dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Small fixes june 2020 (#857)

Browse Source 
* issue 849

* another integration test for a challenge

* fixing issue 848

* updated link for issue 833

* fix for 847
This commit is contained in:
René Zubcevic
2020-07-08 19:26:09 +02:00
committed by GitHub
parent ba8444dd85
commit 317573c897
13 changed files with 108 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
webgoat-lessons/ssrf/src/main/resources/html/SSRF.html
View File

@ -15,7 +15,7 @@
action="/WebGoat/SSRF/task1">
<table>
<tr>
<input type="hidden" id="url" name="url" value="images/tom.png"/>
<td><input type="hidden" id="url" name="url" value="images/tom.png"/></td>
<td><input
name="Steal the Cheese" value="Steal the Cheese" type="SUBMIT"/></td>
@ -37,10 +37,10 @@
action="/WebGoat/SSRF/task2">
<table>
<tr>
<input type="hidden" id="url" name="url" value="images/cat.png"/>
<td><input type="hidden" id="url" name="url" value="images/cat.png"/></td>
<td><input
name="Run Ifconfig" value="Run Ifconfig" type="SUBMIT"/></td>
name="try this" value="try this" type="SUBMIT"/></td>
<td></td>
</tr>
</table>

7
webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Intro.adoc
View File

@ -1,12 +1,13 @@
== Concept
In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to read or update internal resources. The attacker can supply or a modify a URL which the code running on the server will read or submit data to, and by carefully selecting the URLs, the attacker may be able to read server configuration such as AWS metadata, connect to internal services like http enabled databases or perform post requests towards internal services which are not intended to be exposed.
In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to read or update internal resources. The attacker can supply or modify a URL which the code running on the server will read or submit data to. And, by carefully selecting the URLs, the attacker may be able to read server configuration such as AWS metadata, connect to internal services like HTTP enabled databases or perform post requests towards internal services which are not intended to be exposed.
== Goals
* The user will need to modify the URL.
In the exercises on the next pages, you need to examine what the browser sends to the server and how you can adjust the request to get other things from the server.
== SSRF How-To
* https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF
== A New Era of SSRF by Orange Tsai
* https://www.youtube.com/watch?v=D1S-G8rJrEk
video::D1S-G8rJrEk[youtube, height=480, width=100%]

4
webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task1.adoc
View File

@ -1,2 +1,2 @@
=== Change the URL to display Jerry
=== Find and modify the request to display Jerry
lick the button and figure out what happened.

4
webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task2.adoc
View File

@ -1,2 +1,2 @@
=== Change the URL to display the Interface Configuration with ifconfig.pro
=== Change the request so the server gets information from http://ifconfig.pro
Click the button and figure out what happened.