dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed some errors.

Browse Source
This commit is contained in:
Benedikt - Desktop 2018-11-06 11:47:23 +01:00 committed by Nanne Baars
parent 26e3803de0
commit 14f4b42ba5
5 changed files with 7 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java
View File

@ -72,7 +72,6 @@ public class SqlInjectionLesson10 extends AssignmentEndpoint {
return true; return true;
} }
} }
return false; return false;
} }

1
webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java
View File

@ -78,7 +78,6 @@ public class SqlInjectionLesson8 extends AssignmentEndpoint {
while (results.next()) { while (results.next()) {
t.append("<tr>"); t.append("<tr>");
for (int i = 1; i < (numColumns + 1); i++) { for (int i = 1; i < (numColumns + 1); i++) {
System.out.println(results.getString(i));
t.append("<td>" + results.getString(i) + "</td>"); t.append("<td>" + results.getString(i) + "</td>");
} }
t.append("</tr>"); t.append("</tr>");

10
webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java
View File

@ -35,10 +35,9 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint {
SqlInjectionLesson8.log(connection, query); SqlInjectionLesson8.log(connection, query);
ResultSet results = statement.executeQuery(query); ResultSet results = statement.executeQuery(query);
results.first(); if (results != null && results.first()) {
output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData()));
ResultSetMetaData resultsMetaData = results.getMetaData(); }
output.append(SqlInjectionLesson8.generateTable(results, resultsMetaData));
} catch (SQLException e) { } catch (SQLException e) {
System.err.println(e.getMessage()); System.err.println(e.getMessage());
return checkSalaryRanking(connection, output); return checkSalaryRanking(connection, output);
@ -59,11 +58,10 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint {
ResultSet results = statement.executeQuery(query); ResultSet results = statement.executeQuery(query);
results.first(); results.first();
// user completes lesson if John Smith is the first in the list // user completes lesson if John Smith is the first in the list
if ((results.getString(2).equals("John")) && (results.getString(3).equals("Smith"))) { if ((results.getString(2).equals("John")) && (results.getString(3).equals("Smith"))) {
output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData())); output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData()));
return trackProgress(success().feedback("sql-injection.9.success").feedbackArgs(output.toString()).build()); return trackProgress(success().feedback("sql-injection.8.success").feedbackArgs(output.toString()).build());
} else { } else {
return trackProgress(failed().output(output.toString()).build()); return trackProgress(failed().output(output.toString()).build());
} }

6
webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
View File

@ -38,6 +38,8 @@ sql-injection.6b.no.results=No results matched. Try Again.
sql-injection.8.success=You have succeeded! You successfully compromised the confidentiality of data by viewing internal information that you should not have access to. Well done! {0} sql-injection.8.success=You have succeeded! You successfully compromised the confidentiality of data by viewing internal information that you should not have access to. Well done! {0}
sql-injection.8.no.results=No employee found with matching lastname. Or maybe your authentication TAN is incorrect? sql-injection.8.no.results=No employee found with matching lastname. Or maybe your authentication TAN is incorrect?
sql-injection.9.success=Well done! Now you're earning the most money. And at the same time you successfully compromised the integrity of data by changing the salary! {0}
sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
SqlStringInjectionHint8-1=The application is taking your input and inserting the values into the variables 'name' and 'auth_tan' of the pre-formed SQL command. SqlStringInjectionHint8-1=The application is taking your input and inserting the values into the variables 'name' and 'auth_tan' of the pre-formed SQL command.
SqlStringInjectionHint8-2=Compound SQL statements can be made by expanding the WHERE clause of the statement with keywords like AND and OR. SqlStringInjectionHint8-2=Compound SQL statements can be made by expanding the WHERE clause of the statement with keywords like AND and OR.
@ -45,16 +47,12 @@ SqlStringInjectionHint8-3=Try appending a SQL statement that always resolves to
SqlStringInjectionHint8-4=Make sure all quotes (" ' ") are opened and closed properly so the resulting SQL query is syntactically correct. SqlStringInjectionHint8-4=Make sure all quotes (" ' ") are opened and closed properly so the resulting SQL query is syntactically correct.
SqlStringInjectionHint8-5=Try extending the WHERE clause of the statement by adding something like: ' OR '1' = '1. SqlStringInjectionHint8-5=Try extending the WHERE clause of the statement by adding something like: ' OR '1' = '1.
sql-injection.9.success=Well done! Now you're earning the most money. And at the same time you successfully compromised the integrity of data by changing the salary. {0}
SqlStringInjectionHint9-1=Try to find a way, to chain another query to the end of the existing one. SqlStringInjectionHint9-1=Try to find a way, to chain another query to the end of the existing one.
SqlStringInjectionHint9-2=Use the ; metacharacter to do so. SqlStringInjectionHint9-2=Use the ; metacharacter to do so.
SqlStringInjectionHint9-3=Make use of DML to change your salary. SqlStringInjectionHint9-3=Make use of DML to change your salary.
SqlStringInjectionHint9-4=Make sure that the resulting query is syntactically correct. SqlStringInjectionHint9-4=Make sure that the resulting query is syntactically correct.
SqlStringInjectionHint9-5=How about something like '; UPDATE employees.... SqlStringInjectionHint9-5=How about something like '; UPDATE employees....
sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
SqlStringInjectionHint10-1=Use the techniques that you have learned before. SqlStringInjectionHint10-1=Use the techniques that you have learned before.
SqlStringInjectionHint10-2=The application takes your input and filters for entries that are LIKE it. SqlStringInjectionHint10-2=The application takes your input and filters for entries that are LIKE it.
SqlStringInjectionHint10-3=Try query chaining to reach the goal. SqlStringInjectionHint10-3=Try query chaining to reach the goal.

2
webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc
View File

@ -4,5 +4,5 @@ After successfully compromising confidentiality and integrity in the previous le
=== It's your turn! === It's your turn!
Now you're the top earner in your company. Now you're the top earner in your company.
But do you see that? But do you see that?
There seems to be a table, where all your actions have been logged to! + There seems to be a access_log table, where all your actions have been logged to! +
Better go and delete it quickly before anyone notices. Better go and delete it quickly before anyone notices.