dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed the credit card user to be the user that was logged in as. Also base64 encoded the user cookie to make finding sql injection slightly harder.

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@376 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64 2009-02-03 18:16:51 +00:00
parent cafcea2ae9
commit 0032ffdbfc
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java
View File

@ -110,7 +110,7 @@ public class Challenge2Screen extends SequentialLessonAdapter
/** /**
* Description of the Field * Description of the Field
*/ */
protected final static String USER = "s"; protected final static String USER = "user";
/** /**
* Description of the Field * Description of the Field
@ -165,10 +165,10 @@ public class Challenge2Screen extends SequentialLessonAdapter
// <START_OMIT_SOURCE> // <START_OMIT_SOURCE>
// these are red herrings for the first stage // these are red herrings for the first stage
Input input = new Input(Input.HIDDEN, USER, "White"); Input input = new Input(Input.HIDDEN, USER, user);
ec.addElement(input); ec.addElement(input);
Cookie newCookie = new Cookie(USER_COOKIE, "White"); Cookie newCookie = new Cookie(USER_COOKIE, Encoding.base64Encode(user));
s.getResponse().addCookie(newCookie); s.getResponse().addCookie(newCookie);
// <END_OMIT_SOURCE> // <END_OMIT_SOURCE>
@ -190,7 +190,7 @@ public class Challenge2Screen extends SequentialLessonAdapter
{ {
// <START_OMIT_SOURCE> // <START_OMIT_SOURCE>
Cookie newCookie = new Cookie(USER_COOKIE, "White"); Cookie newCookie = new Cookie(USER_COOKIE, Encoding.base64Encode(user));
s.getResponse().addCookie(newCookie); s.getResponse().addCookie(newCookie);
ElementContainer ec = new ElementContainer(); ElementContainer ec = new ElementContainer();
@ -209,7 +209,7 @@ public class Challenge2Screen extends SequentialLessonAdapter
.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); .createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
// pull the USER_COOKIE from the cookies // pull the USER_COOKIE from the cookies
String user = getCookie(s); String user = Encoding.base64Decode(getCookie(s));
String query = "SELECT * FROM user_data WHERE last_name = '" + user + "'"; String query = "SELECT * FROM user_data WHERE last_name = '" + user + "'";
Vector<String> v = new Vector<String>(); Vector<String> v = new Vector<String>();
@ -246,7 +246,7 @@ public class Challenge2Screen extends SequentialLessonAdapter
ec.addElement(t); ec.addElement(t);
ec.addElement(new BR()); ec.addElement(new BR());
Input input = new Input(Input.HIDDEN, USER, "White"); Input input = new Input(Input.HIDDEN, USER, user);
ec.addElement(input); ec.addElement(input);
// STAGE 3 BUTTON // STAGE 3 BUTTON

4
webgoat/main/project/JavaSource/org/owasp/webgoat/session/CreateDB.java
View File

@ -218,8 +218,8 @@ public class CreateDB
String insertData6 = "INSERT INTO user_data VALUES (103,'Jane','Plane','333498703333','AMEX',' ',0)"; String insertData6 = "INSERT INTO user_data VALUES (103,'Jane','Plane','333498703333','AMEX',' ',0)";
String insertData7 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','176896789','MC',' ',0)"; String insertData7 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','176896789','MC',' ',0)";
String insertData8 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','333300003333','AMEX',' ',0)"; String insertData8 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','333300003333','AMEX',' ',0)";
String insertData9 = "INSERT INTO user_data VALUES (10323,'Grumpy','White','673834489','MC',' ',0)"; String insertData9 = "INSERT INTO user_data VALUES (10323,'Grumpy','youaretheweakestlink','673834489','MC',' ',0)";
String insertData10 = "INSERT INTO user_data VALUES (10323,'Grumpy','White','33413003333','AMEX',' ',0)"; String insertData10 = "INSERT INTO user_data VALUES (10323,'Grumpy','youaretheweakestlink','33413003333','AMEX',' ',0)";
String insertData11 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','123609789','MC',' ',0)"; String insertData11 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','123609789','MC',' ',0)";
String insertData12 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','338893453333','AMEX',' ',0)"; String insertData12 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','338893453333','AMEX',' ',0)";
String insertData13 = "INSERT INTO user_data VALUES (15613,'Joesph','Something','33843453533','AMEX',' ',0)"; String insertData13 = "INSERT INTO user_data VALUES (15613,'Joesph','Something','33843453533','AMEX',' ',0)";