Overview

ropeytasks is a simple web application that is deliberately built with a number of included security vulnerabilities. These include:

Blind HQL injection
XSS
CSRF
Case insensitive passwords
No SSL
Lack of HttpOnly and secure flags on session cookies

Running

1. With grails

The recommended way to run this is to install www.grails.org version >= 2.0.3 so that you can see and modify the code.

2. Self-executing jar

The .jar is executable with: java -jar ropeytasks.jar

3. Deploy on servlet container

Drop the .war on a servlet container

Credentials

admin/password
bob/password
alice/password

Name		Name	Last commit message	Last commit date
Latest commit History 30 Commits
grails-app		grails-app
test/unit/net/continuumsecurity/ropeytasks		test/unit/net/continuumsecurity/ropeytasks
web-app		web-app
.gitignore		.gitignore
README.md		README.md
application.properties		application.properties
build.standalone.sh		build.standalone.sh
grailsw		grailsw
ropeytasks-grailsPlugins.iml		ropeytasks-grailsPlugins.iml
ropeytasks.jar		ropeytasks.jar

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

grails-app

grails-app

test/unit/net/continuumsecurity/ropeytasks

test/unit/net/continuumsecurity/ropeytasks

web-app

web-app

.gitignore

.gitignore

README.md

README.md

application.properties

application.properties

build.standalone.sh

build.standalone.sh

grailsw

grailsw

ropeytasks-grailsPlugins.iml

ropeytasks-grailsPlugins.iml

ropeytasks.jar

ropeytasks.jar

Repository files navigation

Overview

Running

1. With grails

2. Self-executing jar

3. Deploy on servlet container

Credentials

About

Releases

Packages

Languages

iriusrisk/RopeyTasks

Folders and files

Latest commit

History

Repository files navigation

Overview

Running

1. With grails

2. Self-executing jar

3. Deploy on servlet container

Credentials

About

Resources

Stars

Watchers

Forks

Languages