content-pages.html

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]-->
<!--[if IE 7]>    <html class="no-js lt-ie9 lt-ie8" lang="en"> <![endif]-->
<!--[if IE 8]>    <html class="no-js lt-ie9" lang="en"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en"> <!--<![endif]-->
<head>
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width" />
  <title>OWASP Bricks Content pages</title>  
  <!-- Included CSS Files (Uncompressed) -->
  <!--
  <link rel="stylesheet" href="stylesheets/foundation.css">
  -->  
  <!-- Included CSS Files (Compressed) -->
  <link rel="stylesheet" href="stylesheets/foundation.min.css">
  <link rel="stylesheet" href="stylesheets/app.css">
  <link rel="icon" href="favicon.ico" type="image/x-icon">
  <script src="javascripts/modernizr.foundation.js"></script>
  <!-- IE Fix for HTML5 Tags -->
  <!--[if lt IE 9]>
    <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
  <![endif]-->
<link href='http://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'></head>
<body>
  <!-- Header and Nav -->

  <div class="row">
    <div class="three columns">
      <h1><a href="index.php"><img src="images/bricks.jpg" /></a></h1>
    </div>
    <div class="nine columns">
      <ul class="nav-bar right">
        <li><a href="index.php">Home</a></li>
		<li class="has-flyout">
			<a href="bricks.html">Bricks</a>
			<a href="bricks.html" class="flyout-toggle"><span> </span></a>
			<ul class="flyout">
			<li><a href="login-pages.html">Login pages</a></li>
			<li><a href="file-upload-pages.html">File Upload pages</a></li>
			<li><a href="content-pages.html">Content pages</a></li>
			</ul>
		</li>
        <li><a href="config/">Setup</a></li>
        <li><a href="about.html">About</a></li>
      </ul>
    </div>
  </div>

  <!-- End Header and Nav -->
  <div class="row"> 
  <div class="twelve columns">
  <h4>Content pages</h4>
  <p>Content pages displays contents based on user inputs. In some cases they have their own security mechanisms too. Your mission is to break in, inject you code, execute it and gain access.<br/>
  </p>
 <a href="content-1/"><div class="three columns"><img class="hide-for-small" src="images/content.jpg"/>
      <div class="panel">
        <h5>Content #1</h5>
        Integer input in URL.
      </div>
    </div>
    </a>
 <a href="content-2/"><div class="three columns"><img class="hide-for-small" src="images/content.jpg"/>
      <div class="panel">
        <h5>Content #2</h5>
		String input in URL.
      </div>
    </div>
    </a>
 <a href="content-3/"><div class="three columns"><img class="hide-for-small" src="images/content.jpg"/>
      <div class="panel">
        <h5>Content #3</h5>
		Dropdown box.
      </div>
    </div>
    </a>
 <a href="content-4/"><div class="three columns"><img class="hide-for-small" src="images/content.jpg"/>
      <div class="panel">
        <h5>Content #4</h5>
		Browser verification.
      </div>
    </div>
    </a>
 <a href="content-5/"><div class="three columns"><img class="hide-for-small" src="images/content.jpg"/>
      <div class="panel">
        <h5>Content #5</h5>
		Cookies.
      </div>
    </div>
    </a>
 <a href="content-6/"><div class="three columns"><img class="hide-for-small" src="images/content.jpg"/>
      <div class="panel">
        <h5>Content #6</h5>
		Base64.
      </div>
    </div>
    </a>
	</div>
  
  <!-- Footer -->

  <footer class="row">
    <div class="twelve columns">
      <hr />
      <div class="row">
        <div class="six columns">
          <p><a href="http://sechow.com/bricks/" target="_blank">OWASP Bricks</p>
        </div>
        <div class="right">
           <a href="http://www.facebook.com/OWASPBricks" target="_blank"><img src="images/Facebook.png"/></a>&nbsp;<a href="https://twitter.com/OWASPBricks" target="_blank"><img src="images/Twitter.png"/></a>&nbsp;<a href="https://sourceforge.net/p/owaspbricks/" target="_blank"><img src="images/Sourceforge.png"/></a>&nbsp;<a href="https://www.owasp.org/index.php/OWASP_Bricks" target="_blank"><img src="images/owasp.png"/></a>&nbsp;<a href="http://gplus.to/OWASPBricks" target="_blank"><img src="images/Google+.png"/></a>&nbsp;<a href="https://www.youtube.com/OWASPBricks" target="_blank"><img src="images/YouTube.png"/></a>&nbsp;<a href="http://owaspbricks.blogspot.com/" target="_blank"><img src="images/Blogger.png"/></a>
		</div>
      </div>
    </div>
  </footer>
  
	
	
	
  </div>

  
  
  <!-- Included JS Files (Uncompressed) -->
  <!--
  
  <script src="javascripts/jquery.js"></script>
  
  <script src="javascripts/jquery.foundation.mediaQueryToggle.js"></script>
  
  <script src="javascripts/jquery.foundation.forms.js"></script>
  
  <script src="javascripts/jquery.foundation.reveal.js"></script>
  
  <script src="javascripts/jquery.foundation.orbit.js"></script>
  
  <script src="javascripts/jquery.foundation.navigation.js"></script>
  
  <script src="javascripts/jquery.foundation.buttons.js"></script>
  
  <script src="javascripts/jquery.foundation.tabs.js"></script>
  
  <script src="javascripts/jquery.foundation.tooltips.js"></script>
  
  <script src="javascripts/jquery.foundation.accordion.js"></script>
  
  <script src="javascripts/jquery.placeholder.js"></script>
  
  <script src="javascripts/jquery.foundation.alerts.js"></script>
  
  <script src="javascripts/jquery.foundation.topbar.js"></script>
  
  <script src="javascripts/jquery.foundation.joyride.js"></script>
  
  <script src="javascripts/jquery.foundation.clearing.js"></script>
  
  <script src="javascripts/jquery.foundation.magellan.js"></script>
  
  -->
  
  <!-- Included JS Files (Compressed) -->
  <script src="javascripts/jquery.js"></script>
  <script src="javascripts/foundation.min.js"></script>
  
  <!-- Initialize JS Plugins -->
  <script src="javascripts/app.js"></script>
  
</body>
</html>