Added cors demonstrator.

config/home/bookmarks.html

@@ -15,5 +15,6 @@ <H1>Bookmarks</H1>
         <DT><A HREF="http://dvwa.wtf/" ADD_DATE="1515602695">DVWA</A>
         <DT><A HREF="http://juice-shop.wtf/#/search" ADD_DATE="1515014560" ICON="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAACQ0lEQVQ4jY2SzUtUYRTGn/Pe9975uk4zfiRpoRamZNBCiUyQxkVgEbVxH0FBm1a1TmjTqk1I1CroHwhxW7kKpqZC0Eqkmgo/rp/jfN25H+97WiUGztDZnuf8eM7DAzQYzg2aPHcxwTwp6mmoESA/PTbe0Z24a0TIgcaqIMxQ//Sb/RpZ7/jVo+HOtY3wXqI1zKRMiS/TDtIROco/rk1Qz8v8X92B1nJPB+OJZuuBERMZZ92HV9MIbANBixwKXDW5krsSb+iA08ljUmMcBLi1EOsbPnrPpQAwdovB5cKmPg5gvj5AqSoJwwUY0aYuWAmFxOGTILMN2PrsqdWPbmMHEbOKUJdYM1Kdw4hHK6D0GOD/hNaLZTcIKg0zMMy4y4wCADAzSJhA4AClt1C+U9S+qDYElOyST4QdsAJYgaABEQfarkOZ/YXtbNZrCMhkZkMho1vprjHE030g9oDqPKAq0GF1+91jBHUzYEDMnTl6JFwtx3y1DTeWB8QOqLkdqvgaQXGpcmpfAf9p4sLAgOUnvZsgvoOOSHcYh6XPp9B+wkazLVB1PJQ/uZuGY02hJh72PJ+t7TlYuDBg+0HttmEZ982kmSAm6CKDsxV4+RCOx0AphLSSrdHe0zeCte8vAHyTAJA929/iB7UnZNBVs8kkklSGhpYRwxIhRbHsg4gYhBWyI+9D59eM2nCX9174OtLXVEN4CYJMIcSW8tUuC/YNSx6Sthw1JI1IWy7B4qmCYS4OPfsQ4H+HAfo9MRzL3Ro0D9r/AYU7+H7GSFGwAAAAAElFTkSuQmCC">Juice Shop</A>
         <DT><A HREF="http://dojo-scavenger.wtf/" ADD_DATE="1515014578" ICON="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAA70lEQVQ4jc3SPU7DQBDF8Z9Z21iIBpCg4CgUFBSchJYCJHo4C5wCLpAbREKIngIivkSMHVPYQWRjJSl50hQ7mvfX7pvlv2oHlxjiFudYX9UccIcmqiskqwD28dYDuMdmPLzWc97Gdw94C7vLAAlyjHsA4+4GM54YADW+evqlngxiQJPneaVNP9awgy8GlGX5WRTFQBvcbx8DfET9eQCeq6p67YanescILzEg1gZOQgiP5tf4gFPtlmaU4ADXaZo+ZVkWG+Ma4QbH0xdcYBJCaEIIy8x/a4KzFEdI6nou4GVKcJhqv+50xwsDiswN9n4AXSVV4VRFzn0AAAAASUVORK5CYII=">dojo-scavenger</A>
+        <DT><A HREF="http://client.cors.dem/" ADD_DATE="1515014560">CORS Demonstrator</A>
     </DL><p>
 </DL><p>

config/sites-enabled/cors.dem

@@ -0,0 +1,15 @@
+server {
+	listen 80;
+	server_name api.cors.dem;
+	location / {
+		proxy_pass http://localhost:3020;
+	}
+}
+
+server {
+	listen 80;
+	server_name client.cors.dem;
+	location / {
+		proxy_pass http://localhost:3021;
+	}
+}

config/startup_targets.sh

@@ -6,6 +6,9 @@ export JUICE_SHOP_PATH=$(find /opt/targets/ -name 'juice-shop_*')
 cd $JUICE_SHOP_PATH
 sudo npm start &
 
+cd /opt/targets/client-side-attacks-lab/targets/cors.dem
+sudo npm start &
+
 sudo docker run --rm -p 31000:80 -p 33006:3306 bit0pus/docker-dvwa &
 
 sudo docker run --rm -p 33080:80 -p 22222:22 -p 33333:3306 bit0pus/docker-mutillidae &
@@ -14,3 +17,4 @@ cd /opt/targets/samurai-dojo-docker
 sudo docker-compose up &
 
 sudo service nginx restart;curl http://dojo-basic.wtf/reset-db.php
+sleep 10

install/local_targets.sh

@@ -9,6 +9,8 @@ echo '127.0.0.1   dvwa.wtf' | sudo tee -a /etc/hosts
 echo '127.0.0.1   mutillidae.wtf' | sudo tee -a /etc/hosts
 echo '127.0.0.1   professionallyevil.wtf' | sudo tee -a /etc/hosts
 echo '127.0.0.1   amoksecurity.wtf' | sudo tee -a /etc/hosts
+echo '127.0.0.1   client.cors.dem' | sudo tee -a /etc/hosts
+echo '127.0.0.1   api.cors.dem' | sudo tee -a /etc/hosts
 
 sudo mkdir /home/samurai/.scripts
 sudo tr '\r\n' '\n' < /tmp/config/startup_targets.sh > /home/samurai/.scripts/startup_targets.sh

install/target_bootstrap.sh

@@ -25,7 +25,7 @@ sudo docker pull bit0pus/docker-mutillidae
 
 #BWAPP
 
-#DOJO BASIC
+#DOJO
 echo 'Setting up Samurai Dojo...'
 echo '...cloning repo...'
 sudo git clone --recursive https://github.com/SamuraiWTF/samurai-dojo-docker.git /opt/targets/samurai-dojo-docker
@@ -55,7 +55,13 @@ echo '...stopping app...'
 sudo docker-compose down
 echo 'Done.'
 
-#DOJO SCAVENGER
+#Client-Side Attack Lab
+echo "Setting up Mic_WG's Client-Side Attacks Lab"
+echo '...cloning repo...'
+sudo git clone https://github.com/ProfessionallyEvil/client-side-attacks-lab.git /opt/targets/client-side-attacks-lab
+echo '...fetching node dependencies for CORS Demonstrator...'
+cd /opt/targets/client-side-attacks-lab/targets/cors.dem
+npm install
 
 #Reverse Proxy