API-Hacking-3

Dockerfile

@@ -17,6 +17,7 @@ RUN apt-get install -y \
 	php-cgi \
 	php-cli \
 	php-common \
+	php-gd 	\
 	php-curl \
 	php-dev \
 	php-json \

README.md

@@ -30,6 +30,7 @@
 * Broken Authentication
 * Race Condition
 * Server Side Template Injection (SSTI)
+* API Hacking
 
 <!-- Installation -->
 ## Installation

app/lab/api-hacking/API-HACKING2/allcontent.php

@@ -0,0 +1,36 @@
+<?php
+require("../../../lang/lang.php");
+$strings = tr();
+
+require_once "dbconnect.php";
+
+$sql = "SELECT id, content FROM contents";
+$stmt = $pdo->query($sql);
+$contents = $stmt->fetchAll(PDO::FETCH_ASSOC);
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <title>API HACKING</title>
+    <!-- Add Bootstrap CSS -->
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
+</head>
+<body>
+    <div class="container">
+        <h2><?php echo $strings['allcontent']; ?></h2>
+        <div class="row">
+            <?php foreach($contents as $content) : ?>
+            <div class="col-md-4">
+                <div class="card content-card">
+                    <div class="card-body">
+                        <p class="card-text"><?= substr($content['content'], 0, 100); ?>...</p>
+                        <a href="viewcontent.php?id=<?= $content['id']; ?>" class="btn btn-primary"><?php echo $strings['view']; ?></a>
+                    </div>
+                </div>
+            </div>
+            <?php endforeach; ?>
+        </div>
+    </div>
+</body>
+<script id="VLBar" title="<?= $strings['title'] ?>" category-id="13" src="/public/assets/js/vlnav.min.js"></script>
+</html>

app/lab/api-hacking/API-HACKING2/api.php

@@ -0,0 +1,27 @@
+<?php
+session_start();
+if(!isset($_SESSION['user_id'])) {
+    http_response_code(401);
+    echo "Yetkisiz erişim!";
+    exit;
+}
+
+if($_SERVER["REQUEST_METHOD"] == "POST") {
+    require_once "dbconnect.php";
+
+    $content_id = $_POST['content_id'];
+    $new_content = $_POST['new_content'];
+
+    $sql = "UPDATE contents SET content = :new_content WHERE id = :content_id";
+    $stmt = $pdo->prepare($sql);
+    $stmt->bindParam(':new_content', $new_content, PDO::PARAM_STR);
+    $stmt->bindParam(':content_id', $content_id, PDO::PARAM_INT);
+    $Stmt->bindParam(':userid', $_SESSION['user_id'], PDO::PARAM_INT);
+    $stmt->execute();
+
+    echo "Makale başarıyla güncellendi!";
+} else {
+    http_response_code(405);
+    echo "Geçersiz metod!";
+}
+?>

app/lab/api-hacking/API-HACKING2/content.php

@@ -0,0 +1,63 @@
+<?php
+require("../../../lang/lang.php");
+$strings = tr();
+
+session_start();
+if(!isset($_SESSION['user_id'])) {
+    header("Location: index.php");
+    exit;
+}
+
+require_once "dbconnect.php";
+
+$user_id = $_SESSION['user_id'];
+$sql = "SELECT id, content FROM contents WHERE userid = :userid";
+$stmt = $pdo->prepare($sql);
+$stmt->bindParam(':userid', $user_id, PDO::PARAM_INT);
+$stmt->execute();
+$contents = $stmt->fetchAll(PDO::FETCH_ASSOC);
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <title>API HACKING</title>
+    <!-- Add Bootstrap CSS -->
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
+    <style>
+        /* Optional: Add custom CSS for styling */
+        .content-card {
+            margin-bottom: 20px;
+        }
+        .btn-primary a,
+.btn-danger a {
+    color: white;
+}
+    </style>
+</head>
+<body>
+    <div class="container">
+    <button class="btn btn-danger"><a href="logout.php"><?php echo $strings['logout']; ?></a></button>
+<button class="btn btn-primary"><a href="allcontent.php"><?php echo $strings['allcontent']; ?></a></button>
+
+        <h2><?php echo $strings['articles']; ?></h2>
+        <div class="row">
+            <?php foreach($contents as $content) : ?>
+            <div class="col-md-4">
+                <div class="card content-card">
+                    <div class="card-body">
+                        <p class="card-text"><?= $content['content']; ?></p>
+                        <a href="edit-content.php?id=<?= $content['id']; ?>" class="btn btn-primary"><?php echo $strings['edit'] ?></a>
+                    </div>
+                </div>
+            </div>
+            <?php endforeach; ?>
+        </div>
+    </div>
+
+    <!-- Add Bootstrap JS (optional, only if you need Bootstrap JS features) -->
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
+    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
+</body>
+<script id="VLBar" title="<?= $strings['title'] ?>" category-id="13" src="/public/assets/js/vlnav.min.js"></script>
+</html>

app/lab/api-hacking/API-HACKING2/dbconnect.php

@@ -0,0 +1,5 @@
+<?php
+$database_file = 'api.db';
+$pdo = new PDO("sqlite:" . $database_file);
+$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+?>

app/lab/api-hacking/API-HACKING2/edit-content.php

@@ -0,0 +1,68 @@
+<?php
+require("../../../lang/lang.php");
+$strings = tr();
+
+session_start();
+if(!isset($_SESSION['user_id'])) {
+    header("Location: index.php");
+    exit;
+}
+
+require_once "dbconnect.php";
+
+if($_SERVER["REQUEST_METHOD"] == "POST") {
+    $content_id = $_POST['content_id'];
+    $content = $_POST['content'];
+
+    $sql = "UPDATE contents SET content = :content WHERE id = :content_id";
+    $stmt = $pdo->prepare($sql);
+    $stmt->bindParam(':content', $content, PDO::PARAM_STR);
+    $stmt->bindParam(':content_id', $content_id, PDO::PARAM_INT);
+    $stmt->execute();
+
+    header("Location: content.php");
+    exit;
+}
+
+$content_id = $_GET['id'];
+$user_id = $_SESSION['user_id'];
+$sql = "SELECT content FROM contents WHERE id = :content_id AND userid = :userid";
+$stmt = $pdo->prepare($sql);
+$stmt->bindParam(':content_id', $content_id, PDO::PARAM_INT);
+$stmt->bindParam(':userid', $user_id, PDO::PARAM_INT);
+$stmt->execute();
+$content = $stmt->fetch(PDO::FETCH_ASSOC);
+
+if(!$content) {
+    echo $strings['contentnotfound'];
+    exit;
+}
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <title>API HACKING</title>
+    <!-- Add Bootstrap CSS -->
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
+</head>
+<body>
+    <div class="container">
+        <h2><?php echo $strings['editarticle']; ?></h2>
+        <form method="post" action="">
+            <input type="hidden" name="content_id" value="<?= $content_id; ?>">
+            <div class="form-group">
+                <label for="content"><?php echo $strings['content']; ?>:</label>
+                <textarea class="form-control" id="content" name="content" rows="5"><?= $content['content']; ?></textarea>
+            </div>
+            <button type="submit" class="btn btn-primary"><?php echo $strings['save'] ?></button>
+        </form>
+    </div>
+
+    <!-- Add Bootstrap JS (optional, only if you need Bootstrap JS features) -->
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
+    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
+    <script id="VLBar" title="<?= $strings['title'] ?>" category-id="13" src="/public/assets/js/vlnav.min.js"></script>
+</body>
+</html>
+

app/lab/api-hacking/API-HACKING2/en.ini

@@ -0,0 +1,18 @@
+title = "API Hacking"
+username = "Username"
+password = "Password"
+login = "Login"
+loginerror = "Invalid username or password!"
+edit = "Edit"
+logout = "Log Out"
+articles = "Articles"
+contentnotfound = "You do not have access to this article!" 
+editarticle = "Edit the article" 
+save = "Save"
+content = "Content"
+allcontent = "All Articles"
+view = "View"
+article = "Article"
+notfound = "Content not found!"
+missid = "Content ID is missing!"
+author = "Author: "

app/lab/api-hacking/API-HACKING2/fr.ini

@@ -0,0 +1,18 @@
+title = "API Hacking"
+username = "Nom d'utilisateur"
+password = "Mot de passe"
+login = "Connexion"
+loginerror = "Nom d'utilisateur ou mot de passe incorrect!"
+edit = "Modifier"
+logout =  "Déconnexion"
+articles = "Articles"
+contentnotfound = "Vous n'avez pas accès à cet article!"
+editarticle = "Modifier l'article"
+save = "Enregistrer"
+content = "Contenu" 
+allcontent = "Tous les articles"
+view = "Voir"
+article = "Article"
+notfound = "Contenu introuvable!"
+missid = "L'ID de contenu est manquant!"
+author = "Auteure: "

app/lab/api-hacking/API-HACKING2/index.php

@@ -0,0 +1,103 @@
+<?php
+require("../../../lang/lang.php");
+$strings = tr();
+
+session_start();
+if(isset($_SESSION['user_id'])) {
+    header("Location: content.php");
+    exit;
+}
+
+if($_SERVER["REQUEST_METHOD"] == "POST") {
+    require_once "dbconnect.php";
+
+    $username = $_POST['username'];
+    $password = $_POST['password'];
+
+    $sql = "SELECT id, username, password FROM users WHERE username = :username AND password = :password";
+    $stmt = $pdo->prepare($sql);
+    $stmt->bindParam(':username', $username, PDO::PARAM_STR);
+    $stmt->bindParam(':password', $password, PDO::PARAM_STR);
+    $stmt->execute();
+    $user = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if($user) {
+        $_SESSION['user_id'] = $user['id'];
+        header("Location: content.php");
+        exit;
+    } else {
+        $error = $strings['loginerror'];
+    }
+}
+
+
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <title>API HACKING</title>
+    <!-- Bootstrap CSS -->
+    <link href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet">
+    <style>
+        /* Stil düzenlemeleri */
+        .container {
+            margin-top: 50px; /* Formun sayfanın ortasında olması için boşluk bırak */
+        }
+        .card {
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+            padding: 20px;
+        }
+        .card-body {
+            width: 100%;
+        }
+        .btn-primary {
+            margin-top: 20px;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div class="row justify-content-center">
+            <div class="col-md-6">
+                <div class="card">
+                    <div class="card-body">
+                        <h2 class="card-title text-center">Login</h2>
+                        <form method="post" action="">
+                            <div class="form-group">
+                                <label for="username"><?php echo $strings['username'];?>:</label>
+                                <input type="text" class="form-control" id="username" name="username" required>
+                            </div>
+                            <div class="form-group">
+                                <label for="password"><?php echo $strings['password'];?>:</label>
+                                <input type="password" class="form-control" id="password" name="password" required>
+                            </div>
+                            <div class="form-group text-center">
+                                <h3><?php echo $strings['username'];?>: user1</h3>
+                                <h3><?php echo $strings['password'];?>: password1</h3>
+                            </div>
+                            <button type="submit" class="btn btn-primary"><?php echo $strings['login'];?></button>
+                        </form>
+                        <?php if(isset($error)) { echo '<div class="alert alert-danger mt-3" role="alert">' . $error . '</div>'; } ?>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- Bootstrap JS ve jQuery -->
+    <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
+    <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.5.4/dist/umd/popper.min.js"></script>
+    <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
+    <script id="VLBar" title="<?= $strings['title'] ?>" category-id="13" src="/public/assets/js/vlnav.min.js"></script>
+</body>
+</html>
+
+
+
+
+
+
+

app/lab/api-hacking/API-HACKING2/logout.php

@@ -0,0 +1,6 @@
+<?php 
+session_start();
+session_destroy();
+header("Location: index.php");
+exit;
+?>

app/lab/api-hacking/API-HACKING2/tr.ini

@@ -0,0 +1,18 @@
+title = "API Saldırısı"
+username = "Kullanıcı Adı"
+password = "Şifre"
+login = "Giriş Yap"
+loginerror = "Kullanıcı adı veya şifre hatalı!"
+edit = "Düzenle"
+logout = "Çıkış Yap"
+articles = "Makaleler"
+contentnotfound = "Bu makaleye erişim izniniz yok!"
+editarticle = "Makaleyi Düzenle"
+save = "Kaydet"
+content = "İçerik"
+allcontent = "Tüm Makaleler"
+view = "Görüntüle"
+article = "Makale"
+notfound = "İçerik bulunamadı."
+missid = "ID bulunamadı."
+author = "Yazar: "