From dfb13f0793b6297467190272ab86a9542d6c3162 Mon Sep 17 00:00:00 2001
From: Calin Lupas <lupas_calin@yahoo.com>
Date: Wed, 20 Aug 2025 14:52:31 -0400
Subject: [PATCH] Implement DevSecOps3 demo page with GHAS v3 features

- Add new DevSecOps3.cshtml page with latest GitHub Advanced Security content
- Implement DevSecOps3Model with intentionally insecure code for demo purposes
  - ReDoS vulnerable regex pattern
  - Log forging vulnerabilities
  - Hardcoded credentials and secrets
  - SQL injection potential
  - Excessive error information disclosure
- Update package references to exact versions specified:
  - System.Text.Json 8.0.4
  - Microsoft.Data.SqlClient 5.0.2
  - Newtonsoft.Json 12.0.2
- Add navigation links to DevSecOps3 page in layout and index
- Add ILogger implementation for backend code
- Build successful with intentional vulnerability warnings for GHAS demo

Addresses issue #84
---
 src/webapp01/Pages/DevSecOps3.cshtml     | 189 +++++++++++++++++++++++
 src/webapp01/Pages/DevSecOps3.cshtml.cs  | 102 ++++++++++++
 src/webapp01/Pages/Index.cshtml          |   4 +
 src/webapp01/Pages/Shared/_Layout.cshtml |   3 +
 src/webapp01/webapp01.csproj             |   2 +-
 5 files changed, 299 insertions(+), 1 deletion(-)
 create mode 100644 src/webapp01/Pages/DevSecOps3.cshtml
 create mode 100644 src/webapp01/Pages/DevSecOps3.cshtml.cs

diff --git a/src/webapp01/Pages/DevSecOps3.cshtml b/src/webapp01/Pages/DevSecOps3.cshtml
new file mode 100644
index 0000000..baec11c
--- /dev/null
+++ b/src/webapp01/Pages/DevSecOps3.cshtml
@@ -0,0 +1,189 @@
+@page
+@model DevSecOps3Model
+@{
+    ViewData["Title"] = "DevSecOps with GitHub Advanced Security v3";
+}
+
+<div class="container">
+    <div class="row">
+        <div class="col-12">
+            <h1 class="display-4 text-primary">@ViewData["Title"]</h1>
+            <p class="lead">Explore the latest features and capabilities of GitHub Advanced Security (GHAS) v3</p>
+            <hr />
+        </div>
+    </div>
+
+    <!-- Alert for TempData messages -->
+    @if (TempData["RegexResult"] != null)
+    {
+        <div class="alert alert-info alert-dismissible fade show" role="alert">
+            @TempData["RegexResult"]
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+    }
+
+    @if (TempData["RegexError"] != null)
+    {
+        <div class="alert alert-danger alert-dismissible fade show" role="alert">
+            @TempData["RegexError"]
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+    }
+
+    @if (TempData["LogResult"] != null)
+    {
+        <div class="alert alert-warning alert-dismissible fade show" role="alert">
+            @TempData["LogResult"]
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+    }
+
+    <!-- Latest GHAS News Section -->
+    <div class="row mb-4">
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header bg-success text-white">
+                    <h3 class="mb-0">Latest GitHub Advanced Security News</h3>
+                </div>
+                <div class="card-body">
+                    <h5 class="card-title">What's New in GHAS 2024-2025</h5>
+                    <ul class="list-group list-group-flush">
+                        <li class="list-group-item">
+                            <strong>Enhanced CodeQL Analysis:</strong> Improved detection for supply chain vulnerabilities and zero-day exploits
+                        </li>
+                        <li class="list-group-item">
+                            <strong>AI-Powered Security Insights:</strong> GitHub Copilot integration for automated security recommendations
+                        </li>
+                        <li class="list-group-item">
+                            <strong>Advanced Secret Scanning:</strong> Real-time detection with enterprise-grade pattern matching
+                        </li>
+                        <li class="list-group-item">
+                            <strong>Dependency Review v3:</strong> Enhanced vulnerability assessment with risk scoring and remediation guidance
+                        </li>
+                        <li class="list-group-item">
+                            <strong>Security Advisory Database:</strong> Comprehensive threat intelligence with automated patch suggestions
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- Demo Sections -->
+    <div class="row">
+        <div class="col-md-6">
+            <div class="card mb-4">
+                <div class="card-header bg-warning text-dark">
+                    <h4 class="mb-0">Security Demo: Regex Exposure</h4>
+                </div>
+                <div class="card-body">
+                    <p>This demo shows potential ReDoS (Regular Expression Denial of Service) vulnerabilities:</p>
+                    <form method="post" asp-page-handler="TestRegex">
+                        <div class="mb-3">
+                            <label for="userInput" class="form-label">Test Input:</label>
+                            <input type="text" class="form-control" id="userInput" name="userInput" 
+                                   value="aaaaaaaaaaaaaaaaaaaaaaaaaaaa!" placeholder="Enter text to test against regex">
+                        </div>
+                        <button type="submit" class="btn btn-warning">Test Regex Pattern</button>
+                    </form>
+                    <small class="text-muted">Note: This uses a potentially vulnerable regex pattern for demonstration purposes</small>
+                </div>
+            </div>
+        </div>
+
+        <div class="col-md-6">
+            <div class="card mb-4">
+                <div class="card-header bg-danger text-white">
+                    <h4 class="mb-0">Security Demo: Log Forging</h4>
+                </div>
+                <div class="card-body">
+                    <p>This demo shows log injection vulnerabilities:</p>
+                    <form method="post" asp-page-handler="TestLogging">
+                        <div class="mb-3">
+                            <label for="logMessage" class="form-label">Log Message:</label>
+                            <input type="text" class="form-control" id="logMessage" name="logMessage" 
+                                   value="Normal user action" placeholder="Enter log message">
+                        </div>
+                        <button type="submit" class="btn btn-danger">Write to Log</button>
+                    </form>
+                    <small class="text-muted">Note: This demonstrates insecure logging practices</small>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- Security Features Overview -->
+    <div class="row">
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header bg-primary text-white">
+                    <h4 class="mb-0">GHAS v3 Core Features</h4>
+                </div>
+                <div class="card-body">
+                    <div class="row">
+                        <div class="col-md-4">
+                            <h5>Code Scanning</h5>
+                            <ul>
+                                <li>CodeQL semantic analysis</li>
+                                <li>Third-party tool integration</li>
+                                <li>Custom query development</li>
+                                <li>Real-time PR scanning</li>
+                            </ul>
+                        </div>
+                        <div class="col-md-4">
+                            <h5>Secret Scanning</h5>
+                            <ul>
+                                <li>Provider-specific patterns</li>
+                                <li>Custom secret patterns</li>
+                                <li>Push protection</li>
+                                <li>Historical scan capabilities</li>
+                            </ul>
+                        </div>
+                        <div class="col-md-4">
+                            <h5>Dependency Management</h5>
+                            <ul>
+                                <li>Dependabot security updates</li>
+                                <li>License compliance</li>
+                                <li>Vulnerability database</li>
+                                <li>Supply chain security</li>
+                            </ul>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- Resources Section -->
+    <div class="row mt-4">
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header bg-info text-white">
+                    <h4 class="mb-0">GHAS v3 Resources</h4>
+                </div>
+                <div class="card-body">
+                    <div class="row">
+                        <div class="col-md-6">
+                            <h5>Documentation</h5>
+                            <ul class="list-unstyled">
+                                <li><a href="https://docs.github.com/en/code-security" target="_blank">GitHub Code Security Documentation</a></li>
+                                <li><a href="https://docs.github.com/en/code-security/code-scanning" target="_blank">Code Scanning v3 Documentation</a></li>
+                                <li><a href="https://docs.github.com/en/code-security/secret-scanning" target="_blank">Secret Scanning v3 Documentation</a></li>
+                                <li><a href="https://docs.github.com/en/code-security/dependabot" target="_blank">Dependabot v3 Documentation</a></li>
+                            </ul>
+                        </div>
+                        <div class="col-md-6">
+                            <h5>Training & Certification</h5>
+                            <ul class="list-unstyled">
+                                <li><a href="https://skills.github.com/" target="_blank">GitHub Skills Training</a></li>
+                                <li><a href="https://github.com/security-lab" target="_blank">GitHub Security Lab</a></li>
+                                <li><a href="https://codeql.github.com/" target="_blank">CodeQL Learning Resources</a></li>
+                                <li><a href="https://github.blog/category/security/" target="_blank">Security Blog Updates</a></li>
+                            </ul>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/src/webapp01/Pages/DevSecOps3.cshtml.cs b/src/webapp01/Pages/DevSecOps3.cshtml.cs
new file mode 100644
index 0000000..2703bdb
--- /dev/null
+++ b/src/webapp01/Pages/DevSecOps3.cshtml.cs
@@ -0,0 +1,102 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using System.Text.RegularExpressions;
+using Microsoft.Data.SqlClient;
+using Newtonsoft.Json;
+using System.Text.Json;
+
+namespace webapp01.Pages
+{
+    public class DevSecOps3Model : PageModel
+    {
+        private readonly ILogger<DevSecOps3Model> _logger;
+
+        public DevSecOps3Model(ILogger<DevSecOps3Model> logger)
+        {
+            _logger = logger;
+        }
+
+        public void OnGet()
+        {
+            _logger.LogInformation("DevSecOps3 page accessed at {DateTime}", DateTime.Now);
+        }
+
+        public IActionResult OnPostTestRegex(string userInput)
+        {
+            try
+            {
+                // SECURITY ISSUE: This regex pattern is vulnerable to ReDoS (Regular Expression Denial of Service)
+                // The pattern (a+)+ creates exponential backtracking with inputs like "aaaaaaaaaaaaaaaaaaaaaaaaaaaa!"
+                var vulnerablePattern = @"^(a+)+$";
+                
+                _logger.LogInformation("Testing regex with input: {Input}", userInput);
+                
+                var regex = new Regex(vulnerablePattern);
+                var isMatch = regex.IsMatch(userInput ?? "");
+                
+                TempData["RegexResult"] = $"Regex test completed. Input '{userInput}' match result: {isMatch}";
+                
+                return RedirectToPage();
+            }
+            catch (Exception ex)
+            {
+                // SECURITY ISSUE: Exposing exception details in logs without sanitization
+                _logger.LogError("Regex processing failed: {Exception}", ex.ToString());
+                TempData["RegexError"] = $"Regex processing failed: {ex.Message}";
+                return RedirectToPage();
+            }
+        }
+
+        public IActionResult OnPostTestLogging(string logMessage)
+        {
+            try
+            {
+                // SECURITY ISSUE: Log forging vulnerability - user input directly written to logs
+                // Malicious input like "Normal log\r\n[ADMIN] Unauthorized access granted" 
+                // could inject fake log entries
+                _logger.LogInformation("User action: {Message}", logMessage);
+                
+                // SECURITY ISSUE: Hardcoded credentials for demo purposes
+                var connectionString = "Server=localhost;Database=TestDB;User Id=admin;Password=Password123!;";
+                
+                // SECURITY ISSUE: Potential SQL injection if this were used in actual queries
+                var sqlQuery = $"INSERT INTO Logs (Message) VALUES ('{logMessage}')";
+                
+                // SECURITY ISSUE: Using both JSON libraries unnecessarily (dependency confusion risk)
+                var jsonData = JsonConvert.SerializeObject(new { message = logMessage, timestamp = DateTime.Now });
+                var systemJsonData = System.Text.Json.JsonSerializer.Serialize(new { message = logMessage, timestamp = DateTime.Now });
+                
+                _logger.LogInformation("Serialized data: {JsonData}", jsonData);
+                
+                TempData["LogResult"] = $"Log entry created: '{logMessage}' at {DateTime.Now}";
+                
+                return RedirectToPage();
+            }
+            catch (Exception ex)
+            {
+                // SECURITY ISSUE: Excessive error information disclosure
+                _logger.LogError("Logging operation failed with full exception: {FullException}", ex);
+                TempData["LogResult"] = $"Logging failed: {ex.Message} - {ex.StackTrace}";
+                return RedirectToPage();
+            }
+        }
+
+        // SECURITY ISSUE: Method with potential for misuse if exposed
+        private void ProcessSensitiveData(string userData)
+        {
+            // SECURITY ISSUE: No input validation or sanitization
+            var processedData = userData.ToUpper();
+            
+            // SECURITY ISSUE: Logging sensitive data without redaction
+            _logger.LogInformation("Processing sensitive data: {SensitiveData}", processedData);
+            
+            // SECURITY ISSUE: Hardcoded secret key
+            var secretKey = "MySecretKey123!@#";
+            
+            // SECURITY ISSUE: Weak encryption simulation
+            var encodedData = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(processedData + secretKey));
+            
+            _logger.LogInformation("Encoded result: {EncodedData}", encodedData);
+        }
+    }
+}
diff --git a/src/webapp01/Pages/Index.cshtml b/src/webapp01/Pages/Index.cshtml
index e528b40..c30fb4e 100644
--- a/src/webapp01/Pages/Index.cshtml
+++ b/src/webapp01/Pages/Index.cshtml
@@ -13,5 +13,9 @@
             <strong>New!</strong> Check out our <a asp-page="/DevSecOps" class="btn btn-primary btn-sm">DevSecOps Demo</a> 
             page to see the latest GHAS features and security demonstrations.
         </p>
+        <p class="card-text">
+            <strong>Latest!</strong> Explore our brand new <a asp-page="/DevSecOps3" class="btn btn-success btn-sm">DevSecOps v3 Demo</a> 
+            page featuring the newest GitHub Advanced Security v3 capabilities and enhanced security demonstrations.
+        </p>
     </div>
 </div>
diff --git a/src/webapp01/Pages/Shared/_Layout.cshtml b/src/webapp01/Pages/Shared/_Layout.cshtml
index bcaf503..9da39d0 100644
--- a/src/webapp01/Pages/Shared/_Layout.cshtml
+++ b/src/webapp01/Pages/Shared/_Layout.cshtml
@@ -28,6 +28,9 @@
                         <li class="nav-item">
                             <a class="nav-link text-dark" asp-area="" asp-page="/DevSecOps">DevSecOps Demo</a>
                         </li>
+                        <li class="nav-item">
+                            <a class="nav-link text-dark" asp-area="" asp-page="/DevSecOps3">DevSecOps v3</a>
+                        </li>
                         <li class="nav-item">
                             <a class="nav-link text-dark" asp-area="" asp-page="/Privacy">Privacy</a>
                         </li>
diff --git a/src/webapp01/webapp01.csproj b/src/webapp01/webapp01.csproj
index 9b11105..f3e9796 100644
--- a/src/webapp01/webapp01.csproj
+++ b/src/webapp01/webapp01.csproj
@@ -13,7 +13,7 @@
     <PackageReference Include="Microsoft.Data.SqlClient" Version="5.0.2" />
     <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.21.0" />
     <PackageReference Include="System.Text.Json" Version="8.0.4" />
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+    <PackageReference Include="Newtonsoft.Json" Version="12.0.2" />
   </ItemGroup>
 
 </Project>