dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Introduced user registration

Browse Source 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
This commit is contained in:
Nanne Baars
2017-02-25 12:15:07 +01:00
parent 9b86aaba05
commit 259fd19c1b
221 changed files with 1179 additions and 1083 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/html/HttpProxies.html → webgoat-lessons/http-proxies/src/main/resources/html/HttpProxies.html
View File

0
webgoat-lessons/http-proxies/src/main/resources/plugin/i18n/WebGoatLabels.properties → webgoat-lessons/http-proxies/src/main/resources/i18n/WebGoatLabels.properties
View File

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/images/chrome-manual-proxy.png → webgoat-lessons/http-proxies/src/main/resources/images/chrome-manual-proxy.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 279 KiB

After

Width:  |  Height:  |  Size: 279 KiB

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/images/firefox-proxy-config.png → webgoat-lessons/http-proxies/src/main/resources/images/firefox-proxy-config.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 200 KiB

After

Width:  |  Height:  |  Size: 200 KiB

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/images/proxy-intercept-button.png → webgoat-lessons/http-proxies/src/main/resources/images/proxy-intercept-button.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 56 KiB

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/images/proxy-intercept-details.png → webgoat-lessons/http-proxies/src/main/resources/images/proxy-intercept-details.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 205 KiB

After

Width:  |  Height:  |  Size: 205 KiB

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/images/zap-history.png → webgoat-lessons/http-proxies/src/main/resources/images/zap-history.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 406 KiB

After

Width:  |  Height:  |  Size: 406 KiB

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/images/zap-local-proxy.png → webgoat-lessons/http-proxies/src/main/resources/images/zap-local-proxy.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 210 KiB

After

Width:  |  Height:  |  Size: 210 KiB

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/images/zap-start.png → webgoat-lessons/http-proxies/src/main/resources/images/zap-start.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 79 KiB

After

Width:  |  Height:  |  Size: 79 KiB

8
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/lessonPlans/en/HttpBasics_ProxyIntercept.adoc → webgoat-lessons/http-proxies/src/main/resources/lessonPlans/en/HttpBasics_ProxyIntercept.adoc
View File

@ -1,15 +1,15 @@
=== Use the intercept
To incercept a request, you start by clicking the green button. This will set a break point for the next request.
To intercept a request, you start by clicking the green button. This will set a break point for the next request.
image::plugin_lessons/plugin/HttpProxies/images/proxy-intercept-button.png[Set break/intercept button,style="lesson-image"]
image::images/proxy-intercept-button.png[Set break/intercept button,style="lesson-image"]
NOTE: It is also possible set breakpoints that are triggered on conditions. That won't be covered in this lesson though. You are encouraged to explore.
That's part of what hackers do ... explore!
Once you are interecepting requests and a request is made, it should look something like this:
Once you are intercepting requests and a request is made, it should look something like this:
image::plugin_lessons/plugin/HttpProxies/images/proxy-intercept-details.png[ZAP history tab,1269,337,style="lesson-image"]
image::images/proxy-intercept-details.png[ZAP history tab,1269,337,style="lesson-image"]
=== Intercept and modify a request

0
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/lessonPlans/en/HttpBasics_ProxyIntro0.adoc → webgoat-lessons/http-proxies/src/main/resources/lessonPlans/en/HttpBasics_ProxyIntro0.adoc
View File

4
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/lessonPlans/en/HttpBasics_ProxyIntro1.adoc → webgoat-lessons/http-proxies/src/main/resources/lessonPlans/en/HttpBasics_ProxyIntro1.adoc
View File

@ -15,7 +15,7 @@ Once you have 'installed' ZAP (you don't really install it, just unpack it and r
=== Start ZAP
When ZAP starts, you will be presented with a dialog such as the one below ...
image::plugin_lessons/plugin/HttpProxies/images/zap-start.png[ZAP Start,548,256,style="lesson-image"]
image::images/zap-start.png[ZAP Start,548,256,style="lesson-image"]
=== Configure Proxy's Port
@ -24,4 +24,4 @@ image::plugin_lessons/plugin/HttpProxies/images/zap-start.png[ZAP Start,548,256,
. Choose an available port ... Since WebGoat is using port 8080, use something different like 8090
. Click OK
image::plugin_lessons/plugin/HttpProxies/images/zap-local-proxy.png[ZAP local proxy,800,648,style="lesson-image"]
image::images/zap-local-proxy.png[ZAP local proxy,800,648,style="lesson-image"]

4
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/lessonPlans/en/HttpBasics_ProxyIntro2.adoc → webgoat-lessons/http-proxies/src/main/resources/lessonPlans/en/HttpBasics_ProxyIntro2.adoc
View File

@ -14,7 +14,7 @@ This will send all of your traffic to the proxy. Since we haven't set up a trust
.. input *8090* as the port
.. check the _Use this proxy server for all protocols_ checkbox
image::plugin_lessons/plugin/HttpProxies/images/firefox-proxy-config.png[Firefox Proxy Config,510,634,style="lesson-image"]
image::images/firefox-proxy-config.png[Firefox Proxy Config,510,634,style="lesson-image"]
=== Chrome Proxy Config
@ -26,7 +26,7 @@ image::plugin_lessons/plugin/HttpProxies/images/firefox-proxy-config.png[Firefox
. Input 127..0.0.1 in the first box under _Web Proxy Server_ and your port # (8090 is what used earlier) in the second box (to the right)
. You may also want to clear the _Bypass proxy settings for these Hosts & Domains_ text input at the bottom, but shouldn't need to
image::plugin_lessons/plugin/HttpProxies/images/chrome-manual-proxy.png[Chrome Proxy Config,700,447,style="lesson-image"]
image::images/chrome-manual-proxy.png[Chrome Proxy Config,700,447,style="lesson-image"]
=== Other Proxy Configuration Options

2
webgoat-lessons/http-proxies/src/main/resources/plugin/HttpProxies/lessonPlans/en/HttpBasics_ProxyIntro3.adoc → webgoat-lessons/http-proxies/src/main/resources/lessonPlans/en/HttpBasics_ProxyIntro3.adoc
View File

@ -3,4 +3,4 @@
You should now be able to browse somewhere. We suggest starting with a plain http host.
If it's working, ZAP's history tab will start to look something like this.
image::plugin_lessons/plugin/HttpProxies/images/zap-history.png[ZAP history tab,1269,337,style="lesson-image"]
image::images/zap-history.png[ZAP history tab,1269,337,style="lesson-image"]