- ID da verificação
- a975aa01-0d32-447a-84ac-281186571b50Concluído
- URL enviado:
- https://7af45b83-f46d-4596-8527-453b3d90ffa3.ctf.stair.ch:1337/
- Relatório concluído:
Links · 0 encontrado(s)
Os links de saída identificados na página
Variáveis JavaScript · 9 encontrada(s)
Variáveis JavaScript globais carregadas no objeto janela de uma página são variáveis declaradas fora das funções e acessíveis de qualquer lugar no código dentro do escopo atual
| Nome | Tipo |
|---|---|
| onbeforetoggle | object |
| documentPictureInPicture | object |
| onscrollend | object |
| checkout | function |
| updateBasket | function |
| addToCart | function |
| stock | object |
| cookie | string |
| cookie2 | object |
Mensagens de registro do console · 1 encontrada(s)
Mensagens registradas no console web
| Tipo | Categoria | Log |
|---|---|---|
| error | network |
|
HTML
O corpo HTML bruto da página
<!DOCTYPE html><html lang="en"><head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>The Garden Company - Buy some roots</title>
<style>
body {
font-family: Arial, sans-serif;
margin: 0;
padding: 0;
}
header {
background: #333;
color: white;
padding: 10px 20px;
text-align: center;
}
.container {
max-width: 1200px;
margin: 20px auto;
padding: 0 20px;
}
.product {
border: 1px solid #ddd;
border-radius: 5px;
margin: 15px;
padding: 10px;
text-align: center;
width: calc(33.333% - 40px);
display: inline-block;
vertical-align: top;
}
img {
max-width: 100%;
height: auto;
}
footer {
text-align: center;
padding: 20px;
background: #333;
color: white;
position: relative;
bottom: 0;
width: 100%;
}
.floating-basket {
position: fixed;
right: 20px;
top: 20px;
background: #fff;
border: 1px solid #ddd;
border-radius: 5px;
padding: 15px;
box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1);
width: 200px;
z-index: 1000;
}
.basket-header {
font-weight: bold;
margin-bottom: 10px;
}
.basket-item {
margin: 5px 0;
}
.basket-total {
margin-top: 10px;
font-weight: bold;
}
@media (max-width: 768px) {
.product {
width: calc(50% - 40px);
}
}
@media (max-width: 480px) {
.product {
width: calc(100% - 40px);
}
}
</style>
</head>
<body>
<header>
<h1>Webshop for buying roots </h1>
</header>
<div class="container">
<h2>Products</h2>
<div class="product">
<img src="flower.png" alt="Flower">
<h3>Flower Root</h3>
<p>Almost FREE (1.-)</p>
<button onclick="addToCart(1,1)" '="">Add to Cart</button>
</div>
<div class="product">
<img src="tree.png" alt="Tree">
<h3>Tree Root</h3>
<p>1337.-</p>
<button onclick="addToCart(2,1337)">Add to Cart</button>
</div>
<div class="product">
<img src="flag.png" alt="Flag">
<h3>Flag (not a root)</h3>
<p>99'999.-</p>
<button id="3" onclick="addToCart(3,99999)">Add to Cart</button>
</div>
</div>
<div class="floating-basket" id="basket">
<div class="basket-header">Shopping Basket</div>
<div id="basketItems"><div class="basket-item">0x flower - $0.00</div><div class="basket-item">0x tree - $0.00</div><div class="basket-item">0x flag - $0.00</div></div>
<div class="basket-total" id="basketTotal">Total: $0.00</div>
<button id="clear" onclick="document.cookie="basket=1; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/";;location.reload()">CLEAR</button>
<button id="checkout" onclick="checkout()">CHECKOUT</button>
</div>
<script>
stock = [99,2,0];
if (document.cookie == '') {
cookie = [{'qty':0, 'cost':0, 'name':'flower'},{'qty':0, 'cost':0, 'name':'tree'},{'qty':0, 'cost':0, 'name':'flag'}];
const expires = new Date(Date.now() + 7 * 24 * 60 * 60 * 1000).toUTCString();
const cookieValue = JSON.stringify(cookie);
document.cookie = 'basket='+cookieValue+'; expires='+expires+'; path=/';
}
updateBasket();
function checkout(){
cookie = document.cookie.split('=')[1];
cookie2 = JSON.parse(cookie);
if (cookie2[0]['qty']==0 && cookie2[1]['qty']==0 && cookie2[2]['qty']==0 ){
alert('nothing in your basket')
}
window.location.href='/checkout.php'
}
function updateBasket() {
let total = 0;
const basketItemsDiv = document.getElementById('basketItems');
basketItemsDiv.innerHTML = '';
cookie = document.cookie.split('=')[1];
cookie2 = JSON.parse(cookie);
cookie2.forEach(item => {
const itemDiv = document.createElement('div');
itemDiv.className = 'basket-item';
itemDiv.textContent = `${item.qty}x ${item.name} - $${item.cost.toFixed(2)}`;
total += item.cost;
basketItemsDiv.appendChild(itemDiv);
});
document.getElementById('basketTotal').textContent = `Total: $${total.toFixed(2)}`;
}
function addToCart(a, b) {
let cookie = document.cookie;
const expires = new Date(Date.now() + 7 * 24 * 60 * 60 * 1000).toUTCString();
cookie = document.cookie.split('=')[1];
cookie2 = JSON.parse(cookie);
if (stock[a-1]<=cookie2[a-1]['qty']) {
alert('out of stock')
return
}
cookie2[a-1]['qty'] += 1;
cookie2[a-1]['cost'] += b;
const cookieValue = JSON.stringify(cookie2);
document.cookie = `basket=${cookieValue}; expires=${expires}; path=/`;
console.log(document.cookie)
updateBasket()
};
</script>
<footer>
<p>© 2024 My Webshop for buying roots</p>
</footer>
</body></html>