Merge branch 'adeyosemanputra:master' into master

Author: RupakBiswas-2304

.github/workflows/hadolint.yml

@@ -5,6 +5,7 @@
 # hadoint is a Dockerfile linter written in Haskell
 # that helps you build best practice Docker images.
 # More details at https://github.com/hadolint/hadolint
+# testing the pipeline
 
 name: Hadolint
 

.gitignore

@@ -4,6 +4,6 @@ env
 pygoat/db.sqlite3
 venv
 *.sqlite3
-*db.sqlite3
-*/app.log
-pygoat/app.log
+*db.sqlite3*
+app.log
+bin

PyGoatBot.py

@@ -0,0 +1,64 @@
+from chatterbot import ChatBot
+from chatterbot.logic import BestMatch
+from chatterbot.trainers import ListTrainer
+
+# Dataset generated by ChatGPT
+training_data = [
+    'What is OWASP PyGoat?',
+    'OWASP PyGoat is an intentionally vulnerable web application used for learning web security testing.',
+    'Why should I learn web security testing?',
+    'Learning web security testing can help you understand how to identify and prevent web application attacks.',
+    'What types of vulnerabilities can PyGoat help me learn about?',
+    'PyGoat can help you learn about various types of web application vulnerabilities, including injection attacks, cross-site scripting (XSS), and broken authentication and session management.',
+    'How can I use PyGoat to learn web security testing?',
+    'PyGoat includes a series of lessons and challenges designed to teach you about web security testing techniques and common vulnerabilities.',
+    'Is PyGoat suitable for beginners?',
+    'Yes, PyGoat is designed to be accessible to beginners and experienced professionals alike.',
+    'Where can I download PyGoat?',
+    'You can download PyGoat from the official GitHub repository at https://github.com/OWASP/PyGoat',
+    'Are there any resources available to help me get started with PyGoat?',
+    'Yes, the PyGoat documentation includes a Getting Started guide and a list of additional resources to help you learn about web security testing.',
+    'Can I contribute to PyGoat?',
+    'Yes, PyGoat is an open-source project and welcomes contributions from anyone interested in improving the application.',
+]
+
+chatbot = ChatBot(
+    "PyGoatBot",
+    storage_adapter="chatterbot.storage.SQLStorageAdapter",
+    database_uri="sqlite:///database.sqlite3",
+    logic_adapters=[
+        {
+            "import_path": "chatterbot.logic.BestMatch",
+            "default_response": "I'm sorry, I'm not sure",
+            "maximum_similarity_threshold": 0.80,
+        }
+    ],
+)
+
+trainer = ListTrainer(chatbot)
+trainer.train(training_data)
+
+print("Welcome to PyGoatBot! Type 'q' or 'exit' to quit.")
+while True:
+    try:
+        user_input = input("You: ")
+        if user_input.lower() == "exit" or user_input.lower() == "q":
+            break
+
+        print("Available questions:")
+        for i, question in enumerate(training_data[::2], start=1):
+            print(f"{i}. {question}")
+
+        while True:
+            try:
+                question_index = int(input("Enter a number to select a question: "))
+                break
+            except ValueError:
+                print("Please enter a valid number.")
+
+        question = training_data[(question_index - 1) * 2]
+        response = chatbot.get_response(question)
+        print(f"PyGoatBot: {response}")
+
+    except (KeyboardInterrupt, EOFError):
+        break

README.md

@@ -16,7 +16,7 @@ Table of Contents
       * [Docker Container](#docker-container)
       * [Installation Video](#installation-video)
    * [Uninstallation](#uninstallation)
-   * [Solutions](#solutions)
+   * [Solutions](/Solutions/solution.md)
    * [For Developers](/docs/dev_guide.md)
 
 ## Installation
@@ -36,26 +36,23 @@ First, Clone the repository using GitHub website or git in Terminal
 #### Method 1
 
 1. Install all app and python requirements using installer file - `bash installer.sh`
-2. Change directory to the the Django Project directory `cd pygoat`<br>
-3. Apply the migrations `python3 manage.py migrate`.<br>
-4. Finally, run the development server `python3 manage.py runserver`.<br>
-5. The project will be available at <http://127.0.0.1:8000> 
+2. Apply the migrations `python3 manage.py migrate`.<br>
+3. Finally, run the development server `python3 manage.py runserver`.<br>
+4. The project will be available at <http://127.0.0.1:8000> 
 
 #### Method 2
 
 1. Install python3 requirements `pip install -r requirements.txt`.<br> 
-2. Change directory to the the Django Project directory `cd pygoat`<br>
-3. Apply the migrations `python3 manage.py migrate`.<br>
-4. Finally, run the development server `python3 manage.py runserver`.<br>
-5. The project will be available at <http://127.0.0.1:8000> 
+2. Apply the migrations `python3 manage.py migrate`.<br>
+3. Finally, run the development server `python3 manage.py runserver`.<br>
+4. The project will be available at <http://127.0.0.1:8000> 
 
 #### Method 3
 
 1. Install all app and python requirements using `setup.py` file - `pip3 install .`
-2. Change directory to the the Django Project directory `cd pygoat`<br>
-3. Apply the migrations `python3 manage.py migrate`.<br>
-4. Finally, run the development server `python3 manage.py runserver`.<br>
-5. The project will be available at <http://127.0.0.1:8000> 
+2. Apply the migrations `python3 manage.py migrate`.<br>
+3. Finally, run the development server `python3 manage.py runserver`.<br>
+4. The project will be available at <http://127.0.0.1:8000> 
 
 ### Docker Container
 1. Install [Docker](https://www.docker.com)
@@ -70,17 +67,19 @@ First, Clone the repository using GitHub website or git in Terminal
 
 ### Build Docker Image and Run
 1. Clone the repository  &ensp; `git clone https://github.com/adeyosemanputra/pygoat.git` 
-2. Change the directory where Dockerfile exists  &ensp; `cd pygoat`
-3. Build the docker image from Dockerfile using &ensp; `docker build -f Dockerfile -t pygoat .`
-4. Run the docker image &ensp;`docker run --rm -p 8000:8000 pygoat:latest`
-5. Browse to <http://127.0.0.1:8000> or <http://0.0.0.0:8000> 
+2. Build the docker image from Dockerfile using &ensp; `docker build -f Dockerfile -t pygoat .`
+3. Run the docker image &ensp;`docker run --rm -p 8000:8000 pygoat:latest`
+4. Browse to <http://127.0.0.1:8000> or <http://0.0.0.0:8000> 
 
 ### Installation video 
 
 1. From Source using `installer.sh`
  - [Installing PyGoat from Source](https://www.youtube.com/watch?v=7bYBJXG3FRQ)
 2. Without using `installer.sh`
  - [![](http://img.youtube.com/vi/rfzQiMeiwso/0.jpg)](http://www.youtube.com/watch?v=rfzQiMeiwso "Installation Pygoat")
+3. Install with Mac M1 (using Virtualenv)
+ - [![](http://img.youtube.com/vi/rfzQiMeiwso/0.jpg)](https://youtu.be/a5UV7mUw580 "Install with Mac M1 - using Virtualenv")
+
 
 ## Uninstallation
 
@@ -99,7 +98,7 @@ $ python3 uninstaller.py
 ```
 
 ## Solutions 
-<a href="/pygoat/Solutions/solution.md">Solutions to all challenges</a>
+<a href="/Solutions/solution.md">Solutions to all challenges</a>
 
 ## Contributors ✨
 

Solutions/solution.md

@@ -21,7 +21,7 @@ On Successful injection
 ![image](https://user-images.githubusercontent.com/61360833/118371252-5986ea00-b5c9-11eb-9efb-6beedd558f56.png)
 
 
-### Command Injection
+### Command Injection Lab 1
 The user on accessing the lab is provided with a feature to perform a name server lookup on the given domain. The user has to give a domain name and the server would perform a ns lookup and return back to the client. If the user is running the lab, based on the OS he can select Windows or Linux.
 
 The user can cause the server to execute commands ,because of the lack of input validation.
@@ -38,6 +38,15 @@ This should give you the output for both`ns lookup` as well as for the `ifconfig
 
 ![cmd_inj_2](https://user-images.githubusercontent.com/70275323/154504361-4baa73cb-f73b-44a8-8769-0af2e7b53c24.png)
 
+### Command Injection Lab 2
+We are given an input form where we can calculate basic arithmetic expressions. Our task is to exploit this functionality and achieve code execution. 
+
+This lab is using `eval()` function in backend which is used to evaluate expression in python. If the expression is a legal python statement, then it will be executed. 
+
+If we submit the expression `1 + 1`, we get the output as `2`. Similarly, on submitting the expression `7 * 7`, we get the output as `49`.
+
+Now, if we submit `os.system("id")`, we get nothing in the output. But if we check the terminal, we will see that the command gets executed and the result is printed on the terminal screen. You can also verify this by submitting `os.system("sleep 30")`, and you will notice that the request completes after 30 seconds.
+
 ## A2:Broken Authentication
 
 The main aim of this lab is to login as admin, and to achieve this, exploit the lack of `rate limiting` feature in the otp verification flow. You can see that the otp is only of 3 digit(for demo purposes) and neither does the application have any captcha nor any restriction on number of tries for the otp.

app.log

@@ -815,3 +815,10 @@ INFO:django.utils.autoreload:/home/sankalpa/Desktop/gsoc/pygoat/introduction/vie
 INFO:django.utils.autoreload:/home/sankalpa/Desktop/gsoc/pygoat/introduction/views.py changed, reloading.
 INFO:django.utils.autoreload:/home/sankalpa/Desktop/gsoc/pygoat/introduction/views.py changed, reloading.
 INFO:django.utils.autoreload:/home/sankalpa/Desktop/gsoc/pygoat/introduction/views.py changed, reloading.
+WARNING:django.request:Not Found: /mitre/21f
+WARNING:django.request:Not Found: /favicon.ico
+INFO:django.utils.autoreload:/home/toxin/Project/gsoc/pygoat/pygoat/settings.py changed, reloading.
+WARNING:django.request:Not Found: /mitre/21f
+INFO:django.utils.autoreload:/home/toxin/Project/gsoc/pygoat/pygoat/settings.py changed, reloading.
+WARNING:django.request:Not Found: /mitre/21f
+WARNING:django.request:Not Found: /x