From 14f4b42ba596e56667bfaaa7843e63d20f96f208 Mon Sep 17 00:00:00 2001 From: Benedikt - Desktop Date: Tue, 6 Nov 2018 11:47:23 +0100 Subject: [PATCH] Fixed some errors. --- .../plugin/introduction/SqlInjectionLesson10.java | 1 - .../plugin/introduction/SqlInjectionLesson8.java | 1 - .../plugin/introduction/SqlInjectionLesson9.java | 10 ++++------ .../src/main/resources/i18n/WebGoatLabels.properties | 6 ++---- .../en/SqlInjection_introduction_content10.adoc | 2 +- 5 files changed, 7 insertions(+), 13 deletions(-) diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java index aeb62efa5..2fd3fdb3a 100644 --- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java @@ -72,7 +72,6 @@ public class SqlInjectionLesson10 extends AssignmentEndpoint { return true; } } - return false; } diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java index b12c392af..f7144f893 100644 --- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java @@ -78,7 +78,6 @@ public class SqlInjectionLesson8 extends AssignmentEndpoint { while (results.next()) { t.append(""); for (int i = 1; i < (numColumns + 1); i++) { - System.out.println(results.getString(i)); t.append("" + results.getString(i) + ""); } t.append(""); diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java index 97b8c0b22..dfee40190 100644 --- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java @@ -35,10 +35,9 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint { SqlInjectionLesson8.log(connection, query); ResultSet results = statement.executeQuery(query); - results.first(); - - ResultSetMetaData resultsMetaData = results.getMetaData(); - output.append(SqlInjectionLesson8.generateTable(results, resultsMetaData)); + if (results != null && results.first()) { + output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData())); + } } catch (SQLException e) { System.err.println(e.getMessage()); return checkSalaryRanking(connection, output); @@ -59,11 +58,10 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint { ResultSet results = statement.executeQuery(query); results.first(); - // user completes lesson if John Smith is the first in the list if ((results.getString(2).equals("John")) && (results.getString(3).equals("Smith"))) { output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData())); - return trackProgress(success().feedback("sql-injection.9.success").feedbackArgs(output.toString()).build()); + return trackProgress(success().feedback("sql-injection.8.success").feedbackArgs(output.toString()).build()); } else { return trackProgress(failed().output(output.toString()).build()); } diff --git a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties index 83568052b..94703284e 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties +++ b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties @@ -38,6 +38,8 @@ sql-injection.6b.no.results=No results matched. Try Again. sql-injection.8.success=You have succeeded! You successfully compromised the confidentiality of data by viewing internal information that you should not have access to. Well done! {0} sql-injection.8.no.results=No employee found with matching lastname. Or maybe your authentication TAN is incorrect? +sql-injection.9.success=Well done! Now you're earning the most money. And at the same time you successfully compromised the integrity of data by changing the salary! {0} +sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data. SqlStringInjectionHint8-1=The application is taking your input and inserting the values into the variables 'name' and 'auth_tan' of the pre-formed SQL command. SqlStringInjectionHint8-2=Compound SQL statements can be made by expanding the WHERE clause of the statement with keywords like AND and OR. @@ -45,16 +47,12 @@ SqlStringInjectionHint8-3=Try appending a SQL statement that always resolves to SqlStringInjectionHint8-4=Make sure all quotes (" ' ") are opened and closed properly so the resulting SQL query is syntactically correct. SqlStringInjectionHint8-5=Try extending the WHERE clause of the statement by adding something like: ' OR '1' = '1. -sql-injection.9.success=Well done! Now you're earning the most money. And at the same time you successfully compromised the integrity of data by changing the salary. {0} - SqlStringInjectionHint9-1=Try to find a way, to chain another query to the end of the existing one. SqlStringInjectionHint9-2=Use the ; metacharacter to do so. SqlStringInjectionHint9-3=Make use of DML to change your salary. SqlStringInjectionHint9-4=Make sure that the resulting query is syntactically correct. SqlStringInjectionHint9-5=How about something like '; UPDATE employees.... -sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data. - SqlStringInjectionHint10-1=Use the techniques that you have learned before. SqlStringInjectionHint10-2=The application takes your input and filters for entries that are LIKE it. SqlStringInjectionHint10-3=Try query chaining to reach the goal. diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc index 633bc8215..d98f526cb 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc @@ -4,5 +4,5 @@ After successfully compromising confidentiality and integrity in the previous le === It's your turn! Now you're the top earner in your company. But do you see that? -There seems to be a table, where all your actions have been logged to! + +There seems to be a access_log table, where all your actions have been logged to! + Better go and delete it quickly before anyone notices.