diff --git a/.gitignore b/.gitignore
index e43b0f9..cd975db 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
.DS_Store
+.aider*
diff --git a/configure_platform.py b/configure_platform.py
deleted file mode 100644
index 0688b9a..0000000
--- a/configure_platform.py
+++ /dev/null
@@ -1,112 +0,0 @@
-import json
-import os
-import subprocess
-from shutil import copyfile
-
-
-def sp_settings(json_file, sp_ip, idp_ip):
- jsonFile = open(json_file, 'r')
- data = json.load(jsonFile)
- jsonFile.close()
-
- data['sp']['entityId'] = f'http://{sp_ip}:8000/metadata/'
- data['sp']['assertionConsumerService']['url'] = f'http://{sp_ip}:8000/?acs'
- data['sp']['singleLogoutService']['url'] = f'http://{sp_ip}:8000/?sls'
-
- data['idp']['entityId'] = f'http://{idp_ip}/simplesamlphp/saml2/idp/metadata.php'
- data['idp']['singleSignOnService']['url'] = f'http://{idp_ip}/simplesamlphp/saml2/idp/SSOService.php'
- data['idp']['singleLogoutService']['url'] = f'http://{idp_ip}/simplesamlphp/saml2/idp/SingleLogoutService.php'
-
- jsonFile = open(json_file, 'w+')
- jsonFile.write(json.dumps(data, indent=4))
- jsonFile.close()
-
-
-def idp_settings(settings_file, sp_ip):
- original_text = '127.0.0.1:8000'
- new_text = f'{sp_ip}:8000'
-
- original_text_blob = open(settings_file).read()
- open(settings_file, 'w').write(original_text_blob.replace(original_text, new_text))
-
-
-def build_docker(image_build):
- # Builds and runs the docker image defined for the host.
-
- if image_build == 'idp':
- build = subprocess.Popen(['docker', 'build', '-t', 'idp:1.0', 'vulnerableidp/'])
- build.wait()
- run = subprocess.Popen(['docker', 'run', '-it', '--rm', '--name', 'sp', '-d', '-p', '80:80', 'sp:1.0'])
- run.wait()
- check = subprocess.Popen(['docker', 'ps', '--filter', '--name', 'sp'])
- check.wait()
- print('\n All done run the IDP should be running now.')
- print('To run the image manually after shutting it down use the command below:')
- print(f'\t sudo docker run -it --rm --name {image_build} -d -p 80:80 {image_build}:1.0')
- else:
- build = subprocess.Popen(['docker', 'build', '-t', 'sp:1.0', 'vulnerablesp/'])
- build.wait()
- run = subprocess.Popen(['docker', 'run', '-it', '--rm', '--name', 'sp', '-d', '-p', '8000:8000', 'sp:1.0'])
- run.wait()
- check = subprocess.Popen(['docker', 'ps', '--filter', '--name', 'sp'])
- check.wait()
- print('\n All done the SP image should be running.')
- print('To run the image manually after shutting it down use the command below:')
- print(f'\t sudo docker run -it --rm --name {image_build} -d -p 8000:8000 {image_build}:1.0')
-
-
-def main():
- # Reset the config files for each run to give people the ability to re-run this if they typo something
- # saves them from having to re-clone repo or edit the files manually
-
- copyfile('vulnerablesp/yogiSP/saml/settings.original','vulnerablesp/yogiSP/saml/settings.json')
- copyfile('vulnerableidp/saml20-sp-remote.original','vulnerableidp/saml20-sp-remote.php')
-
- host_config_option = ''
- print(" Begining the configuration process. \n")
-
- print('---------------------------------------------')
- print(" Please note that this script is basically doing a find in replace on specific strings that exist in the initial files cloned from the repository.\n If you've already ran this script once and specified different IPs/hostnames for the SP and IDP, there is a strong chance it will not actually update the configuration files for you.\n You should consider manually editing the configuration files or deleteing and re-cloning the repository.")
- print('---------------------------------------------')
-
- print('\n Which server are we configuring? \n 1 - Identity Prodiver (IDP) \n 2 - Serivce Provider/Web App (SP)')
-
- while True:
- try:
- host_config_option = int(input('# '))
- if host_config_option == 1 or host_config_option == 2:
- break
- print('Please enter 1 or 2')
- except Exception as e:
- print('Must be a number')
-
- while True:
- try:
- docker_direction = input('Do you want to also create and run the Docker image for this host, Y/N? ')
- if docker_direction[0].lower() == 'y' or docker_direction[0].lower() == 'n':
- break
- print('Must be either a Y or N')
- except Exception as e:
- print(f'Must be a Y or N: {e}')
-
- if docker_direction == 'Y':
- if os.geteuid() != 0:
- sys.exit('Please re-run this script with root privileges if you want to have it build the docker commands for you')
-
- sp_ip = input('What is the hostname/IP for the SP? ')
- idp_ip = input('What is the hostname/IP for the IDP? ')
-
- # Configure the Identity Platform (IDP)
- if host_config_option is 1:
- settings_file = 'vulnerableidp/saml20-sp-remote.php'
- idp_settings(settings_file, sp_ip)
- build_docker('idp')
-
- # Configure the web application / Service Provider (SP)
- elif host_config_option is 2:
- json_file = 'vulnerablesp/yogiSP/saml/settings.json'
- sp_settings(json_file, sp_ip, idp_ip)
- build_docker('sp')
-
-if __name__ == "__main__":
- main()
diff --git a/docker-compose.yml b/docker-compose.yml
index b94d6cc..20ff0db 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,7 +4,33 @@ services:
build: vulnerableidp
ports:
- "80:80"
+ environment:
+ - SP_HOST=localhost:8000
+ - IDP_HOST=localhost
+
sp:
build: vulnerablesp
ports:
- "8000:8000"
+ environment:
+ - SP_HOST=localhost:8000
+ - IDP_HOST=localhost
+
+# services:
+# idp:
+# build: vulnerableidp
+# ports:
+# - "80:80"
+# environment:
+# - SP_HOST=sp.domain.com
+# - IDP_HOST=idp.domain.com
+# - USE_HTTPS=1
+
+# sp:
+# build: vulnerablesp
+# ports:
+# - "8000:8000"
+# environment:
+# - SP_HOST=sp.domain.com
+# - IDP_HOST=idp.domain.com
+# - USE_HTTPS=1
diff --git a/vulnerableidp/Dockerfile b/vulnerableidp/Dockerfile
index c149e15..5735562 100644
--- a/vulnerableidp/Dockerfile
+++ b/vulnerableidp/Dockerfile
@@ -24,5 +24,8 @@ ADD loginuserpass.php /usr/share/simplesamlphp/modules/core/templates/
ADD welcome.png /usr/share/simplesamlphp/www/resources/
EXPOSE 80
+COPY ./start.sh /start.sh
+RUN chmod +x /start.sh
+
# Start the web service
-CMD ["apache2ctl", "-D", "FOREGROUND"]
+CMD ["/bin/bash", "/start.sh"]
diff --git a/vulnerableidp/saml20-idp-hosted.php b/vulnerableidp/saml20-idp-hosted.php
index 29f950f..3887265 100644
--- a/vulnerableidp/saml20-idp-hosted.php
+++ b/vulnerableidp/saml20-idp-hosted.php
@@ -5,7 +5,7 @@
* See: https://simplesamlphp.org/docs/stable/simplesamlphp-reference-idp-hosted
*/
-$metadata['__DYNAMIC:1__'] = array(
+$metadata['http://127.0.0.1/simplesamlphp/saml2/idp/metadata.php'] = array(
/*
* The hostname of the server (VHOST) that will use this SAML entity.
*
diff --git a/vulnerableidp/saml20-sp-remote.original b/vulnerableidp/saml20-sp-remote.original
deleted file mode 100644
index 9ed7833..0000000
--- a/vulnerableidp/saml20-sp-remote.original
+++ /dev/null
@@ -1,37 +0,0 @@
- 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
- 'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp',
-);
-
-/*
- * This example shows an example config that works with G Suite (Google Apps) for education.
- * What is important is that you have an attribute in your IdP that maps to the local part of the email address
- * at G Suite. In example, if your Google account is foo.com, and you have a user that has an email john@foo.com, then you
- * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
- */
-$metadata['google.com'] = array(
- 'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
- 'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
- 'simplesaml.nameidattribute' => 'uid',
- 'simplesaml.attributes' => FALSE,
-);
-
-$metadata['http://127.0.0.1:8000/metadata/'] = array (
- 'AssertionConsumerService' => 'http://127.0.0.1:8000/?acs',
- 'SingleLogoutService' => 'http://127.0.0.1:8000/?sls',
-);
-
-$metadata['http://127.0.0.1:8000/metadata'] = array (
- 'AssertionConsumerService' => 'http://127.0.0.1:8000/?acs',
- 'SingleLogoutService' => 'http://127.0.0.1:8000/?sls',
-);
diff --git a/vulnerableidp/saml20-sp-remote.php b/vulnerableidp/saml20-sp-remote.php
index 9ed7833..21d180c 100644
--- a/vulnerableidp/saml20-sp-remote.php
+++ b/vulnerableidp/saml20-sp-remote.php
@@ -1,37 +1,12 @@
'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
- 'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp',
-);
-
-/*
- * This example shows an example config that works with G Suite (Google Apps) for education.
- * What is important is that you have an attribute in your IdP that maps to the local part of the email address
- * at G Suite. In example, if your Google account is foo.com, and you have a user that has an email john@foo.com, then you
- * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
- */
-$metadata['google.com'] = array(
- 'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
- 'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
- 'simplesaml.nameidattribute' => 'uid',
- 'simplesaml.attributes' => FALSE,
-);
-$metadata['http://127.0.0.1:8000/metadata/'] = array (
+$metadata['http://127.0.0.1:8000/metadata'] = array (
'AssertionConsumerService' => 'http://127.0.0.1:8000/?acs',
'SingleLogoutService' => 'http://127.0.0.1:8000/?sls',
);
-$metadata['http://127.0.0.1:8000/metadata'] = array (
+$metadata['http://127.0.0.1:8000/metadata/'] = array (
'AssertionConsumerService' => 'http://127.0.0.1:8000/?acs',
'SingleLogoutService' => 'http://127.0.0.1:8000/?sls',
);
diff --git a/vulnerableidp/start.sh b/vulnerableidp/start.sh
index 1201e81..80fa4e3 100644
--- a/vulnerableidp/start.sh
+++ b/vulnerableidp/start.sh
@@ -1,4 +1,24 @@
#!/bin/bash
+# Replace 127.0.0.1:8000 with SP_HOST in source files
+if [ -n "$SP_HOST" ]; then
+ echo "Replacing 127.0.0.1:8000 with $SP_HOST"
+ find /usr/share/simplesamlphp /etc/simplesamlphp/ -type f -exec sed -i "s|127.0.0.1:8000|$SP_HOST|g" {} +
+fi
+
+# Replace 127.0.0.1 with IDP_HOST in source files
+if [ -n "$IDP_HOST" ]; then
+ echo "Replacing 127.0.0.1 with $IDP_HOST"
+ find /usr/share/simplesamlphp /etc/simplesamlphp/ -type f -exec sed -i "s|127.0.0.1|$IDP_HOST|g" {} +
+fi
+
+if [ -n "$USE_HTTPS" ]; then
+ echo "Replacing http://$SP_HOST with https://$SP_HOST"
+ find /usr/share/simplesamlphp /etc/simplesamlphp/ -type f -exec sed -i "s|http://$SP_HOST|https://$SP_HOST|g" {} +
+
+ echo "Replacing http://$IDP_HOST with https://$IDP_HOST"
+ find /usr/share/simplesamlphp /etc/simplesamlphp/ -type f -exec sed -i "s|http://$IDP_HOST|https://$IDP_HOST|g" {} +
+fi
+
a2enconf simplesamlphp
-apache2ctl -D FOREGROUND
+apache2ctl -D FOREGROUND
\ No newline at end of file
diff --git a/vulnerablesp/Dockerfile b/vulnerablesp/Dockerfile
index 953921b..3bf6501 100644
--- a/vulnerablesp/Dockerfile
+++ b/vulnerablesp/Dockerfile
@@ -1,20 +1,20 @@
-FROM ubuntu:bionic
-
-RUN apt-get update -y
-RUN apt-get install -y python2.7 python2.7-dev libxmlsec1 libxmlsec1-dev git python-pip python-dev build-essential nginx
-RUN pip install --upgrade pip
-RUN pip install -U setuptools
-
-COPY . /vulnerableSP
-WORKDIR /vulnerableSP
-
-RUN pip install uwsgi
-RUN pip install -r requirements.txt
-
-RUN python /vulnerableSP/setup.py install
-
-EXPOSE 8000
-
-WORKDIR /vulnerableSP/yogiSP
-#CMD ["python", "index.py"]
-CMD ["uwsgi", "--ini", "vulnsp.ini"]
+FROM ubuntu:bionic
+
+RUN apt-get update -y
+RUN apt-get install -y python2.7 python2.7-dev libxmlsec1 libxmlsec1-dev git python-pip python-dev build-essential nginx
+RUN pip install --upgrade pip
+RUN pip install -U setuptools
+RUN pip install uwsgi
+
+RUN mkdir /vulnerableSP
+WORKDIR /vulnerableSP
+COPY ./requirements.txt /vulnerableSP/requirements.txt
+RUN pip install -r requirements.txt
+
+COPY . /vulnerableSP
+RUN chmod +x /vulnerableSP/start.sh
+
+
+EXPOSE 8000
+
+CMD ["/bin/bash", "/vulnerableSP/start.sh"]
diff --git a/vulnerablesp/src/onelogin/saml2/response.py b/vulnerablesp/src/onelogin/saml2/response.py
index 4f027cc..9e9c38f 100644
--- a/vulnerablesp/src/onelogin/saml2/response.py
+++ b/vulnerablesp/src/onelogin/saml2/response.py
@@ -221,7 +221,7 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
for issuer in issuers:
if issuer is None or issuer != idp_entity_id:
raise OneLogin_Saml2_ValidationError(
- 'Invalid issuer in the Assertion/Response',
+ 'Invalid issuer in the Assertion/Response. Issuer: %s, IdP Entity ID: %s' % (issuer, idp_entity_id),
OneLogin_Saml2_ValidationError.WRONG_ISSUER
)
diff --git a/vulnerablesp/start.sh b/vulnerablesp/start.sh
new file mode 100644
index 0000000..70b7cc8
--- /dev/null
+++ b/vulnerablesp/start.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+
+# Replace 127.0.0.1:8000 with SP_HOST in source files
+if [ -n "$SP_HOST" ]; then
+ find /vulnerableSP -type f -exec sed -i "s/127.0.0.1:8000/$SP_HOST/g" {} +
+fi
+
+# Replace 127.0.0.1 with IDP_HOST in source files
+if [ -n "$IDP_HOST" ]; then
+ find /vulnerableSP -type f -exec sed -i "s/127.0.0.1/$IDP_HOST/g" {} +
+fi
+
+if [ -n "$USE_HTTPS" ]; then
+ echo "Replacing http://$SP_HOST with https://$SP_HOST"
+ find /vulnerableSP -type f -exec sed -i "s|http://$SP_HOST|https://$SP_HOST|g" {} +
+
+ echo "Replacing http://$IDP_HOST with https://$IDP_HOST"
+ find /vulnerableSP -type f -exec sed -i "s|http://$IDP_HOST|https://$IDP_HOST|g" {} +
+fi
+
+
+cd /vulnerableSP/
+python /vulnerableSP/setup.py install
+cd /vulnerableSP/yogiSP
+uwsgi --ini vulnsp.ini
\ No newline at end of file
diff --git a/vulnerablesp/yogiSP/saml/settings.original b/vulnerablesp/yogiSP/saml/settings.original
deleted file mode 100644
index 375126c..0000000
--- a/vulnerablesp/yogiSP/saml/settings.original
+++ /dev/null
@@ -1,31 +0,0 @@
-{
- "strict": true,
- "debug": true,
- "sp": {
- "entityId": "http://127.0.0.1:8000/metadata/",
- "assertionConsumerService": {
- "url": "http://127.0.0.1:8000/?acs",
- "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
- },
- "singleLogoutService": {
- "url": "http://127.0.0.1:8000/?sls",
- "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
- },
- "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
- "x509cert": "MIIDSTCCAjGgAwIBAgIJAMrYtXzE+otvMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJLUzEQMA4GA1UEBwwHV2ljaGl0YTENMAsGA1UECgwEQmxlaDAeFw0xODAxMDgxODI5NDNaFw0yODAxMDgxODI5NDNaMDsxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJLUzEQMA4GA1UEBwwHV2ljaGl0YTENMAsGA1UECgwEQmxlaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7Mi/jls3XYiEhS/IL2K8geg1/V9ei9B7H8b4ekxzm141IR4iERVu9eL7xclM0VdpSavOsO2vzve/ML9cfY21P1Acvoj1i+txsLUdBNeREr8MneuLfdv+tPfy1qc19RPnmbxxSCGvlSeNV/TOMqyvJKg4wHS7ZXlNcrWl0SCVTN8FKJGZYG7YfYnBI0uH6H4zqpWpB3S3DSgl3u5ocTYN5tbU6aW7k30+xe53OIed42XffBBplX9Ye9biAbj110JLLn4UTy4BDvb21e9FGfJY2lYXWJCvBZZJc4NAzLOSn1BtDjF3ouZQt17I6MJN72GVnJfRN4jBI4qULrkDcQQu0CAwEAAaNQME4wHQYDVR0OBBYEFN+z4GtgrmhxbjtzIJFQrFVRh9lgMB8GA1UdIwQYMBaAFN+z4GtgrmhxbjtzIJFQrFVRh9lgMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAGbmHjd1RrOK/HdNdIy47tyYo5H7DYCwUPDtj9lN9GShQ3gC41C8kNUqRpO4yt/BmMOCf6jpqdF/86/KJoyHwP1uFNFhu/1k5kH/m7EXH7wIR73fb+/gfOOvgJUSvUPt2Bh/Qbt/TB+PUnAf24bR2cvDPeKJFb2O4QUfyZgoex79mjq3d+SDq3ulxg9TKYzFTjDRr0zYkmfZPW+CY3lKxBGfou3v6ysuZONbVUZi1adXezneWAudpMp0NvujOb0PgfQ0dZyixe2opDgPPsJpy5EP9nQJKM3YhuVtZ1IcXTI3rDmnT0IVdqxvAp3npO4rFfI5qXnk4oiY4mPI5CZwex4=",
- "privateKey": "MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC+zIv45bN12IhIUvyC9ivIHoNf1fXovQex/G+HpMc5teNSEeIhEVbvXi+8XJTNFXaUmrzrDtr873vzC/XH2NtT9QHL6I9YvrcbC1HQTXkRK/DJ3ri33b/rT38tanNfUT55m8cUghr5UnjVf0zjKsrySoOMB0u2V5TXK1pdEglUzfBSiRmWBu2H2JwSNLh+h+M6qVqQd0tw0oJd7uaHE2DebW1Omlu5N9PsXudziHneNl33wQaZV/WHvW4gG49ddCSy5+FE8uAQ729tXvRRnyWNpWF1iQrwWWSXODQMyzkp9QbQ4xd6LmULdeyOjCTe9hlZyX0TeIwSOKlC65A3EELtAgMBAAECggEAUpRbXK2mX7IJQixQyCndxy6Vs8v6M/Jkuz9D0lSaObskmSfOVHuZwd5lEMSNTrokaasTazUxyNmqLwaVKRsNyqe3UFbmfAWHYLgkf+CYLrty6xxvnHzojOMKa1CwgKe8P4wRvSmWnSR50gXX9FZYIkfn6ZpaxZ/gdsR3xuKAkWgVAHhowLwMZiqdyrcaCMHpOn4KQzZaK8rcfT2RU0TEXW37HVBCLseBSxAFpBF2Y80rpgXAwA0stE+22Y8eWRy6Woo3K5KLh+PPymYu/2/msSgNQv2WJVw61W6SrG06FsCdAfuN80mE3ugFf7QOh2FZZMrpu/C4f9zrmweSe8tKAQKBgQDsy8yuFyUZYsGo3q8GZ/r4aEqah8CLsQAdN1rVPw8HMVCraPOeGwqXK78Sd8RcWII8IQdl4O4y+SnKm9SP6+bkgpBHRNkg7NBBMwEKnB0bVmESIbN29mIq2M+gEjUeBDR8sQOGsspNNT8XC4gb/jVe+POJyfubgjTh5H9bZ/t9gQKBgQDORclzRikXLFPlyWxBf/lyDUQlYoSlie6a+eKSmuBn/QlUi4Wx5x8KPgSJtBGjQWMEwf/mbs3g+f2u95xZnME2s2/tV1BP5siM7XaaMPuUydRZMQ/A11nFIdOWxtPjUVZnwEqRqi5h90rktnRVTvhDHi6LyY03mo1rAVy24stTbQKBgQDSprZNxL83Jxh6nqb7PvMPms+LSuqqGmqskvrWK4O19VP7OKFIbGvucXdH+Y2QTRiGXyeSpReh9vALkrb01XoQnGm3TPMPjDvzVGk/xANMt3ohRCO/140a6sdBchEYw8rhhiNJ57F6H70hRhvuMyXNeBBG6o1PGPTsY3Y8nXMngQKBgQCH5wzqKSCrhuYj8IilwxZrYXgzlWxF0NHnQ5pW8znE6b869833P4qA6gl9XKl+QXdmzBa5EOoOP0c3/yYBGLloO+MTocJlUm1yBIZu4rTu++cveJajfH9F1ZqdrZQvIgjmxJecz15N52ttsxSEnEoPlpQeP4YOS4K/LJ+UU2qZJQKBgQDZIIcCmyjCCfLJoYDkP1QdZc75lRvFbg1zAtz65zs+LwsQ+FuZJAYasK4miKYLjJAu79ZGwekiX3e9F1i6NwB9APN6gl8F3sZXB+HN9wZsNEHcyyPzFVwvCxj0nw+dPC0/Q3xdrgVSvO4w0PWTEhBwX/CHEsAGYKohpLt4xHnn2Q=="
- },
- "idp": {
- "entityId": "http://127.0.0.1/simplesamlphp/saml2/idp/metadata.php",
- "singleSignOnService": {
- "url": "http://127.0.0.1/simplesamlphp/saml2/idp/SSOService.php",
- "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
- },
- "singleLogoutService": {
- "url": "http://127.0.0.1/simplesamlphp/saml2/idp/SingleLogoutService.php",
- "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
- },
- "x509cert": "MIIDeTCCAmGgAwIBAgIJANvZGeYKX7nIMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZLYW5zYXMxEDAOBgNVBAcMB1dpY2hpdGExITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODAxMTAxNzAzMThaFw0yODAxMTAxNzAzMThaMFMxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZLYW5zYXMxEDAOBgNVBAcMB1dpY2hpdGExITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOysjXhxnPnXGheeidZphc8PurUT+ToxJBswCk3/uY3lPeAGLaS2a0XvQw9UUJ7qoZ8BiSlegIVD/940E+5T0EPmBJrmJB3VQCEF/tHdo+WCL0JTg1paJCnkS1kZqMUMmH1OHwQg8cKAL0D0VcEl0z0v6gQkKcEU4UNTk8TQB7dNK1EemM9PWDx5ZBIyW7osY+ECR5k4bWal9sexdicrUnRbgszkQfgp5Rx+OUyu6WKWCyl8swrz0CWLI16uA5EdSi5evQkJnzVI/e9uvOUDWc/zwSfiEA1ZnwWtW3tr/F09WTvg/6zInqh2TxIwk3uKxyu7HMFekcu2tAVNyiJjp5ECAwEAAaNQME4wHQYDVR0OBBYEFOnZYhqx73Vel6SbDJxtovD/VLPKMB8GA1UdIwQYMBaAFOnZYhqx73Vel6SbDJxtovD/VLPKMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAISIj9g7X0PGUbeclFg+ZvfclSCqVpypzy2nJMWC5S8IyOFjo+BQbbry1bR2sKZ9OwIReFDh0qSOh+dzNSlKvfwj5B/phocmzi9UTAlatex02x/QYO3A0iDDj1Qf3cJQj2QJQ/Lqk+yynVdWREfFdHTyjqozd3UoC1SdITskigDCgPjLIVvlrIexBwucspctmNoRYcVzLGpOMlgQHMoMKsG0DHAFC0S/baWs8eulYsl8nDQWx0W96DS0pw/jskDxsyIw4rMpqzYfR1XBI2lcALqIjaucDPAZMI9OufoHCSgmUPD1h4g5oIZn/27SkhWqi/hfnBBTc4otzB0h+9q6FhU="
- }
-}
-
diff --git a/vulnerablesp/yogiSP/templates/401.html b/vulnerablesp/yogiSP/templates/401.html
new file mode 100644
index 0000000..bcb3a21
--- /dev/null
+++ b/vulnerablesp/yogiSP/templates/401.html
@@ -0,0 +1,14 @@
+
+
+
+
+
+ 401 Unauthorized
+
+
+
+ 401 Unauthorized
+ Back to home page
+
+
+
\ No newline at end of file
diff --git a/vulnerablesp/yogiSP/vulnsp.py b/vulnerablesp/yogiSP/vulnsp.py
index 4ac3fba..bcd4e10 100644
--- a/vulnerablesp/yogiSP/vulnsp.py
+++ b/vulnerablesp/yogiSP/vulnsp.py
@@ -119,6 +119,8 @@ def profile():
paint_logout = True
if len(session['samlUserdata']) > 0:
attributes = session['samlUserdata'].items()
+ else:
+ return render_template('401.html'), 401
return render_template('profile.html', paint_logout=paint_logout,
attributes=attributes)