enhance research preview, researcher bio, products page

obsrva · Aug 28, 2021 · d5b4f6b · d5b4f6b
1 parent a732c5f
commit d5b4f6b
Show file tree

Hide file tree

Showing 24 changed files with 332 additions and 134 deletions.
diff --git a/Gemfile b/Gemfile
@@ -5,5 +5,7 @@ group :jekyll_plugins do
   # Only put the optional plugins here. Required plugins should go in the gemspec.
   gem 'jekyll-last-modified-at', '>= 1.3.0'
   gem 'jekyll'
+  gem 'jekyll-seo-tag'
+  gem 'jekyll-tagging'
 end
 
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -19,8 +19,8 @@ GEM
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0.6.0)
     eventmachine (1.2.7)
-    execjs (2.7.0)
-    ffi (1.15.1)
+    execjs (2.8.1)
+    ffi (1.15.3)
     forwardable-extended (2.6.0)
     http_parser.rb (0.6.0)
     i18n (1.8.10)
@@ -47,25 +47,31 @@ GEM
       posix-spawn (~> 0.3.9)
     jekyll-sass-converter (2.1.0)
       sassc (> 2.0.1, < 3.0)
+    jekyll-seo-tag (2.7.1)
+      jekyll (>= 3.8, < 5.0)
+    jekyll-tagging (1.1.0)
+      nuggets
     jekyll-watch (2.2.1)
       listen (~> 3.0)
     kramdown (2.3.1)
       rexml
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
-    libv8-node (15.14.0.0)
+    libv8-node (15.14.0.1-arm64-darwin-20)
+    libv8-node (15.14.0.1-x86_64-darwin-20)
     liquid (4.0.3)
-    listen (3.5.1)
+    listen (3.7.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     mercenary (0.4.0)
     mini_racer (0.4.0)
       libv8-node (~> 15.14.0.0)
+    nuggets (1.6.0)
     pathutil (0.16.2)
       forwardable-extended (~> 2.6)
     posix-spawn (0.3.15)
     public_suffix (4.0.6)
-    rake (13.0.1)
+    rake (13.0.6)
     rb-fsevent (0.11.0)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
@@ -79,12 +85,14 @@ GEM
     unicode-display_width (1.7.0)
 
 PLATFORMS
-  ruby
+  universal-darwin-20
 
 DEPENDENCIES
   bundler
   jekyll
   jekyll-last-modified-at (>= 1.3.0)
+  jekyll-seo-tag
+  jekyll-tagging
   rake
   uswds-jekyll!
 

diff --git a/README.md b/README.md
@@ -1,5 +1,7 @@
 
-# The Internet Observatory 
+# The Internet Observatory   
+
+[![Netlify Status](https://api.netlify.com/api/v1/badges/ca521e66-2924-4e28-9144-c223ccd4df44/deploy-status)](https://app.netlify.com/sites/hungry-agnesi-8393b7/deploys)  
 
 *The Internet Observatory (Obsrva) is a vulnerability research project founded by independent security researcher [Tyler Butler](https://tbutler.org). Obsrva engages product vendors in coordinated disclosures, publishes vulnerability advisories, and creates proof of concept exploits.*
 
@@ -25,3 +27,12 @@ Obsrva develops proof of concept exploits for discovered vulnerabilities and pub
 ### Research Library  
 Obsrva maintains the iOT Research Library, a collection of iOT and embedded devices available for loan by independent security researchers. The library provides access to unique, EOL, or other devices no longer under active research by Obsrva. 
 
+
+
+## Credit 
+
+Obsrva would like to thank the following for open source and public domain assets used on obsrva.org 
+
+1.  **[18F](https://github.com/18F/uswds-jekyll):**  A Jekyll theme showcase used as a template for obsrva.org.  
+
+2. **[@matthewhenry](https://unsplash.com/@matthewhenry):** matthewhenry is a videographer (vimeo.com/mtthwhnry) & photographer for Shopify located in Toronto, Canada whoose images are used on obsrva.org.  
diff --git a/_config.yml b/_config.yml
@@ -10,6 +10,18 @@ github_info:
 
 url: https://obsrva.org
 
+social:
+  name: Tyler Butler
+  links:
+    - https://twitter.com/tcbutler0x90
+    - https://www.linkedin.com/in/tyler-b-a700a1aa/
+    - https://github.com/tcbutler320
+    - https://keybase.io/tcbutler320
+
+twitter:
+  username: tbutler0x90
+  card: summary
+
 
 # Configuration for setting the site width to 100%
 # To enable, uncomment the following line
@@ -24,12 +36,12 @@ url: https://obsrva.org
 
 # Uncomment to enable AnchorJS functionality on docs layout.
 # See https://github.com/bryanbraun/anchorjs for more information.
-# anchor_js_targets: [h1, h2, h3, h4, h5, h6]
+anchor_js_targets: [h1, h2, h3, h4, h5, h6]
 
 # Enables Private Eye functionality.
 # See https://github.com/18F/private-eye for more information.
 # Private Eye configuration is in assets/js/main.js
-private_eye: true
+#private_eye: true
 
 # To enable search, uncomment the search section
 # You will need to setup a search account with search.gov
@@ -59,3 +71,6 @@ autoprefixer:
     - last 2 versions
     - IE 11
     - not dead
+
+  plugins:
+    - jekyll-seo-tag
diff --git a/_data/navigation.yml b/_data/navigation.yml
@@ -9,8 +9,8 @@ primary:
     links:
       - text: Vulnerability Discovery
         href: /discovery
-      - text: Research Library
-        href: /docs
+      - text: Vulnerability Research Library
+        href: /library
   - text: Products
     links:
       - text: Vulnerability Advisories
@@ -28,28 +28,24 @@ primary:
     external: false
 
 secondary:
-  - text: Documentation
-    href: /docs/
-  - text: <i class="fab fa-facebook-square"></i>
-    href: /theme/
-  - text: <i class="fab fa-twitter-square"></i>
-    href: /theme/
-  - text: <i class="fab fa-linkedin"></i>
-    href: /theme/
+  - text: Vuln Research Library
+    href: /library/
   - text: <i class="fab fa-github-square"></i>
-    href: /theme/
+    href: https://github.com/obsrva
+    external: true
 
-docs:
-  - text: Sidenav Documentation
-    href: /docs/
-  - text: Sidenav External link
-    href: https://obsrva.org
+library:
+  - text: Library Resources
+    href: /library/
+  - text: Legacy Site
+    href: https://iotrl.org
     external: true
 
+
 footer:
-  - text: Advisories
+  - text: Vulnerability Advisories
     href: /Advisories/
-  - text: Exploits
+  - text: Proof of Concept Exploits
     href: /exploits/
-  - text: Disclosures
+  - text: Coordinated Disclosures
     href: /disclosure/
diff --git a/_includes/components/banner.html b/_includes/components/banner.html
@@ -22,6 +22,7 @@
               <br/>
               Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email (from/to/cc), System Name, and System Location fields.
             </p>
+            <a href="/about/2021/06/06/CVE-2021-35956.html"><button type="button" class="btn btn-dark btn-sm">Read More</button></a>
           </div>
         </div>
         <div class="usa-banner__guidance tablet:grid-col-6">
@@ -32,6 +33,7 @@
               <br/>
               Stored cross-site scripting (XSS) in the embedded webserver of certain HP OfficeJet Printers—including the 4630  e-All-in-One Printer and 7110 Wide Format ePrinter— enables remote unauthenticated attackers to introduce arbitrary JavaScript via the printer name and printer location fields.
             </p>
+            <a href="/about/2021/08/22/CVE-2021-3441.html"><button type="button" class="btn btn-dark btn-sm">Read More</button></a>
           </div>
         </div>
       </div>

diff --git a/_includes/components/graphic-list.html b/_includes/components/graphic-list.html
@@ -7,7 +7,7 @@
       <div class="usa-media-block tablet:grid-col">
         <img class="usa-media-block__img"  src="{{ graphic.image.src | relative_url }}" alt="{{ graphic.image.alt }}">
         <div class="usa-media-block__body">
-          {% if graphic.title %}<h2 class="usa-graphic-list__heading">{{ graphic.title }}</h2>{% endif %}
+          {% if graphic.title %}<h1 class="usa-graphic-list__heading">{{ graphic.title }}</h1>{% endif %}
           {{ graphic.description | markdownify }}
         </div>
       </div>

diff --git a/_includes/components/header.html b/_includes/components/header.html
@@ -20,10 +20,10 @@
             <img
               class="usa-logo-img"
               src="/assets/img/obsrva.svg"
-              alt="{{ header.logo.alt }}">
+              alt="{{ header.logo.alt }}" #00bde3>
           {% endif %} -->
           <em class="usa-logo__text">
-            The Internet <span style="color:#162e51;">Obsrva</span>tory <i class="fas fa-atom fa-spin"></i>
+            The Internet <span style="color:#162e51;">(Obsrva)</span>tory <i class="fas fa-atom fa-spin"></i>
           </em>
         </a>
       </div>

diff --git a/_includes/meta.html b/_includes/meta.html
@@ -17,4 +17,15 @@
 <meta name="twitter:title" content="The Internet Observatory" />
 <meta name="twitter:site" content="@tbutler0x90" />
 <meta name="twitter:image" content="{{site.url}}/assets/img/obsrva.png" />
-<meta name="twitter:creator" content="@tbutler0x90" />
+<meta name="twitter:creator" content="@tbutler0x90" />
+
+<!-- Global site tag (gtag.js) - Google Analytics -->
+<script async src="https://www.googletagmanager.com/gtag/js?id=G-NQC321QFZ9"></script>
+<script>
+window.dataLayer = window.dataLayer || [];
+function gtag(){dataLayer.push(arguments);}
+gtag('js', new Date());
+
+gtag('config', 'G-NQC321QFZ9');
+</script>
+{% seo %}
diff --git a/_layouts/default.html b/_layouts/default.html
@@ -35,23 +35,22 @@ <h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0">{{ page.tagline
     <section class="grid-container usa-section">
       <div class="grid-row grid-gap">
         <div class="tablet:grid-col-4">
-          <h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0">Featured Advisories</h2>
+          <h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0">Featured Research</h2>
         </div>
         <div class="tablet:grid-col-8 usa-prose">
           {% for post in site.posts %}
            {% assign foo = post.tag %}
             {% if post.tag == page.tag %}
-            <img src="{{post.img}}"  class="card-img-top" alt="...">
-            <div class="card-body">
-              <h5 class="card-title">[{{post.cve}}] <a href="{{post.url}}" style="color:black;">{{ post.title }}</a></h5>
-              {% if post.nist %}
-              <a href="{{post.nist}}"><i class="fas fa-external-link-alt"></i></a>
-              {% endif %}
-              {% if post.exploit_db %}
-              <a href="{{post.exploit_db}}"><i class="fas fa-book-dead"></i></a>
-              {% endif %}
-              <p class="card-text">{{post.lead}}</p>
-              <p class="card-text"><small class="text-muted">Published {{post.date | date: "%b %d, %y"}}</small></p>
+            <div class="hov">
+              <a href="{{post.url}}">
+                <img src="{{post.img}}"  class="card-img-top rounded" alt="{{post.title}}">
+                  <div class="card-body">
+                    <h5 class="card-title"><a href="{{post.url}}" style="color:black;text-decoration: none;"><b>{{ post.title }}</b></a> &nbsp&nbsp <span class="badge bg-fun" style="background-color:#162e51;">{{post.cve}}</span> 
+                    </h5>
+                    <p class="card-text">{{post.lead}}</p>
+                    <p class="card-text"><small class="text-muted">Published {{post.date | date: "%b %d, %y"}}</small></p>
+                  </div>
+              </a>
             </div>
             <br>
             {% endif %}
@@ -124,24 +123,29 @@ <h2 class="accordion-header" id="headingTwo">
     <section class="grid-container usa-section">
       <div class="grid-row grid-gap" >
         <div class="tablet:grid-col-4">
-          <h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0" id="{{page.featured | uri_escape }}">Recent Advisories</h2>
+          <h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0" id="{{page.featured | uri_escape }}">Recent Research</h2>
+          <p class="text-muted">Our most recent research focuses on internet of things and embedded webserver security. </p>
         </div>
         <div class="tablet:grid-col-8 usa-prose">
           {% for post in site.posts %}
           {% if post.tag == 'cve' %}
-            <img src="{{post.img}}"  class="card-img-top rounded" style="border: #162e51 1px solid;" alt="...">
-            <div class="card-body">
-              <h5 class="card-title"><a href="{{post.url}}" style="color:black;">{{ post.title }}</a>              &nbsp&nbsp <span class="badge bg-fun" style="background-color:#162e51;">{{post.cve}}</span> 
-              </h5>
-              {% if post.nist %}
-              <a href="{{post.nist}}"><i class="fas fa-external-link-alt"></i></a>
-              {% endif %}
-              {% if post.exploit_db %}
-              <a href="{{post.exploit_db}}"><i class="fas fa-book-dead"></i></a>
-              {% endif %}
-              <p class="card-text">{{post.lead}}</p>
-              <p class="card-text"><small class="text-muted">Published {{post.date | date: "%b %d, %y"}}</small></p>
-            </div>
+          <div class="hov">
+            <a href="{{post.url}}">
+              <img src="{{post.img}}"  class="card-img-top rounded" alt="{{post.title}}">
+                <div class="card-body">
+                  <h5 class="card-title"><a href="{{post.url}}" style="color:black;text-decoration: none;"><b>{{ post.title }}</b></a> &nbsp&nbsp <span class="badge bg-fun" style="background-color:#162e51;">{{post.cve}}</span> 
+                  </h5>
+                  <!-- {% if post.nist %}
+                  <a href="{{post.nist}}"><i class="fas fa-external-link-alt"></i></a>
+                  {% endif %}
+                  {% if post.exploit_db %}
+                  <a href="{{post.exploit_db}}"><i class="fas fa-book-dead"></i></a>
+                  {% endif %} -->
+                  <p class="card-text">{{post.lead}}</p>
+                  <p class="card-text"><small class="text-muted">Published {{post.date | date: "%b %d, %y"}}</small></p>
+                </div>
+            </a>
+          </div>
             <!-- <div class="card mb-3" style="width: 100%;">
               <div class="row g-0">
                 <div class="col-md-4">

diff --git a/_posts/2021-03-05-2021-PHP-TimeClock-SQLi-POC.md b/_posts/2021-03-05-2021-PHP-TimeClock-SQLi-POC.md
@@ -0,0 +1,31 @@
+---
+layout: cve
+title:  "PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection"
+date: 2021-08-22 09:34:43 -0400
+categories: "About"
+author: Tyler Butler
+description: Proof of concept exploit for PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection
+lead: Proof of concept exploit for PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection
+tag: poc 
+language: text
+advisory: 
+
+hero:
+  image: /assets/uswds/img/camera.png
+  callout:
+    alt: "PHP Timeclock 1.04"
+    text: "Time and Boolean Based Blind SQL Injection"
+  button:
+    href:
+    text:
+    number:
+    enable: false
+  link:
+    text: Link to more about that priority
+    href: /link/
+  content: In March 2021, Tyler Butler discovered a Time and Boolean Based Blind SQL Injection in PHP Timeclock 1.04. The PoC developed was submitted to the exploit-db database in entry 49849.
+---  
+
+<br>
+
+<script src="https://gist.github.com/tcbutler320/cfebca0cc74d4dea247b08eb0bf9dbdd.js"></script>
diff --git a/_posts/2021-03-05-2021-PHP-TimeClock-XSS-POC.md b/_posts/2021-03-05-2021-PHP-TimeClock-XSS-POC.md
@@ -0,0 +1,31 @@
+---
+layout: cve
+title:  "PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)"
+date: 2021-08-22 09:34:43 -0400
+categories: "About"
+author: Tyler Butler
+description: Proof of concept exploit for PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)
+lead: Proof of concept exploit for PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)
+tag: poc 
+language: text
+advisory: 
+
+hero:
+  image: /assets/uswds/img/camera.png
+  callout:
+    alt: "PHP Timeclock 1.04"
+    text: "'Multiple' Cross Site Scripting (XSS)"
+  button:
+    href:
+    text:
+    number:
+    enable: false
+  link:
+    text: Link to more about that priority
+    href: /link/
+  content: In March 2021, Tyler Butler discovered 'Multiple' Cross Site Scripting (XSS) vulnerabilities in PHP Timeclock 1.04. The PoC developed was submitted to the exploit-db database in entry 49853.
+---  
+
+<br>
+
+<script src="https://gist.github.com/tcbutler320/7d376ff6298f60ba9c69886d94a839de.js"></script>