dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed comments by Bruce

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@59 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
sherif.fathy
2007-01-11 05:14:09 +00:00
parent 2fdf823259
commit 036964495b
12 changed files with 52 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CSRF.java
View File

@ -219,11 +219,7 @@ public class CSRF extends LessonAdapter {
TR row2 = new TR( new TD( new B(new StringElement( "Message:" )) ) );
row2.addElement( new TD( new StringElement( messageData ) ) );
t.addElement( row2 );
// Edited by Chuck Willis - added display of the user who posted the message, so that
// if users use a cross site request forgery or XSS to make another user post a message,
// they can see that the message is attributed to that user
TR row3 = new TR( new TD( new StringElement( "Posted By:" ) ) );
row3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );
t.addElement( row3 );
@ -268,8 +264,8 @@ public class CSRF extends LessonAdapter {
hints.add( "Enter some text and try to include an image in there." );
hints.add( "In order to make the picture almost invisible try to add width=\"1\" and height=\"1\"." );
hints.add( "The format of an image in html is <pre>&lt;img src=\"[URL]\" width=\"1\" height=\"1\" /&gt;</pre>");
hints.add( "Include this URL in the message <pre>&lt;img src='http://localhost:8080/WebGoat/attack?"+
"&Screen=" + String.valueOf(getScreenId()) +
hints.add( "Include this URL in the message <pre>&lt;img src='http://localhost/WebGoat/attack?"+
"Screen=" + String.valueOf(getScreenId()) +
"&menu=" + getDefaultCategory().getRanking().toString() +
"&transferFunds=5000' width=\"1\" height=\"1\" /&gt;</pre>");
@ -296,4 +292,8 @@ public class CSRF extends LessonAdapter {
return nameroot;
}
public Element getCredits() {
return new StringElement("Created by Sherif Koussa");
}
}

3
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java
View File

@ -111,8 +111,7 @@ public class DOMInjection extends LessonAdapter {
}
public Element getCredits() {
return new StringElement("This screen created by: Sherif Koussa");
return new StringElement("Created by Sherif Koussa");
}
protected Category getDefaultCategory() {

7
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ForcedBrowsing.java
View File

@ -98,7 +98,7 @@ public class ForcedBrowsing extends LessonAdapter
hints.add( "Try to guess the URL for the config page" );
hints.add( "The config page is guessable and hackable" );
hints.add( "Play with the URL and try to guess what the can you replace 'attack' with." );
hints.add( "Try to navigate to http://localhost:8080/WebGoat/config" );
hints.add( "Try to navigate to http://localhost/WebGoat/config" );
return hints;
}
@ -119,9 +119,8 @@ public class ForcedBrowsing extends LessonAdapter
return ( "Forced Browsing" );
}
public Element getCredits()
{
return new StringElement("This screen created by: Sherif Koussa");
public Element getCredits() {
return new StringElement("Created by Sherif Koussa");
}
}

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpSplitting.java
View File

@ -152,7 +152,7 @@ public class HttpSplitting extends LessonAdapter {
try
{
s.setMessage("Now that you have successfully performed an HTTP Splitting, now try to poison" +
" the victim's cache using. Type 'restart' in the input field if you wish to " +
" the victim's cache. Type 'restart' in the input field if you wish to " +
" to return to the HTTP Splitting lesson.<br><br>");
if ( s.getParser().getRawParameter( LANGUAGE, "YOUR_NAME" ).equals("restart"))
{
@ -206,7 +206,7 @@ public class HttpSplitting extends LessonAdapter {
hints.add( "Cache Poisoning starts with including 'Last-Modified' header in the hijacked page and setting it to a future date." );
hints.add( "Try language=?foobar%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aLast-Modified:%20Mon,%2027%20Oct%202003%2014:50:18%20GMT%0d%0aContent-Length:%2047%0d%0a%0d%0a&lt;html&gt;Insert undesireable content here&lt;/html&gt;" );
hints.add( "'Last-Modified' header forces the browser to send a 'If-Modified-Since' header. Some cache servers will take the bait and keep serving the hijacked page");
hints.add( "Try to intercept the reply and add HTTP/1.1 304 Not Modified0d%0aDate:%20Mon,%2027%20Oct%202003%2014:50:18%20GMT");
hints.add( "Try to intercept the reply and add HTTP/1.1 304 Not Modified0d%0aDate:%20Mon,%2027%20Oct%202030%2014:50:18%20GMT");
return hints;
}
@ -228,4 +228,8 @@ public class HttpSplitting extends LessonAdapter {
return ( "HTTP Splitting" );
}
public Element getCredits() {
return new StringElement("Created by Sherif Koussa");
}
}

3
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/JSONInjection.java
View File

@ -216,5 +216,8 @@ public class JSONInjection extends LessonAdapter {
return ( "JSON Injection" );
}
public Element getCredits() {
return new StringElement("Created by Sherif Koussa");
}
}

3
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/LogSpoofing.java
View File

@ -120,4 +120,7 @@ public class LogSpoofing extends LessonAdapter {
return AbstractLesson.A6;
}
public Element getCredits() {
return new StringElement("Created by Sherif Koussa");
}
}

5
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/NewLesson.java
View File

@ -55,9 +55,8 @@ public class NewLesson extends LessonAdapter
return ( "How to add a new WebGoat lesson" );
}
public Element getCredits()
{
return new StringElement("This screen created by: Sherif Koussa");
public Element getCredits() {
return new StringElement("Created by Sherif Koussa");
}
}

17
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SilentTransactions.java
View File

@ -41,12 +41,24 @@ public class SilentTransactions extends LessonAdapter {
{
if (s.getParser().getRawParameter( "confirm", "").equals("Confirm"))
{
String amount = s.getParser().getRawParameter( "amount", "");
s.getResponse().setContentType("text/html");
s.getResponse().setHeader("Cache-Control", "no-cache");
PrintWriter out = new PrintWriter(s.getResponse().getOutputStream());
out.print("<br><br>* Congratulations. You have successfully completed this lesson.");
StringBuffer result = new StringBuffer();
result.append("<br><br>* Congratulations. You have successfully completed this lesson.<br>");
if (!amount.equals(""))
{
result.append("You have just silently authorized ");
result.append(amount);
result.append("$ without the user interaction.<br>");
}
result.append("Now you can send out a spam email containing this link and whoever clicks on it<br>");
result.append(" and happens to be logged in the same time will loose their money !!");
out.print(result.toString());
out.flush();
out.close();
getLessonTracker(s).setCompleted(true);
return;
}
else if (s.getParser().getRawParameter( "confirm", "").equals("Transferring"))
@ -217,5 +229,8 @@ public class SilentTransactions extends LessonAdapter {
return ( "Silent Transactions Attacks" );
}
public Element getCredits() {
return new StringElement("Created by Sherif Koussa");
}
}

6
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/XPATHInjection.java
View File

@ -163,11 +163,9 @@ public class XPATHInjection extends LessonAdapter {
}
public Element getCredits() {
return new StringElement("Sherif Koussa");
return new StringElement("Created by Sherif Koussa");
}
protected Category getDefaultCategory() {
return AbstractLesson.A6;
@ -189,7 +187,7 @@ public class XPATHInjection extends LessonAdapter {
hints.add( "Remember that the data is stored in XML format." );
hints.add( "The system is using XPath to query." );
hints.add( "XPath is almost the same thing as SQL, the same hacking techniques apply too." );
hints.add( "Try username: Smtih' or 1=1 or 'a'='a and a password: anything " );
hints.add( "Try username: Smith' or 1=1 or 'a'='a and a password: anything " );
return hints;
}