2.11.24 Update web service documentation

src/ajax/lookup-pen-test-tool.php

@@ -36,7 +36,7 @@
 	try {
     	switch ($_SESSION["security-level"]){
     		case "0": // This code is insecure.
-    			$lUseServerSideValidation = FALSE;
+    			$lUseServerSideValidation = false;
    				$lEncodeOutput = false;
 				$lTokenizeAllowedMarkup = false;
 				$lProtectAgainstSQLInjection = false;
@@ -45,7 +45,7 @@
 				break;
 
     		case "1": // This code is insecure.
-    			$lUseServerSideValidation = FALSE;
+    			$lUseServerSideValidation = false;
 				$lEncodeOutput = false;
 				$lTokenizeAllowedMarkup = false;
 				$lProtectAgainstSQLInjection = false;
@@ -57,7 +57,7 @@
 	   		case "3":
 	   		case "4":
     		case "5": // This code is fairly secure
-    			$lUseServerSideValidation = TRUE;
+    			$lUseServerSideValidation = true;
     			$lProtectAgainstMethodTampering = true;
 	  			/*
 	  			 * NOTE: Input validation is excellent but not enough. The output must be

src/authorization-required.php

@@ -3,7 +3,7 @@
 		$LogHandler->writeToLog("User attempted to access forbidden page.");	
 	} catch (Exception $e) {
 		echo $CustomErrorHandler->FormatError($e, "Error writing to log");
-	}// end try	
+	}// end try
 ?>
 
 <div class="page-title">Authorization Required</div>

src/browser-info.php

@@ -2,9 +2,10 @@
 
 	try{
 		switch ($_SESSION["security-level"]){
+			default: // This code is insecure
 	   		case "0": // This code is insecure
 	   		case "1": // This code is insecure
-	   			// DO NOTHING: This is insecure		
+	   			// DO NOTHING: This is insecure
 				$lEncodeOutput = false;
 				$luseSafeJavaScript = "false";
 			break;
@@ -35,9 +36,9 @@
 				$lEncodeOutput = true;
 				$luseSafeJavaScript = "true";
 	   		break;
-	   	}// end switch		
+	   	}// end switch
 
-		require_once (__SITE_ROOT__.'/classes/ClientInformationHandler.php');
+		require_once __SITE_ROOT__.'/classes/ClientInformationHandler.php';
 		$lClientInformationHandler = new ClientInformationHandler();
 
 		if ($lEncodeOutput){
@@ -80,7 +81,7 @@
     <tr><th class="report-label">Remote Client Port</th><td class="report-data"><?php echo $lClientPort; ?></td></tr>
     <tr><th class="report-label">WhoIs info for client IP</th><td class="report-data"><pre><?php echo $lWhoIsInformation; ?></pre></td></tr>
 	<?php 
-	if ($lEncodeOutput){	
+	if ($lEncodeOutput){
 		foreach ($_COOKIE as $key => $value){
 	    	echo '<tr><th class="report-label">Cookie '.$Encoder->encodeForHTML($key).'</th><td class="report-data">'.$Encoder->encodeForHTML($value).'</pre></td></tr>';
 		}// end foreach
@@ -89,7 +90,7 @@
 	    	echo '<tr><th class="report-label" class="non-wrapping-label">Cookie '.$key.'</th><td class="report-data">'.$value.'</pre></td></tr>';
 		}// end foreach
 	}// end if
-	?>    
+	?>
 </table>
 <div>&nbsp;</div><div>&nbsp;</div>
 <table style="width:75%;" class="results-table">

src/cache-control.php

@@ -47,7 +47,7 @@
 			Nirsoft <span class="label">IE CacheView</span> also useful
 			<br/><br/>
 			<span class="report-header">Reporting</span>
-			<br/><br/>	
+			<br/><br/>
 			RFC-7234 from the Internet Engineering Task Force (IETF) specifies caching controls.
 			HTTP headers are used to specify caching directives (Section 5.2.1).
 			"Cache-Control" is standard for HTTP/1.1.

src/capture-data.php

@@ -10,7 +10,7 @@
 
 <div>
 	<a href="./index.php?page=captured-data.php" style="text-decoration: none;">
-	<img style="vertical-align: middle;" src="./images/cage-48-48.png" />
+	<img style="vertical-align: middle;" src="./images/cage-48-48.png" alt="Captured Data Icon" />
 	<span style="font-weight:bold; cursor: pointer;">View Captured Data</span>
 	</a>
 </div>

src/captured-data.php

@@ -6,11 +6,12 @@
 	 */
 
 	switch ($_SESSION["security-level"]){
+		default: // This code is insecure
    		case "0": // This code is insecure
    		case "1": // This code is insecure
-   			// DO NOTHING: This is insecure		
+   			// DO NOTHING: This is insecure
 			$lEncodeOutput = false;
-			$lLimitOutput= FALSE;
+			$lLimitOutput= false;
 		break;
 
    		case "2":
@@ -42,9 +43,9 @@
 			 *  Amplifications attacks are also done by sending single IP packets to networks 
 			 *  which will broadcast the packet thus ampliphying the packet many times.
 			 */
-			$lLimitOutput= TRUE;
+			$lLimitOutput= true;
    		break;
-   	}// end switch		
+   	}// end switch
 
    	if(isset($_GET["deleteLogs"])){
 		try{
@@ -86,17 +87,17 @@
 	</tr>
 </table>
 <span title="Click to refresh captured data log" onclick="document.location.reload(true);" style="cursor: pointer;margin-right:35px;font-weight: bold;">
-	<img width="32px" height="32px" src="./images/refresh-button-48px-by-48px.png" style="vertical-align:middle;" />
+	<img width="32px" height="32px" src="./images/refresh-button-48px-by-48px.png" style="vertical-align:middle;" alt="Refresh" />
 	Refresh
 </span>
 <span 	title="Click to delete captured data log. This deletes the database table only. The text file is not affected." 
 		onclick="DeleteCapturedData();" 
 		style="margin-right:35px;cursor: pointer;font-weight: bold;">
-	<img width="32px" height="32px" src="./images/delete-icon-48-48.png" style="vertical-align:middle;" />
+	<img width="32px" height="32px" src="./images/delete-icon-48-48.png" style="vertical-align:middle;" alt="Delete" />
 	Delete Capured Data
 </span>
 <span title="Click to visit capture data page. Your data will be captured." onclick="document.location='./index.php?page=capture-data.php';" style="cursor: pointer;font-weight: bold;">
-	<img width="32px" height="32px" src="./images/spider-in-web-48-48.png" style="vertical-align:middle;" />
+	<img width="32px" height="32px" src="./images/spider-in-web-48-48.png" style="vertical-align:middle;" alt="Capture Data" />
 	Capture Data
 </span>
 <br/>
@@ -113,7 +114,7 @@
 			    <td>Client IP Address</td>
 			    <td>Client Port</td>
     			<td>User Agent</td>
-    			<td>Referrer</td>			    
+    			<td>Referrer</td>
 			    <td>Data</td>
 			    <td>Date/Time</td>
 		    </tr>';
@@ -131,7 +132,7 @@
 				$lClientIPAddress = $row->ip_address;
 				$lClientPort = $row->port;
 				$lClientUserAgentString = $row->user_agent_string;
-				$lClientReferrer = $row->referrer;				
+				$lClientReferrer = $row->referrer;
 				$lData = $row->data;
 				$lCaptureDate = $row->capture_date;
 			}else{

src/client-side-control-challenge.php

@@ -52,11 +52,11 @@ public function __construct (){
 		}//end constructor
 
 		public function EnableOutputEncoding(){
-			$this->mEncodeOutput = TRUE;
+			$this->mEncodeOutput = true;
 		}// end try
 
 		public function DisableOutputEncoding(){
-			$this->mEncodeOutput = FALSE;
+			$this->mEncodeOutput = false;
 		}// end try
 
 		public function addFieldHelper(/*ClientField*/ $pClientField){
@@ -250,7 +250,7 @@ public function prettyPrintFields(){
 	   	$lRandomFlag = $_SESSION['cscc-random-flag'];
 
 	} catch(Exception $e){
-		$lSubmitButtonClicked = FALSE;
+		$lSubmitButtonClicked = false;
 		echo $CustomErrorHandler->FormatError($e, "Error creating client-side challenge");
 	}// end try
 ?>

src/conference-room-lookup.php

@@ -24,21 +24,21 @@ function encodeForLDAP(/*string*/ $pString) {
 				$lEnableJavaScriptValidation = false;
 				$lEnableHTMLControls = false;
 				$lProtectAgainstMethodTampering = false;
-				$lProtectAgainstLDAPInjection=FALSE;
+				$lProtectAgainstLDAPInjection=false;
     		break;
 
     		case "1": // This code is insecure. No input validation is performed.
 				$lEnableJavaScriptValidation = true;
 				$lEnableHTMLControls = true;
 				$lProtectAgainstMethodTampering = false;
-				$lProtectAgainstLDAPInjection=FALSE;
+				$lProtectAgainstLDAPInjection=false;
     		break;
 
 	   		case "2":
 	   		case "3":
 	   		case "4":
     		case "5": // This code is fairly secure
-    			$lProtectAgainstLDAPInjection=TRUE;
+    			$lProtectAgainstLDAPInjection=true;
 				$lEnableHTMLControls = true;
     			$lEnableJavaScriptValidation = true;
    				$lProtectAgainstMethodTampering = true;

src/content-security-policy.php

@@ -6,15 +6,16 @@
 
 try {
     switch ($_SESSION["security-level"]){
-        case "0": // This code is insecure. No input validation is performed.
+        default: // This code is insecure. 
+        case "0": // This code is insecure. 
             $lEnableJavaScriptValidation = false;
             $lEnableHTMLControls = false;
             $lProtectAgainstMethodTampering = false;
             $lProtectAgainstCommandInjection=false;
             $lProtectAgainstXSS = false;
             break;
 
-        case "1": // This code is insecure. No input validation is performed.
+        case "1": // This code is insecure. 
             $lEnableJavaScriptValidation = true;
             $lEnableHTMLControls = true;
             $lProtectAgainstMethodTampering = false;
@@ -64,12 +65,12 @@
 <?php include_once __SITE_ROOT__.'/includes/hints/hints-menu-wrapper.inc'; ?>
 
 <a href="index.php?page=echo.php">
-    <img src="images/malware-icon-75-75.png" />
+    <img src="images/malware-icon-75-75.png" alt="Malware Icon" />
     <span class="label">Switch to Cross-Site Scripting (XSS)</span>
 </a>
 <span class="buffer"></span>
 <a href="index.php?page=cors.php">
-    <img src="images/cors-icon-75-75.png" />
+    <img src="images/cors-icon-75-75.png" alt="CORS Icon" />
     <span class="label">Switch to Cross-Origin Resource Sharing (CORS)</span>
 </a>
 

src/credits.php

@@ -1,5 +1,6 @@
 <?php 
    	switch ($_SESSION["security-level"]){
+		default: // This code is insecure
    		case "0": // This code is insecure
    		case "1": // This code is insecure
    			/* This code is insecure. Direct object references in the form of the "forwardurl"

src/database-offline.php

@@ -129,7 +129,7 @@
 ?>
 
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
+<html lang="en" xml:lang="en">
 <head>
 	<link rel="stylesheet" type="text/css" href="./styles/global-styles.css" />
 	<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

src/framer.html

@@ -1,5 +1,5 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
+<html lang="en" xml:lang="en">
 <head>
 	<link rel="stylesheet" type="text/css" href="./styles/global-styles.css" />
 	<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -26,7 +26,7 @@
 		<tr>
 			<td>
 				<div style="text-align: center;">
-					<img src="images/back-button-64-64.png" style="vertical-align: middle;" />
+					<img src="images/back-button-64-64.png" style="vertical-align: middle;" alt="Back Button" />
 					&nbsp;&nbsp;
 					<a href="index.php" style="text-decoration: none; font-weight: bold; font-size: 18pt;">Return to Mutillidae</a>
 				</div>

src/framing.php

@@ -25,7 +25,7 @@
 <div id="id-hover-div" class="click-jacking-button"
 onclick="window.alert('This page has been hijacked by the Mutillidae development team.');document.location.href='https://github.com/webpwnized/mutillidae';"
 >
-Giant Invisible Click-Jacking Button 
+Giant Invisible Click-Jacking Button
 </div>
 
 <script>

src/hints-page-wrapper.php

@@ -59,7 +59,7 @@
 ?>
 
 <!DOCTYPE html>
-<html>
+<html lang="en" xml:lang="en">
 	<head>
 		<link rel="stylesheet" type="text/css" href="./styles/global-styles.css" />
 		<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

src/home.php

@@ -19,7 +19,7 @@
 <div style=" width: 750px; overflow: hidden;">
 <?php include_once __SITE_ROOT__.'/includes/hints/hints-menu-wrapper.inc'; ?>
 <span style="float: right">
-	<img src="images/arrow-45-degree-left-up.png" style="margin-right: 5px" />
+	<img src="images/arrow-45-degree-left-up.png" style="margin-right: 5px" alt="Arrow pointing left up" />
 	<span class="label" style="float: right;">TIP:&nbsp;
 	<span style="float: right; text-align: center;">Click 
 	<span style="color: blue;font-style: italic;">Hint and Videos</span><br/>on each page</span></span>
@@ -30,7 +30,7 @@
  	<tr>
 	    <td>
 			<a title="Usage Instructions" href="./index.php?page=documentation/usage-instructions.php">
-				<img alt="What Should I Do?" align="middle" src="./images/question-mark-40-61.png" />
+				<img alt="What Should I Do?" style="vertical-align: middle;" src="./images/question-mark-40-61.png" />
 				What Should I Do?
 			</a>
 		</td>

src/html5-storage.php

@@ -2,26 +2,26 @@
 	$lHTMLControlInput = 'minlength="1" maxlength="20" required="required"';
 	$lHTMLControlRadio = 'required="required"';
 
-	try {	    	
+	try {
     	switch ($_SESSION["security-level"]){
 			default: // Default case: This code is insecure.
     		case "0": // This code is insecure.
-    			$lUseClientSideStorageForSensitiveData = TRUE;
-    			$lUseJavaScriptValidation = FALSE;
+    			$lUseClientSideStorageForSensitiveData = true;
+    			$lUseJavaScriptValidation = false;
 				$lEnableHTMLControls = false;
     		break;
     		case "1": // This code is insecure.
-    			$lUseClientSideStorageForSensitiveData = TRUE;
-    			$lUseJavaScriptValidation = TRUE;
+    			$lUseClientSideStorageForSensitiveData = true;
+    			$lUseJavaScriptValidation = true;
 				$lEnableHTMLControls = true;
     		break;
 
 	   		case "2":
 	   		case "3":
 	   		case "4":
     		case "5": // This code is fairly secure
-    			$lUseClientSideStorageForSensitiveData = FALSE;
-    			$lUseJavaScriptValidation = TRUE;
+    			$lUseClientSideStorageForSensitiveData = false;
+    			$lUseJavaScriptValidation = true;
 				$lEnableHTMLControls = true;
     		break;
     	}// end switch