password" placeholder="Password">
    <button onclick="login()">Login</button>

    <h2>Redirect</h2>
    <input type="text" id="redirectUrl" placeholder="Redirect URL">
    <button onclick="redirectToHomePage()">Go to URL</button>

    <h2>Database Search</h2>
    <input type="text" id="searchQuery" placeholder="Search Query">
    <button onclick="searchDatabase()">Search</button>
 </body>
 </html>
	<!DOCTYPE html>
	<html lang="en">
	<head>
	<meta charset="UTF-8">
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<title>Vulnerable JavaScript Example</title>
	<script>
	const secret = "SuperSecret123";

	function login() {
	const username = document.getElementById('username').value;
	const password = document.getElementById('password').value;

	if (password === secret) {
	alert('Login successful!');
	redirectToHomePage();
	} else {
	alert('Invalid password.');
	}
	}

	function redirectToHomePage() {
	const redirectUrl = document.getElementById('redirectUrl').value;

	window.location.href = redirectUrl;
	}

	function searchDatabase() {
	const query = document.getElementById('searchQuery').value;

	// Simulating a SQL query (insecure implementation)
	const sqlQuery = `SELECT * FROM users WHERE name = '${query}'`;

	// Normally here you would send the query to a server
	// But we'll just log it for demonstration purposes
	console.log('Executing SQL Query:', sqlQuery);
	}
	</script>
	</head>
	<body>
	<h1>Vulnerable JavaScript Example</h1>
	<h2>Login</h2>
	<input type="text" id="username" placeholder="Username">
	<input type="password" id="password" placeholder="Password">
	<button onclick="login()">Login</button>

	<h2>Redirect</h2>
	<input type="text" id="redirectUrl" placeholder="Redirect URL">
	<button onclick="redirectToHomePage()">Go to URL</button>

	<h2>Database Search</h2>
	<input type="text" id="searchQuery" placeholder="Search Query">
	<button onclick="searchDatabase()">Search</button>
	</body>
	</html>