chore: add pre-commit hooks
chore: add pre-commit hooks chore: add pre-commit hooks chore: add pre-commit hooks chore: add pre-commit hooks
This commit is contained in:
Nanne Baars
Nanne Baars
@ -4,4 +4,4 @@
|
||||
|
||||
.feedback-negative {
|
||||
color: red;
|
||||
}
|
||||
}
|
||||
|
||||
@ -64,4 +64,4 @@ input[name='Quiz_solutions']:hover {
|
||||
color: white;
|
||||
border-color: white;
|
||||
transition: 300ms all ease-in-out;
|
||||
}
|
||||
}
|
||||
|
||||
@ -11,4 +11,4 @@ CREATE TABLE user_data_tan (
|
||||
|
||||
INSERT INTO user_data_tan VALUES (101,'Joe','Snow','987654321','VISA',' ',0, 'banana');
|
||||
INSERT INTO user_data_tan VALUES (102,'Jane','Plane','74589864','MC',' ',0, 'tarzan');
|
||||
INSERT INTO user_data_tan VALUES (103,'Jack','Sparrow','68659365','MC',' ',0, 'sniffy');
|
||||
INSERT INTO user_data_tan VALUES (103,'Jack','Sparrow','68659365','MC',' ',0, 'sniffy');
|
||||
|
||||
@ -9,4 +9,4 @@ INSERT INTO user_system_data VALUES (101,'jsnow','passwd1', '');
|
||||
INSERT INTO user_system_data VALUES (102,'jdoe','passwd2', '');
|
||||
INSERT INTO user_system_data VALUES (103,'jplane','passwd3', '');
|
||||
INSERT INTO user_system_data VALUES (104,'jeff','jeff', '');
|
||||
INSERT INTO user_system_data VALUES (105,'dave','passW0rD', '');
|
||||
INSERT INTO user_system_data VALUES (105,'dave','passW0rD', '');
|
||||
|
||||
@ -11,4 +11,3 @@ INSERT INTO grant_rights VALUES ('89762','Tobi', 'Barnett', 'Development', 7
|
||||
INSERT INTO grant_rights VALUES ('96134','Bob', 'Franco', 'Marketing', 83700);
|
||||
INSERT INTO grant_rights VALUES ('34477','Abraham ', 'Holman', 'Development', 50000);
|
||||
INSERT INTO grant_rights VALUES ('37648','John', 'Smith', 'Marketing', 64350);
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
== Concept
|
||||
== Concept
|
||||
|
||||
This lesson describes the more advanced topics for an SQL injection.
|
||||
|
||||
|
||||
@ -10,4 +10,3 @@
|
||||
* SQL injection
|
||||
|
||||
=== Often the database is considered trusted
|
||||
|
||||
|
||||
@ -10,4 +10,3 @@ Let's repeat one of the previous assignments, the developer fixed the possible S
|
||||
spot the weakness in this approach?
|
||||
|
||||
Read about the lesson goal link:start.mvc#lesson/SqlInjectionAdvanced.lesson/2[here].
|
||||
|
||||
|
||||
@ -4,5 +4,3 @@ So the last attempt to validate if the query did not contain any spaces failed,
|
||||
into the direction of only performing input validation, can you find out where it went wrong this time?
|
||||
|
||||
Read about the lesson goal link:start.mvc#lesson/SqlInjectionAdvanced.lesson/2[here].
|
||||
|
||||
|
||||
|
||||
@ -53,4 +53,4 @@ The Join operator is used to combine rows from two or more tables, based on a re
|
||||
SELECT * FROM user_data INNER JOIN user_data_tan ON user_data.userid=user_data_tan.userid;
|
||||
-----
|
||||
|
||||
For more detailed information about JOINS visit: https://www.w3schools.com/sql/sql_join.asp
|
||||
For more detailed information about JOINS visit: https://www.w3schools.com/sql/sql_join.asp
|
||||
|
||||
@ -56,4 +56,3 @@ To achieve this kind of SQL injection you could use:
|
||||
----
|
||||
article = 4; sleep(10) --
|
||||
----
|
||||
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
|
||||
=== Safe Stored Procedure (Microsoft SQL Server)
|
||||
-------------------------------------------------------
|
||||
CREATE PROCEDURE ListCustomers(@Country nvarchar(30))
|
||||
AS
|
||||
CREATE PROCEDURE ListCustomers(@Country nvarchar(30))
|
||||
AS
|
||||
SELECT city, COUNT(*)
|
||||
FROM customers
|
||||
WHERE country LIKE @Country GROUP BY city
|
||||
@ -14,10 +14,10 @@ EXEC ListCustomers ‘USA’
|
||||
|
||||
=== Injectable Stored Procedure (Microsoft SQL Server)
|
||||
-------------------------------------------------------
|
||||
CREATE PROCEDURE getUser(@lastName nvarchar(25))
|
||||
AS
|
||||
CREATE PROCEDURE getUser(@lastName nvarchar(25))
|
||||
AS
|
||||
declare @sql nvarchar(255)
|
||||
set @sql = 'SELECT * FROM users WHERE
|
||||
lastname = + @LastName + '
|
||||
exec sp_executesql @sql
|
||||
exec sp_executesql @sql
|
||||
-------------------------------------------------------
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
----
|
||||
public static bool isUsernameValid(string username) {
|
||||
RegEx r = new Regex("^[A-Za-z0-9]{16}$");
|
||||
return r.isMatch(username);
|
||||
return r.isMatch(username);
|
||||
}
|
||||
|
||||
// java.sql.Connection conn is set elsewhere for brevity.
|
||||
@ -48,4 +48,3 @@ statement.setString(2, "webgoat");
|
||||
statement.setString(3, "webgoat@owasp.org");
|
||||
statement.executeUpdate();
|
||||
----
|
||||
|
||||
|
||||
@ -36,4 +36,4 @@ If you are still struggling with SQL and need more information or practice, you
|
||||
=== It is your turn!
|
||||
Look at the example table.
|
||||
Try to retrieve the department of the employee Bob Franco.
|
||||
Note that you have been granted full administrator privileges in this assignment and can access all data without authentication.
|
||||
Note that you have been granted full administrator privileges in this assignment and can access all data without authentication.
|
||||
|
||||
@ -3,7 +3,7 @@ After successfully compromising confidentiality and integrity in the previous le
|
||||
|
||||
There are many different ways to violate availability.
|
||||
If an account is deleted or its password gets changed, the actual owner cannot access this account anymore.
|
||||
Attackers could also try to delete parts of the database, or even drop the whole database, in order to make the data inaccessible.
|
||||
Attackers could also try to delete parts of the database, or even drop the whole database, in order to make the data inaccessible.
|
||||
Revoking the access rights of admins or other users is yet another way to compromise availability; this would prevent these users from accessing either specific parts of the database or even the entire database as a whole.
|
||||
|
||||
=== It is your turn!
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
As implied by the name, data manipulation language deals with the manipulation of data. Many of the most common SQL statements, including SELECT, INSERT, UPDATE, and DELETE, may be categorized as DML statements. DML statements may be used for requesting records (SELECT), adding records (INSERT), deleting records (DELETE), and modifying existing records (UPDATE).
|
||||
|
||||
If an attacker succeeds in "injecting" DML statements into a SQL database, he can violate the confidentiality (using SELECT statements), integrity (using UPDATE statements), and availability (using DELETE or UPDATE statements) of a system.
|
||||
If an attacker succeeds in "injecting" DML statements into a SQL database, he can violate the confidentiality (using SELECT statements), integrity (using UPDATE statements), and availability (using DELETE or UPDATE statements) of a system.
|
||||
|
||||
|
||||
* DML commands are used for storing, retrieving, modifying, and deleting data.
|
||||
@ -20,6 +20,3 @@ If an attacker succeeds in "injecting" DML statements into a SQL database, he ca
|
||||
=== It is your turn!
|
||||
Try to change the department of Tobi Barnett to 'Sales'.
|
||||
Note that you have been granted full administrator privileges in this assignment and can access all data without authentication.
|
||||
|
||||
|
||||
|
||||
|
||||
@ -21,4 +21,3 @@ If an attacker successfully "injects" DDL type SQL commands into a database, he
|
||||
** This statement creates the employees example table given on page 2.
|
||||
|
||||
Now try to modify the schema by adding the column "phone" (varchar(20)) to the table "employees". :
|
||||
|
||||
|
||||
@ -11,4 +11,3 @@ If an attacker successfully "injects" DCL type SQL commands into a database, he
|
||||
|
||||
|
||||
Try to grant rights to the table `grant_rights` to user `unauthorized_user`:
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
== Examples
|
||||
|
||||
SQL injection can be used for far more than reading the data of a single of user. The following are just a few examples of data a hacker could input to a form field (or anywhere user input is accepted) in an attempt to exploit a SQL injection vulnerability:
|
||||
SQL injection can be used for far more than reading the data of a single of user. The following are just a few examples of data a hacker could input to a form field (or anywhere user input is accepted) in an attempt to exploit a SQL injection vulnerability:
|
||||
|
||||
* `+Smith' OR '1' = '1+` +
|
||||
results in `+SELECT * FROM users WHERE name = 'Smith' OR TRUE;+` which will return all entries from the users table
|
||||
|
||||
@ -15,4 +15,4 @@
|
||||
* Cause repudiation issues such as voiding transactions or changing balances
|
||||
* Allow the complete disclosure of all data on the system
|
||||
* Destroy the data or make it otherwise unavailable
|
||||
* Become administrator of the database server
|
||||
* Become administrator of the database server
|
||||
|
||||
@ -15,4 +15,4 @@ Of course you cannot leave it at that. +
|
||||
Better go and _change your own salary so you are earning the most!_
|
||||
|
||||
|
||||
Remember: Your name is John *Smith* and your current TAN is *3SL99A*.
|
||||
Remember: Your name is John *Smith* and your current TAN is *3SL99A*.
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
== Concept
|
||||
== Concept
|
||||
|
||||
This lesson describes what Structured Query Language (SQL) is and how it can be manipulated to perform tasks that were not the original intent of the developer.
|
||||
|
||||
@ -11,4 +11,3 @@ This lesson describes what Structured Query Language (SQL) is and how it can be
|
||||
** String SQL injection
|
||||
** Numeric SQL injection
|
||||
** How SQL injection violates the CIA triad
|
||||
|
||||
|
||||
@ -2,4 +2,4 @@ In this assignment try to perform an SQL injection through the ORDER BY field.
|
||||
Try to find the ip address of the `webgoat-prd` server, guessing the complete
|
||||
ip address might take too long so we give you the last part: `xxx.130.219.202`
|
||||
|
||||
Note: The submit field of this assignment is *NOT* vulnerable to an SQL injection.
|
||||
Note: The submit field of this assignment is *NOT* vulnerable to an SQL injection.
|
||||
|
||||
@ -1 +1 @@
|
||||
Now it is time for a quiz! It is recommended to do all SQL injection lessons before trying the quiz. Answer all questions correctly to complete the assignment.
|
||||
Now it is time for a quiz! It is recommended to do all SQL injection lessons before trying the quiz. Answer all questions correctly to complete the assignment.
|
||||
|
||||
@ -30,7 +30,7 @@
|
||||
<td></td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</form>
|
||||
<form class="attack-form" accept-charset="UNKNOWN"
|
||||
method="POST" name="form"
|
||||
action="SqlInjectionAdvanced/attack6b">
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
2.sql.advanced.title=SQL Injection (advanced)
|
||||
3.sql.mitigation.title=SQL Injection (mitigation)
|
||||
|
||||
|
||||
|
||||
SqlInjectionChallenge1=Look at the different response you receive from the server
|
||||
SqlInjectionChallenge2=The vulnerability is on the register form
|
||||
SqlInjectionChallenge3=Use tooling to automate this attack
|
||||
|
||||
@ -3,6 +3,6 @@ StringSqlInjectionSecondStage=Da sie nun erfolgreich eine SQL Injection durchgef
|
||||
EnterLastName=Geben Sie Ihren Nachnamen ein:
|
||||
NoResultsMatched=Keine Resultate gefunden, versuchen Sie es erneut
|
||||
SqlStringInjectionHint1=The application is taking your input and inserting it at the end of a pre-formed SQL command.
|
||||
SqlStringInjectionHint2=This is the code for the query being built and issued by WebGoat:<br><br> "SELECT * FROM user_data WHERE last_name = "accountName"
|
||||
SqlStringInjectionHint2=This is the code for the query being built and issued by WebGoat:<br><br> "SELECT * FROM user_data WHERE last_name = "accountName"
|
||||
SqlStringInjectionHint3=Compound SQL statements can be made by joining multiple tests with keywords like AND and OR. Try appending a SQL statement that always resolves to true
|
||||
SqlStringInjectionHint4=Try entering [ smith' OR '1' = '1 ].
|
||||
|
||||
@ -5,4 +5,4 @@ NoResultsMatched=Aucun r\u00e9sultat correspondant. Essayez encore.
|
||||
SqlStringInjectionHint1=L'application r\u00e9cup\u00e8re votre saisie et l'ins\u00e8re \u00e0 la fin d'une commande SQL pr\u00e9-form\u00e9e.
|
||||
SqlStringInjectionHint2=Voici le code de la requ\u00eate assembl\u00e9e et ex\u00e9cut\u00e9e par WebGoat :<br><br> "SELECT * FROM user_data WHERE last_name = "accountName"
|
||||
SqlStringInjectionHint3=Les commandes SQL compos\u00e9es peuvent \u00eatre assembl\u00e9es en associant de multiples conditions au moyen de mots-cl\u00e9 tels que AND et OR. Essayez d'assembler une condition qui sera toujours r\u00e9solue \u00e0 vrai.
|
||||
SqlStringInjectionHint4=Essayez de saisir [ smith' OR '1' = '1 ].
|
||||
SqlStringInjectionHint4=Essayez de saisir [ smith' OR '1' = '1 ].
|
||||
|
||||
@ -5,4 +5,4 @@ NoResultsMatched=\u041d\u0435\u0442 \u0441\u043e\u0432\u043f\u0430\u0434\u0435\u
|
||||
SqlStringInjectionHint1=\u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0431\u0435\u0440\u0451\u0442 \u0442\u043e \u0447\u0442\u043e \u0432\u044b \u0432\u0432\u043e\u0434\u0438\u0442\u0435 \u0438 \u0432\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0432 \u043a\u043e\u043d\u0435\u0446 \u0437\u0430\u0440\u0430\u043d\u0435\u0435 \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430.
|
||||
SqlStringInjectionHint2=\u0412\u043e\u0442 \u043a\u043e\u0434 \u0437\u0430\u043f\u0440\u043e\u0441\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f WebGoat`\u043e\u043c:<br><br> "SELECT * FROM user_data WHERE last_name = "accountName"
|
||||
SqlStringInjectionHint3=\u0426\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0434\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0442\u0430\u043a\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0441\u043b\u043e\u0432 \u043a\u0430\u043a AND \u0438 OR. \u041f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0442\u0430\u043a\u043e\u0435 SQL-\u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u0431\u0443\u0434\u0435\u0442 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0442\u044c \u0438\u0441\u0442\u0438\u043d\u0443.
|
||||
SqlStringInjectionHint4=\u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u0432\u0432\u0435\u0441\u0442\u0438 [ smith' OR '1' = '1 ].
|
||||
SqlStringInjectionHint4=\u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u0432\u0432\u0435\u0441\u0442\u0438 [ smith' OR '1' = '1 ].
|
||||
|
||||
@ -16,4 +16,4 @@ function ace_collect() {
|
||||
var editor = ace.edit("editor");
|
||||
var code = editor.getValue();
|
||||
return code;
|
||||
}
|
||||
}
|
||||
|
||||
@ -58,4 +58,4 @@ function getServers(column) {
|
||||
}
|
||||
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -15,4 +15,4 @@ $(function() {
|
||||
e.preventDefault();
|
||||
});
|
||||
|
||||
});
|
||||
});
|
||||
|
||||
@ -40,4 +40,4 @@
|
||||
"4": "The database registers 'Robert' ); DROP TABLE Students;--'."
|
||||
}
|
||||
}]
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user