Added more hints

webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java

@@ -14,6 +14,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
 import java.sql.*;
 
 @AssignmentPath("/SqlInjection/attack10")
+@AssignmentHints(value = {"SqlStringInjectionHint10-1", "SqlStringInjectionHint10-2", "SqlStringInjectionHint10-3", "SqlStringInjectionHint10-4", "SqlStringInjectionHint10-5", "SqlStringInjectionHint10-6"})
 public class SqlInjectionLesson10 extends AssignmentEndpoint {
 
     @RequestMapping(method = RequestMethod.POST)

webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java

@@ -78,6 +78,7 @@ public class SqlInjectionLesson8 extends AssignmentEndpoint {
             while (results.next()) {
                 t.append("<tr>");
                 for (int i = 1; i < (numColumns + 1); i++) {
+                    System.out.println(results.getString(i));
                     t.append("<td>" + results.getString(i) + "</td>");
                 }
                 t.append("</tr>");

webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java

@@ -48,7 +48,7 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint {
 
         } catch (Exception e) {
             System.err.println(e.getMessage());
-            return trackProgress(failed().output(this.getClass().getName() + " : " + e.getMessage()).build());
+            return trackProgress(failed().output("<br><span style='color: red;'>" + this.getClass().getName() + " : " + e.getMessage() + "</span>").build());
         }
     }
 
@@ -59,11 +59,10 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint {
             ResultSet results = statement.executeQuery(query);
 
             results.first();
-            System.out.println(results.getString(2));
-            System.out.println(results.getString(3));
 
             // user completes lesson if John Smith is the first in the list
             if ((results.getString(2).equals("John")) && (results.getString(3).equals("Smith"))) {
+                output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData()));
                 return trackProgress(success().feedback("sql-injection.9.success").feedbackArgs(output.toString()).build());
             } else {
                 return trackProgress(failed().output(output.toString()).build());
@@ -71,7 +70,7 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint {
 
         } catch (SQLException e) {
             System.err.println(e.getMessage());
-            return trackProgress(failed().output(e.getMessage()).build());
+            return trackProgress(failed().output("<br><span style='color: red;'>" + e.getMessage() + "</span>").build());
         }
     }
 

webgoat-lessons/sql-injection/src/main/resources/css/assignments.css

@@ -0,0 +1,7 @@
+.attack-feedback {
+    color: green;
+}
+
+.attack-feedback table {
+    color: black;
+}

webgoat-lessons/sql-injection/src/main/resources/html/SqlInjection.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <html xmlns:th="http://www.thymeleaf.org">
+<link rel="stylesheet" type="text/css" th:href="@{/lesson_css/assignments.css}"/>
 
 <div class="lesson-page-wrapper">
     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_plan.adoc"></div>
@@ -25,7 +26,7 @@
 <div class="lesson-page-wrapper">
     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content5_before.adoc"></div>
     <div>
-        <label for="username-preview">Username:</label>
+        <label for="preview-input">Username:</label>
         <input id="preview-input" type="text" name="username" val=""/>
         <div class="listingblock">
             <div class="content">

webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties

@@ -53,4 +53,11 @@ SqlStringInjectionHint9-3=Make use of DML to change your salary.
 SqlStringInjectionHint9-4=Make sure that the resulting query is syntactically correct.
 SqlStringInjectionHint9-5=How about something like '; UPDATE employees....
 
-sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
+sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
+
+SqlStringInjectionHint10-1=Use the techniques that you have learned before.
+SqlStringInjectionHint10-2=The application takes your input and filters for entries that are LIKE it.
+SqlStringInjectionHint10-3=Try query chaining to reach the goal.
+SqlStringInjectionHint10-4=The DDL allows you to delete (DROP) database tables.
+SqlStringInjectionHint10-5=The underlying sql query looks like that: "SELECT * FROM access_log WHERE action LIKE '%" + action + "%'".
+SqlStringInjectionHint10-6=Remember that you can use the -- metacharacter to comment out the rest of the line.

webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content9.adoc

@@ -1,7 +1,7 @@
 == Compromising Integrity with Query Chaining
 After compromising the confidentiality of data in the previous lesson, this time we are gonna compromise the integrity of data by using a SQL query chaining.
 
-== What is SQL query chaining?
+=== What is SQL query chaining?
 Query chaining is exactly what it sounds like. When query chaining, you try to append one or more queries to the end of the actual query.
 You can do this by using the *;* metacharacter which marks the end of a query and that way allows to start another one right after it within the same line.
 

webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_plan.adoc

@@ -2,7 +2,7 @@
 
 This lesson describes what is Structured Query Language (SQL) and how it can be manipulated to perform tasks that were not the original intent of the developer.
 
-== Goals
+=== Goals
 
 * The user will have a basic understanding of how SQL works and what it is used for
 * The user will have a basic understanding of what SQL-Injections are and how they work