Skip to content
This repository has been archived by the owner on Jan 22, 2022. It is now read-only.

Commit

Permalink
Encrypted SharedPreferences implemented
Browse files Browse the repository at this point in the history
  • Loading branch information
@B3nac
B3nac committed Jun 14, 2020
1 parent 54355fd commit 6f30ff6
Show file tree
Hide file tree
Showing 7 changed files with 79 additions and 95 deletions.
7 changes: 3 additions & 4 deletions InjuredAndroid/app/src/main/java/b3nac/injuredandroid/DeepLinkActivity.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,11 +69,10 @@ class DeepLinkActivity : AppCompatActivity() {
childRef.addListenerForSingleValueEvent(object : ValueEventListener {
override fun onDataChange(dataSnapshot: DataSnapshot) {
val value = dataSnapshot.value as String?
val settings = getSharedPreferences("b3nac.injuredandroid", Context.MODE_PRIVATE)

if (post == value) {
FlagsOverview.flagElevenButtonColor = true
val editor: SharedPreferences.Editor = settings.edit()
editor.putBoolean("flagElevenButtonColor", true).apply()
FlagsOverview().flagElevenButtonColor = true
SecureSharedPrefs().editBoolean(applicationContext, "flagElevenButtonColor", true)
correctFlag()
} else {
Toast.makeText(this@DeepLinkActivity, "Try again! :D",
Expand Down
59 changes: 24 additions & 35 deletions InjuredAndroid/app/src/main/java/b3nac/injuredandroid/FlagEightLoginActivity.java
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,7 @@
package b3nac.injuredandroid;

import android.content.Context;
import android.content.Intent;
import android.content.SharedPreferences;
import android.os.Bundle;
import android.util.Base64;
import android.util.Log;
import android.view.View;
import android.widget.EditText;
Expand All @@ -20,14 +17,13 @@
import com.google.android.material.snackbar.Snackbar;
import com.google.firebase.auth.AuthResult;
import com.google.firebase.auth.FirebaseAuth;
import com.google.firebase.auth.FirebaseUser;
import com.google.firebase.database.DataSnapshot;
import com.google.firebase.database.DatabaseError;
import com.google.firebase.database.DatabaseReference;
import com.google.firebase.database.FirebaseDatabase;
import com.google.firebase.database.ValueEventListener;

import java.nio.charset.StandardCharsets;
import org.jetbrains.annotations.NotNull;

public class FlagEightLoginActivity extends AppCompatActivity {
int click = 0;
Expand All @@ -47,62 +43,55 @@ protected void onCreate(Bundle savedInstanceState) {
mAuth = FirebaseAuth.getInstance();

mAuth.signInAnonymously()
.addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
@Override
public void onComplete(@NonNull Task<AuthResult> task) {
if (task.isSuccessful()) {
// Sign in success, update UI with the signed-in user's information
Log.d(TAG, "signInAnonymously:success");

} else {
// If sign in fails, display a message to the user.
Log.w(TAG, "signInAnonymously:failure", task.getException());
Toast.makeText(FlagEightLoginActivity.this, "Authentication failed.",
Toast.LENGTH_SHORT).show();
}
.addOnCompleteListener(this, task -> {
if (task.isSuccessful()) {
// Sign in success, update UI with the signed-in user's information
Log.d(TAG, "signInAnonymously:success");

} else {
// If sign in fails, display a message to the user.
Log.w(TAG, "signInAnonymously:failure", task.getException());
Toast.makeText(FlagEightLoginActivity.this, "Authentication failed.",
Toast.LENGTH_SHORT).show();
}
});

FloatingActionButton fab = findViewById(R.id.fab);
fab.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
if (click == 0) {
Snackbar.make(view, "AWS CLI.", Snackbar.LENGTH_LONG)
.setAction("Action",null).show();
click = click + 1;
} else if (click == 1) {
Snackbar.make(view, "AWS profiles and credentials.", Snackbar.LENGTH_LONG)
.setAction("Action",null).show();
click = 0;
}
fab.setOnClickListener(view -> {
if (click == 0) {
Snackbar.make(view, "AWS CLI.", Snackbar.LENGTH_LONG)
.setAction("Action",null).show();
click = click + 1;
} else if (click == 1) {
Snackbar.make(view, "AWS profiles and credentials.", Snackbar.LENGTH_LONG)
.setAction("Action",null).show();
click = 0;
}
});
}

public void submitFlag(View view) {

final SharedPreferences settings = getSharedPreferences("b3nac.injuredandroid", Context.MODE_PRIVATE);
EditText editText2 = findViewById(R.id.editText9);
final String post = editText2.getText().toString();

childRef.addListenerForSingleValueEvent(new ValueEventListener() {

@Override
public void onDataChange(DataSnapshot dataSnapshot) {
public void onDataChange(@NotNull DataSnapshot dataSnapshot) {
String value = (String) dataSnapshot.getValue();
if (post.equals(value)) {
FlagsOverview.flagEightButtonColor = true;
SharedPreferences.Editor editor = settings.edit();
editor.putBoolean("flagEightButtonColor", true).apply();
SecureSharedPrefs secure = new SecureSharedPrefs();
secure.editBoolean(getApplicationContext(), "flagEightButtonColor", true);
correctFlag();
} else {
Toast.makeText(FlagEightLoginActivity.this, "Try again! :D",
Toast.LENGTH_SHORT).show();
}
}
@Override
public void onCancelled(DatabaseError databaseError) {
public void onCancelled(@NotNull DatabaseError databaseError) {
Log.e(TAG, "onCancelled", databaseError.toException());
}
});
Expand Down
19 changes: 6 additions & 13 deletions InjuredAndroid/app/src/main/java/b3nac/injuredandroid/FlagNineFirebaseActivity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@
import com.google.firebase.database.FirebaseDatabase;
import com.google.firebase.database.ValueEventListener;

import org.jetbrains.annotations.NotNull;

import java.nio.charset.StandardCharsets;

public class FlagNineFirebaseActivity extends AppCompatActivity {
Expand Down Expand Up @@ -69,29 +71,27 @@ public void onClick(View view) {

public void submitFlag(View view) {

final SharedPreferences settings = getSharedPreferences("b3nac.injuredandroid", Context.MODE_PRIVATE);
EditText editText2 = findViewById(R.id.editText2);
final String post = editText2.getText().toString();
byte[] decodedPost = Base64.decode(post, Base64.DEFAULT);
final String decoded = new String(decodedPost, StandardCharsets.UTF_8);

childRef.addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
public void onDataChange(@NotNull DataSnapshot dataSnapshot) {
String value = (String) dataSnapshot.getValue();
if (decoded.equals(value)) {
FlagsOverview.flagNineButtonColor = true;
SharedPreferences.Editor editor = settings.edit();
editor.putBoolean("flagNineButtonColor", true).commit();
logFlagFound();
SecureSharedPrefs secure = new SecureSharedPrefs();
secure.editBoolean(getApplicationContext(), "flagNineButtonColor", true);
correctFlag();
} else {
Toast.makeText(FlagNineFirebaseActivity.this, "Try again! :D",
Toast.LENGTH_SHORT).show();
}
}
@Override
public void onCancelled(DatabaseError databaseError) {
public void onCancelled(@NotNull DatabaseError databaseError) {
Log.e(TAG, "onCancelled", databaseError.toException());
}
});
Expand All @@ -101,12 +101,5 @@ private void correctFlag() {
Intent intent = new Intent(this, FlagOneSuccess.class);
startActivity(intent);
}
private void logFlagFound() {
//Firebase analytics
String text = "Someone found the flag!";
Bundle params = new Bundle();
params.putString("full_text", text);
mFirebaseAnalytics.logEvent("Flag_found", params);
}
}

10 changes: 6 additions & 4 deletions InjuredAndroid/app/src/main/java/b3nac/injuredandroid/FlagSevenSqliteActivity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
import android.widget.EditText;
import android.widget.Toast;

import org.jetbrains.annotations.NotNull;

import java.nio.charset.StandardCharsets;

import b3nac.injuredandroid.DatabaseSchema.Add;
Expand Down Expand Up @@ -94,7 +96,7 @@ public void submitFlag(View view) {

mListener = childRef.addValueEventListener(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
public void onDataChange(@NotNull DataSnapshot dataSnapshot) {
String value = (String) dataSnapshot.getValue();
if (post.equals(value) && correctPassword) {
FlagsOverview.flagSevenButtonColor = true;
Expand All @@ -108,14 +110,14 @@ public void onDataChange(DataSnapshot dataSnapshot) {
}

@Override
public void onCancelled(DatabaseError databaseError) {
public void onCancelled(@NotNull DatabaseError databaseError) {
Log.e(TAG, "onCancelled", databaseError.toException());
}
});

mListenerTwo = childRefTwo.addValueEventListener(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshotTwo) {
public void onDataChange(@NotNull DataSnapshot dataSnapshotTwo) {
String value = (String) dataSnapshotTwo.getValue();
if (postTwo.equals(value)) {
correctPassword = true;
Expand All @@ -126,7 +128,7 @@ public void onDataChange(DataSnapshot dataSnapshotTwo) {
}

@Override
public void onCancelled(DatabaseError databaseError) {
public void onCancelled(@NotNull DatabaseError databaseError) {
Log.e(TAG, "onCancelled", databaseError.toException());
}
});
Expand Down
9 changes: 3 additions & 6 deletions InjuredAndroid/app/src/main/java/b3nac/injuredandroid/FlagTwelveProtectedActivity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,17 +43,14 @@ protected void onCreate(Bundle savedInstanceState) {

flagWebView.loadUrl(getIntent().getStringExtra("totally_secure"));
FlagsOverview.flagTwelveButtonColor = true;
SharedPreferences.Editor editor = settings.edit();
editor.putBoolean("flagTwelveButtonColor", true).commit();
SecureSharedPrefs secure = new SecureSharedPrefs();
secure.editBoolean(getApplicationContext(), "flagTwelveButtonColor", true);
correctFlag();

} else {

flagWebView.loadData(getIntent().getStringExtra("totally_secure"), "text/html", "UTF-8");
FlagsOverview.flagTwelveButtonColor = true;
SharedPreferences.Editor editor = settings.edit();
editor.putBoolean("flagTwelveButtonColor", true).commit();
correctFlag();

}
}

Expand Down
44 changes: 25 additions & 19 deletions InjuredAndroid/app/src/main/java/b3nac/injuredandroid/FlagsOverview.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,10 @@ class FlagsOverview : AppCompatActivity() {
var flagThreeButtonColor = false
var flagFourButtonColor = false
var flagFiveButtonColor = false
var flagNineButtonColor = false
var flagTenButtonColor = false
var flagElevenButtonColor = false
var flagFourteenButtonColor = false

override fun onCreate(savedInstanceState: Bundle?) {
initEncryptedSharedPreferences()
Expand Down Expand Up @@ -243,25 +246,6 @@ class FlagsOverview : AppCompatActivity() {
}
}

companion object {
@JvmField
var flagFiveButtonColor = false
@JvmField
var flagSixButtonColor = false
@JvmField
var flagSevenButtonColor = false
@JvmField
var flagEightButtonColor = false
@JvmField
var flagNineButtonColor = false
var flagElevenButtonColor = false
@JvmField
var flagTwelveButtonColor = false
@JvmField
var flagThirteenButtonColor = false
var flagFourteenButtonColor = false
}

private fun initEncryptedSharedPreferences() {

// Step 1: Create or retrieve the Master Key for encryption/decryption
Expand All @@ -276,4 +260,26 @@ class FlagsOverview : AppCompatActivity() {
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
)
}

companion object {

@kotlin.jvm.JvmField
var flagSixButtonColor = false

@kotlin.jvm.JvmField
var flagSevenButtonColor = false

@kotlin.jvm.JvmField
var flagEightButtonColor = false

@kotlin.jvm.JvmField
var flagNineButtonColor = false

@kotlin.jvm.JvmField
var flagTwelveButtonColor = false

@kotlin.jvm.JvmField
var flagThirteenButtonColor = false
}

}
26 changes: 12 additions & 14 deletions InjuredAndroid/app/src/main/java/b3nac/injuredandroid/RCEActivity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@
import android.widget.TextView;
import android.widget.Toast;

import org.jetbrains.annotations.NotNull;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
Expand Down Expand Up @@ -74,7 +76,6 @@ protected void onCreate(Bundle savedInstanceState) {
});

if (getIntent() != null && getIntent().getData() != null) {
final SharedPreferences settings = getSharedPreferences("b3nac.injuredandroid", Context.MODE_PRIVATE);
copyAssets();
Uri data = getIntent().getData();

Expand All @@ -87,13 +88,13 @@ protected void onCreate(Bundle savedInstanceState) {
childRef.addListenerForSingleValueEvent(new ValueEventListener() {

@Override
public void onDataChange(DataSnapshot dataSnapshot) {
public void onDataChange(@NotNull DataSnapshot dataSnapshot) {
String value = (String) dataSnapshot.getValue();

if (combinedParam != null && combinedParam.equals(value)) {
FlagsOverview.flagThirteenButtonColor = true;
SharedPreferences.Editor editor = settings.edit();
editor.putBoolean("flagThirteenButtonColor", true).apply();
SecureSharedPrefs secure = new SecureSharedPrefs();
secure.editBoolean(getApplicationContext(), "flagThirteenButtonColor", true);
correctFlag();
} else {
Toast.makeText(RCEActivity.this, "Try again! :D",
Expand All @@ -102,7 +103,7 @@ public void onDataChange(DataSnapshot dataSnapshot) {
}

@Override
public void onCancelled(DatabaseError databaseError) {
public void onCancelled(@NotNull DatabaseError databaseError) {
Log.e(TAG, "onCancelled", databaseError.toException());
}
});
Expand Down Expand Up @@ -183,15 +184,12 @@ private void correctFlag() {
private void anon() {
mAuth = FirebaseAuth.getInstance();
mAuth.signInAnonymously()
.addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
@Override
public void onComplete(@NonNull Task<AuthResult> task) {
if (task.isSuccessful()) {
FirebaseUser user = mAuth.getCurrentUser();
} else {
Toast.makeText(RCEActivity.this, "Authentication failed.",
Toast.LENGTH_SHORT).show();
}
.addOnCompleteListener(this, task -> {
if (task.isSuccessful()) {
FirebaseUser user = mAuth.getCurrentUser();
} else {
Toast.makeText(RCEActivity.this, "Authentication failed.",
Toast.LENGTH_SHORT).show();
}
});
}
Expand Down

0 comments on commit 6f30ff6

Please sign in to comment.