dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added more hints

Browse Source
This commit is contained in:
Benedikt - Desktop
2018-11-06 11:21:25 +01:00
committed by Nanne Baars
parent 6fe7582dfb
commit 26e3803de0
8 changed files with 24 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
View File

@ -53,4 +53,11 @@ SqlStringInjectionHint9-3=Make use of DML to change your salary.
SqlStringInjectionHint9-4=Make sure that the resulting query is syntactically correct.
SqlStringInjectionHint9-5=How about something like '; UPDATE employees....
sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
SqlStringInjectionHint10-1=Use the techniques that you have learned before.
SqlStringInjectionHint10-2=The application takes your input and filters for entries that are LIKE it.
SqlStringInjectionHint10-3=Try query chaining to reach the goal.
SqlStringInjectionHint10-4=The DDL allows you to delete (DROP) database tables.
SqlStringInjectionHint10-5=The underlying sql query looks like that: "SELECT * FROM access_log WHERE action LIKE '%" + action + "%'".
SqlStringInjectionHint10-6=Remember that you can use the -- metacharacter to comment out the rest of the line.