dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

get logout working

Browse Source 
fix issue with white screen after login
This commit is contained in:
lawson89 2014-06-19 19:43:07 -04:00
parent 80dae15f70
commit 39d5888ef3
7 changed files with 688 additions and 626 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
java/org/owasp/webgoat/HammerHead.java
View File

@ -181,13 +181,15 @@ public class HammerHead extends HttpServlet {
String viewPage = getViewPage(mySession); String viewPage = getViewPage(mySession);
logger.debug("Forwarding to view: " + viewPage); logger.debug("Forwarding to view: " + viewPage);
logger.debug("Screen: " + screen); logger.debug("Screen: " + screen);
request.getRequestDispatcher(viewPage).forward(request, response); request.getRequestDispatcher(viewPage).forward(request, response);
} catch (Throwable t) { } catch (Throwable t) {
logger.error("Error handling request", t); logger.error("Error handling request", t);
screen = new ErrorScreen(mySession, t); screen = new ErrorScreen(mySession, t);
} finally { } finally {
try { try {
this.writeScreen(mySession, screen, response); if (screen instanceof ErrorScreen) {
this.writeScreen(mySession, screen, response);
}
} catch (Throwable thr) { } catch (Throwable thr) {
logger.error("Could not write error screen", thr); logger.error("Could not write error screen", thr);
} }
@ -426,6 +428,7 @@ public class HammerHead extends HttpServlet {
response.setHeader("Content-Length", screen.getContentLength() + ""); response.setHeader("Content-Length", screen.getContentLength() + "");
screen.output(out); screen.output(out);
out.flush();
out.close(); out.close();
} }
} }

45
java/org/owasp/webgoat/controller/Logout.java Normal file
View File

@ -0,0 +1,45 @@
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package org.owasp.webgoat.controller;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
/**
*
* @author rlawson
*/
@Controller
public class Logout {
final Logger logger = LoggerFactory.getLogger(Logout.class);
@RequestMapping(value = "logout.do", method = RequestMethod.GET)
public ModelAndView logout(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {
logger.info("Logging user out");
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username and password!");
}
if (logout != null) {
model.addObject("msg", "You've been logged out successfully.");
}
model.setViewName("logout");
return model;
}
}

599
java/org/owasp/webgoat/session/Screen.java
View File

@ -1,319 +1,280 @@
package org.owasp.webgoat.session;
package org.owasp.webgoat.session;
import java.io.PrintWriter;
import java.io.PrintWriter; import java.util.Properties;
import java.util.Properties; import org.apache.ecs.Element;
import org.apache.ecs.Element; import org.apache.ecs.HtmlColor;
import org.apache.ecs.HtmlColor; import org.apache.ecs.StringElement;
import org.apache.ecs.StringElement; import org.apache.ecs.html.A;
import org.apache.ecs.html.A; import org.apache.ecs.html.Font;
import org.apache.ecs.html.Font; import org.apache.ecs.html.IMG;
import org.apache.ecs.html.IMG; import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.lessons.AbstractLesson;
/**
* *************************************************************************************************
/*************************************************************************************************** *
* *
* * This file is part of WebGoat, an Open Web Application Security Project
* This file is part of WebGoat, an Open Web Application Security Project utility. For details, * utility. For details, please see http://www.owasp.org/
* please see http://www.owasp.org/ *
* * Copyright (c) 2002 - 2007 Bruce Mayhew
* Copyright (c) 2002 - 2007 Bruce Mayhew *
* * This program is free software; you can redistribute it and/or modify it under
* This program is free software; you can redistribute it and/or modify it under the terms of the * the terms of the GNU General Public License as published by the Free Software
* GNU General Public License as published by the Free Software Foundation; either version 2 of the * Foundation; either version 2 of the License, or (at your option) any later
* License, or (at your option) any later version. * version.
* *
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without * This program is distributed in the hope that it will be useful, but WITHOUT
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* General Public License for more details. * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* * details.
* You should have received a copy of the GNU General Public License along with this program; if *
* not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA * You should have received a copy of the GNU General Public License along with
* 02111-1307, USA. * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
* * Place - Suite 330, Boston, MA 02111-1307, USA.
* Getting Source ============== *
* * Getting Source ==============
* Source for this application is maintained at code.google.com, a repository for free software *
* projects. * Source for this application is maintained at code.google.com, a repository
* * for free software projects.
* For details, please see http://code.google.com/p/webgoat/ *
* * For details, please see http://code.google.com/p/webgoat/
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a> *
* @created October 28, 2003 * @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect
*/ * Security</a>
public abstract class Screen * @created October 28, 2003
{ */
public abstract class Screen {
/**
* Description of the Field /**
*/ * Description of the Field
public static int MAIN_SIZE = 375; */
public static int MAIN_SIZE = 375;
// private Head head;
private Element content; // private Head head;
private Element content;
final static IMG logo = new IMG("images/aspectlogo-horizontal-small.jpg").setAlt("Aspect Security").setBorder(0)
.setHspace(0).setVspace(0); final static IMG logo = new IMG("images/aspectlogo-horizontal-small.jpg").setAlt("Aspect Security").setBorder(0)
.setHspace(0).setVspace(0);
/**
* Constructor for the Screen object /**
*/ * Constructor for the Screen object
*/
public Screen() public Screen() {
{ }
}
// FIXME: Each lesson should have a role assigned to it. Each user/student
// FIXME: Each lesson should have a role assigned to it. Each user/student // should also have a role(s) assigned. The user would only be allowed
// should also have a role(s) assigned. The user would only be allowed // to see lessons that correspond to their role. Eventually these roles
// to see lessons that correspond to their role. Eventually these roles // will be stored in the internal database. The user will be able to hack
// will be stored in the internal database. The user will be able to hack // into the database and change their role. This will allow the user to
// into the database and change their role. This will allow the user to // see the admin screens, once they figure out how to turn the admin switch on.
// see the admin screens, once they figure out how to turn the admin switch on. public abstract String getRole();
public abstract String getRole();
/**
/** * Description of the Method
* Description of the Method *
* * @param s Description of the Parameter
* @param s * @return Description of the Return Value
* Description of the Parameter */
* @return Description of the Return Value protected abstract Element createContent(WebSession s);
*/
/**
protected abstract Element createContent(WebSession s); * Gets the credits attribute of the Screen object
*
/** * @return The credits value
* Gets the credits attribute of the Screen object */
* public abstract Element getCredits();
* @return The credits value
*/ /**
public abstract Element getCredits(); * Creates a new lessonTracker object.
*
/** * @param props The properties file that was used to persist the user data.
* Creates a new lessonTracker object. * @return Description of the Return Value
* */
* @param props public LessonTracker createLessonTracker(Properties props) {
* The properties file that was used to persist the user data.
* @return Description of the Return Value // If the lesson had any specialized properties in the user persisted properties,
*/ // now would be the time to pull them out.
return createLessonTracker();
public LessonTracker createLessonTracker(Properties props) }
{
/**
// If the lesson had any specialized properties in the user persisted properties, * This allows the screens to provide a custom LessonTracker object if
// now would be the time to pull them out. * needed.
*
return createLessonTracker(); * @return Description of the Return Value
} */
public LessonTracker createLessonTracker() {
/** return new LessonTracker();
* This allows the screens to provide a custom LessonTracker object if needed. }
*
* @return Description of the Return Value /**
*/ * Gets the lessonTracker attribute of the AbstractLesson object
public LessonTracker createLessonTracker() *
{ * @param userName Description of the Parameter
return new LessonTracker(); * @return The lessonTracker value
} */
public LessonTracker getLessonTracker(WebSession s) {
/** UserTracker userTracker = UserTracker.instance();
* Gets the lessonTracker attribute of the AbstractLesson object return userTracker.getLessonTracker(s, this);
* }
* @param userName
* Description of the Parameter public LessonTracker getLessonTracker(WebSession s, String userNameOverride) {
* @return The lessonTracker value UserTracker userTracker = UserTracker.instance();
*/ return userTracker.getLessonTracker(s, userNameOverride, this);
}
public LessonTracker getLessonTracker(WebSession s)
{ public LessonTracker getLessonTracker(WebSession s, AbstractLesson lesson) {
UserTracker userTracker = UserTracker.instance(); UserTracker userTracker = UserTracker.instance();
return userTracker.getLessonTracker(s, this); return userTracker.getLessonTracker(s, lesson);
} }
public LessonTracker getLessonTracker(WebSession s, String userNameOverride) /**
{ * Fill in a descriptive title for this lesson
UserTracker userTracker = UserTracker.instance(); *
return userTracker.getLessonTracker(s, userNameOverride, this); * @return The title value
} */
public abstract String getTitle();
public LessonTracker getLessonTracker(WebSession s, AbstractLesson lesson)
{ protected void setContent(Element content) {
UserTracker userTracker = UserTracker.instance(); this.content = content;
return userTracker.getLessonTracker(s, lesson); }
}
/**
/** * Description of the Method
* Fill in a descriptive title for this lesson *
* * @return Description of the Return Value
* @return The title value */
*/ protected Element makeLogo() {
public abstract String getTitle();
return new A("http://www.aspectsecurity.com/webgoat.html", logo);
protected void setContent(Element content) }
{
this.content = content; public String getSponsor() {
} return "Aspect Security";
}
/**
* Description of the Method public String getSponsorLogoResource() {
* return "images/aspectlogo-horizontal-small.jpg";
* @return Description of the Return Value }
*/
/**
protected Element makeLogo() * Description of the Method
{ *
* @param s Description of the Parameter
return new A("http://www.aspectsecurity.com/webgoat.html", logo); * @return Description of the Return Value
} */
protected Element makeMessages(WebSession s) {
public String getSponsor()
{ if (s == null) {
return "Aspect Security";
} return (new StringElement(""));
}
public String getSponsorLogoResource()
{ Font f = new Font().setColor(HtmlColor.RED);
return "images/aspectlogo-horizontal-small.jpg";
} String message = s.getMessage();
/** f.addElement(message);
* Description of the Method
* return (f);
* @param s }
* Description of the Parameter
* @return Description of the Return Value /**
*/ * Returns the content length of the the html.
*
protected Element makeMessages(WebSession s) */
{ public int getContentLength() {
return getContent().length();
if (s == null) { }
return (new StringElement("")); } /**
* Description of the Method
Font f = new Font().setColor(HtmlColor.RED); *
* @param out Description of the Parameter
String message = s.getMessage(); */
public void output(PrintWriter out) {
f.addElement(message);
// format output -- then send to printwriter
return (f); // otherwise we're doing way too much SSL encryption work
} out.print(getContent());
/** }
* Returns the content length of the the html.
* public String getContent() {
*/ return (content == null) ? "" : content.toString();
}
public int getContentLength()
{ /**
return getContent().length(); * Description of the Method
} *
* @param x Description of the Parameter
/** * @return Description of the Return Value
* Description of the Method */
* protected static String pad(int x) {
* @param out
* Description of the Parameter StringBuilder sb = new StringBuilder();
*/
if (x < 10) {
public void output(PrintWriter out)
{ sb.append(" ");
// format output -- then send to printwriter }
// otherwise we're doing way too much SSL encryption work if (x < 100) {
out.print(getContent()); sb.append(" ");
} }
public String getContent() sb.append(x);
{
return (content == null) ? "" : content.toString(); return (sb.toString());
} }
/** /**
* Description of the Method * Description of the Method
* *
* @param x * @param token Description of the Parameter
* Description of the Parameter * @return Description of the Return Value
* @return Description of the Return Value */
*/ protected static String convertMetachars(String token) {
protected static String pad(int x) int mci = 0;
{
/*
StringBuffer sb = new StringBuffer(); * meta char array FIXME: Removed the conversion of whitespace " " to "&nbsp" in order for
* the html to be automatically wrapped in client browser. It is better to add line length
if (x < 10) * checking and only do "&nbsp" conversion in lines that won't exceed screen size, say less
{ * than 80 characters.
*/
sb.append(" "); String[] metaChar = {"&", "<", ">", "\"", "\t", System.getProperty("line.separator")};
} String[] htmlCode = {"&amp;", "&lt;", "&gt;", "&quot;", " ", "<br>"};
if (x < 100) String replacedString = token;
{ for (; mci < metaChar.length; mci += 1) {
replacedString = replacedString.replaceAll(metaChar[mci], htmlCode[mci]);
sb.append(" "); }
return (replacedString);
} }
sb.append(x); /**
* Description of the Method
return (sb.toString()); *
} * @param token Description of the Parameter
* @return Description of the Return Value
/** */
* Description of the Method protected static String convertMetacharsJavaCode(String token) {
* return (convertMetachars(token).replaceAll(" ", "&nbsp;"));
* @param token }
* Description of the Parameter
* @return Description of the Return Value /**
*/ * Description of the Method
protected static String convertMetachars(String token) *
{ * @param s Description of the Parameter
* @return Description of the Return Value
int mci = 0; */
// protected abstract Element wrapForm( WebSession s );
/* }
* meta char array FIXME: Removed the conversion of whitespace " " to "&nbsp" in order for
* the html to be automatically wrapped in client browser. It is better to add line length
* checking and only do "&nbsp" conversion in lines that won't exceed screen size, say less
* than 80 characters.
*/
String[] metaChar = { "&", "<", ">", "\"", "\t", System.getProperty("line.separator") };
String[] htmlCode = { "&amp;", "&lt;", "&gt;", "&quot;", " ", "<br>" };
String replacedString = token;
for (; mci < metaChar.length; mci += 1)
{
replacedString = replacedString.replaceAll(metaChar[mci], htmlCode[mci]);
}
return (replacedString);
}
/**
* Description of the Method
*
* @param token
* Description of the Parameter
* @return Description of the Return Value
*/
protected static String convertMetacharsJavaCode(String token)
{
return (convertMetachars(token).replaceAll(" ", "&nbsp;"));
}
/**
* Description of the Method
*
* @param s
* Description of the Parameter
* @return Description of the Return Value
*/
// protected abstract Element wrapForm( WebSession s );
}

59
webapp/WEB-INF/pages/logout.jsp Normal file
View File

@ -0,0 +1,59 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<title>Login Page</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css">
<style type="text/css">
body {
padding-top: 40px;
padding-bottom: 40px;
background-color: #f5f5f5;
}
.form-signin {
max-width: 300px;
padding: 19px 29px 29px;
margin: 0 auto 20px;
background-color: #fff;
border: 1px solid #e5e5e5;
-webkit-border-radius: 5px;
-moz-border-radius: 5px;
border-radius: 5px;
-webkit-box-shadow: 0 1px 2px rgba(0,0,0,.05);
-moz-box-shadow: 0 1px 2px rgba(0,0,0,.05);
box-shadow: 0 1px 2px rgba(0,0,0,.05);
}
.form-signin .form-signin-heading,
.form-signin .checkbox {
margin-bottom: 10px;
}
.form-signin input[type="text"],
.form-signin input[type="password"] {
font-size: 16px;
height: auto;
margin-bottom: 15px;
padding: 7px 9px;
}
</style>
</head>
<body onload='document.loginForm.username.focus();'>
<div class="container">
<c:if test="${not empty error}">
<div class="error">${error}</div>
</c:if>
<c:if test="${not empty msg}">
<div class="msg">${msg}</div>
</c:if>
You have logged out successfully
<hr/>
Click here to <a href="<c:url value="login.do" />" > Login</a>
</div> <!-- /container -->
</body>
</html>

6
webapp/WEB-INF/spring-security.xml
View File

@ -15,7 +15,7 @@
<http pattern="/images/**" security="none"/> <http pattern="/images/**" security="none"/>
<http pattern="/javascript/**" security="none"/> <http pattern="/javascript/**" security="none"/>
<http pattern="/favicon.ico" security="none"/> <http pattern="/favicon.ico" security="none"/>
<http auto-config="true" use-expressions="true"> <http use-expressions="true">
<intercept-url pattern="/login.do" access="permitAll" /> <intercept-url pattern="/login.do" access="permitAll" />
<intercept-url pattern="/logout.do" access="permitAll" /> <intercept-url pattern="/logout.do" access="permitAll" />
<intercept-url pattern="/servlet/AdminServlet/**" access="hasAnyRole('ROLE_WEBGOAT_ADMIN','ROLE_SERVER_ADMIN')" /> <intercept-url pattern="/servlet/AdminServlet/**" access="hasAnyRole('ROLE_WEBGOAT_ADMIN','ROLE_SERVER_ADMIN')" />
@ -27,9 +27,9 @@
authentication-failure-url="/login.do?error" authentication-failure-url="/login.do?error"
username-parameter="username" username-parameter="username"
password-parameter="password" /> password-parameter="password" />
<logout logout-success-url="/logout.do" /> <logout logout-url="/j_spring_security_logout" logout-success-url="/logout.do" />
<!-- enable csrf protection --> <!-- enable csrf protection -->
<csrf/> <!--csrf/-->
</http> </http>
<!-- Authentication Manager --> <!-- Authentication Manager -->

594
webapp/main.jsp
View File

@ -1,300 +1,294 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.Category, org.owasp.webgoat.lessons.AbstractLesson, org.owasp.webgoat.util.*, java.util.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.Category, org.owasp.webgoat.lessons.AbstractLesson, org.owasp.webgoat.util.*, java.util.*"
errorPage="" %> errorPage="" %>
<% <%
Course course = ((Course)session.getAttribute("course")); Course course = ((Course) session.getAttribute("course"));
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession) session.getAttribute("websession"));
AbstractLesson currentLesson = webSession.getCurrentLesson(); AbstractLesson currentLesson = webSession.getCurrentLesson();
%> %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<%@page import="org.owasp.webgoat.lessons.RandomLessonAdapter"%> <%@page import="org.owasp.webgoat.lessons.RandomLessonAdapter"%>
<html xmlns="http://www.w3.org/1999/xhtml"> <html xmlns="http://www.w3.org/1999/xhtml">
<head> <head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title><%=currentLesson.getTitle()%></title> <title><%=currentLesson.getTitle()%></title>
<link rel="stylesheet" href="css/webgoat.css" type="text/css" /> <link rel="stylesheet" href="css/webgoat.css" type="text/css" />
<link rel="stylesheet" href="css/lesson.css" type="text/css" /> <link rel="stylesheet" href="css/lesson.css" type="text/css" />
<link rel="stylesheet" href="css/menu.css" type="text/css" /> <link rel="stylesheet" href="css/menu.css" type="text/css" />
<link rel="stylesheet" href="css/layers.css" type="text/css" /> <link rel="stylesheet" href="css/layers.css" type="text/css" />
<script language="JavaScript1.2" src="javascript/javascript.js" type="text/javascript"></script> <script language="JavaScript1.2" src="javascript/javascript.js" type="text/javascript"></script>
<script language="JavaScript1.2" src="javascript/menu_system.js" type="text/javascript"></script> <script language="JavaScript1.2" src="javascript/menu_system.js" type="text/javascript"></script>
<script language="JavaScript1.2" src="javascript/lessonNav.js" type="text/javascript"></script> <script language="JavaScript1.2" src="javascript/lessonNav.js" type="text/javascript"></script>
<script language="JavaScript1.2" src="javascript/makeWindow.js" type="text/javascript"></script> <script language="JavaScript1.2" src="javascript/makeWindow.js" type="text/javascript"></script>
<script language="JavaScript1.2" src="javascript/toggle.js" type="text/javascript"></script> <script language="JavaScript1.2" src="javascript/toggle.js" type="text/javascript"></script>
</head> </head>
<% <%
final String menuPrefix = WebSession.MENU; final String menuPrefix = WebSession.MENU;
final String submenuPrefix = "submenu"; final String submenuPrefix = "submenu";
final String mbutPrefix = "mbut"; final String mbutPrefix = "mbut";
String printHint = ""; String printHint = "";
String printParameters = ""; String printParameters = "";
String printCookies = ""; String printCookies = "";
String lessonComplete = "<img src=\"images/buttons/lessonComplete.jpg\">"; String lessonComplete = "<img src=\"images/buttons/lessonComplete.jpg\">";
List categories = course.getCategories(); List categories = course.getCategories();
StringBuffer buildList = new StringBuffer(); StringBuffer buildList = new StringBuffer();
Iterator iter1 = categories.iterator(); Iterator iter1 = categories.iterator();
while(iter1.hasNext()) while (iter1.hasNext()) {
{ Category category = (Category) iter1.next();
Category category = (Category)iter1.next();
buildList.append("'");
buildList.append("'"); buildList.append(menuPrefix);
buildList.append(menuPrefix); buildList.append(category.getRanking());
buildList.append(category.getRanking()); buildList.append("','");
buildList.append("','"); buildList.append(submenuPrefix);
buildList.append(submenuPrefix); buildList.append(category.getRanking());
buildList.append(category.getRanking()); buildList.append("','");
buildList.append("','"); buildList.append(mbutPrefix);
buildList.append(mbutPrefix); buildList.append(category.getRanking());
buildList.append(category.getRanking()); buildList.append("'");
buildList.append("'");
if (iter1.hasNext()) {
if (iter1.hasNext()) buildList.append(",");
buildList.append(","); }
}%> }%>
<body class="page" onload="setMenuMagic1(10,40,10,'menubottom',<%=buildList%>);trigMM1url('<%= menuPrefix %>',1);MM_preloadImages('images/buttons/hintLeftOver.jpg','images/buttons/hintOver.jpg','images/buttons/hintRightOver.jpg','images/buttons/paramsOver.jpg','images/buttons/htmlOver.jpg','images/buttons/cookiesOver.jpg','images/buttons/javaOver.jpg','images/buttons/plansOver.jpg','images/buttons/logout.jpg','images/buttons/helpOver.jpg'); initIframe();"> <body class="page" onload="setMenuMagic1(10, 40, 10, 'menubottom',<%=buildList%>);
trigMM1url('<%= menuPrefix%>', 1);
<div id="wrap"> MM_preloadImages('images/buttons/hintLeftOver.jpg', 'images/buttons/hintOver.jpg', 'images/buttons/hintRightOver.jpg', 'images/buttons/paramsOver.jpg', 'images/buttons/htmlOver.jpg', 'images/buttons/cookiesOver.jpg', 'images/buttons/javaOver.jpg', 'images/buttons/plansOver.jpg', 'images/buttons/logout.jpg', 'images/buttons/helpOver.jpg');
<% initIframe();">
int topCord = 140;
int zIndex = 105; <div id="wrap">
<%
Iterator iter2 = categories.iterator(); int topCord = 140;
while(iter2.hasNext()) int zIndex = 105;
{
Category category = (Category)iter2.next(); Iterator iter2 = categories.iterator();
%> while (iter2.hasNext()) {
<div id="<%=menuPrefix + category.getRanking()%>" style="position:absolute; left:30px; top:<%=topCord%>px; width:160px; z-index:<%=zIndex%>"><a href="javascript:;" onclick="trigMenuMagic1('<%=menuPrefix + category.getRanking()%>',1);return false" onfocus="if(this.blur)this.blur()"><img src="images/menu_images/1x1.gif" width="1" height=1"20" name="mbut<%=category.getRanking()%>" border="0" alt=""/><%=category.getName()%></a></div> Category category = (Category) iter2.next();
<% %>
topCord=topCord + 30; <div id="<%=menuPrefix + category.getRanking()%>" style="position:absolute; left:30px; top:<%=topCord%>px; width:160px; z-index:<%=zIndex%>"><a href="javascript:;" onclick="trigMenuMagic1('<%=menuPrefix + category.getRanking()%>', 1);
zIndex=zIndex + 1; return false" onfocus="if (this.blur)
} this.blur()"><img src="images/menu_images/1x1.gif" width="1" height=1"20" name="mbut<%=category.getRanking()%>" border="0" alt=""/><%=category.getName()%></a></div>
<%
int topSubMenu = 72; topCord = topCord + 30;
zIndex = zIndex + 1;
Iterator iter3 = categories.iterator(); }
while(iter3.hasNext())
{ int topSubMenu = 72;
Category category = (Category)iter3.next();
List lessons = webSession.getLessons(category); Iterator iter3 = categories.iterator();
Iterator iter4 = lessons.iterator(); while (iter3.hasNext()) {
%> Category category = (Category) iter3.next();
<div id="submenu<%=category.getRanking()%>" class="pviimenudiv" style="position:absolute; left:200px; top:<%=topSubMenu%>px; width:150px; visibility: hidden; z-index:<%=zIndex%>"> List lessons = webSession.getLessons(category);
<table width="150" border="0" cellspacing="6" cellpadding="0"><% Iterator iter4 = lessons.iterator();
%>
topSubMenu=topSubMenu+30; <div id="submenu<%=category.getRanking()%>" class="pviimenudiv" style="position:absolute; left:200px; top:<%=topSubMenu%>px; width:150px; visibility: hidden; z-index:<%=zIndex%>">
zIndex=zIndex + 1; <table width="150" border="0" cellspacing="6" cellpadding="0"><%
while(iter4.hasNext()) topSubMenu = topSubMenu + 30;
{ zIndex = zIndex + 1;
AbstractLesson lesson = (AbstractLesson)iter4.next();
while (iter4.hasNext()) {
%><tr> AbstractLesson lesson = (AbstractLesson) iter4.next();
<td><%=(lesson.isCompleted(webSession) ? lessonComplete : "")%><a href="<%=lesson.getLink()%>"><%=lesson.getTitle()%></a></td>
</tr> %><tr>
<% if (lesson instanceof RandomLessonAdapter) { <td><%=(lesson.isCompleted(webSession) ? lessonComplete : "")%><a href="<%=lesson.getLink()%>"><%=lesson.getTitle()%></a></td>
RandomLessonAdapter rla = (RandomLessonAdapter) lesson; </tr>
String[] stages = rla.getStages(); <% if (lesson instanceof RandomLessonAdapter) {
if (stages != null) RandomLessonAdapter rla = (RandomLessonAdapter) lesson;
for (int i=0; i<stages.length; i++) { String[] stages = rla.getStages();
%> if (stages != null)
<tr><td class="pviimenudivstage"><%=(rla.isStageComplete(webSession, stages[i]) ? lessonComplete : "")%><a href="<%=lesson.getLink() + "&stage=" + (i+1) %>">Stage <%=i+1%>: <%=stages[i] %></a> for (int i = 0; i < stages.length; i++) {
</td></tr> %>
<% <tr><td class="pviimenudivstage"><%=(rla.isStageComplete(webSession, stages[i]) ? lessonComplete : "")%><a href="<%=lesson.getLink() + "&stage=" + (i + 1)%>">Stage <%=i + 1%>: <%=stages[i]%></a>
} </td></tr>
} <%
%> }
<% }
} %>
%> <%
</table> }
</div><% %>
}%> </table>
<div id="top"></div> </div><%
<div id="topLeft"> }%>
<div align="left"> <div id="top"></div>
<% if (currentLesson.getAvailableLanguages().size() != 0 ) <div id="topLeft">
{ <div align="left">
%> <% if (currentLesson.getAvailableLanguages().size() != 0) {
<form method="get" action="attack" style="display: inline;"> %>
Choose another language: <select name="language" size="1" <form method="get" action="attack" style="display: inline;">
onChange="changeLanguage();"> Choose another language: <select name="language" size="1"
<% onChange="changeLanguage();">
for(String lang: currentLesson.getAvailableLanguages()){ <%
%> for (String lang : currentLesson.getAvailableLanguages()) {
<option value="<%=lang%>" %>
<% if(webSession.getCurrrentLanguage().equals(lang)) out.println("selected" );%>><%=lang%> <option value="<%=lang%>"
</option> <% if (webSession.getCurrrentLanguage().equals(lang)) {
<% out.println("selected");
}%>><%=lang%>
} </option>
%> <%
</select></form>
<% }
} else { %>
%> </select></form>
Internationalization is not available for this lesson <%
<% } else {
} %>
%> Internationalization is not available for this lesson
</div></div> <%
<div align="right" id="topRight"> }
<a href="attack?action=Logout" onmouseout="MM_swapImgRestore()" %>
onmouseover="MM_swapImage('logout','','images/buttons/logoutOver.jpg',1)"><img </div></div>
src="images/buttons/logout.jpg" alt="LogOut" name="logout" width="45" <div align="right" id="topRight">
height="22" border="0" id="logout" /></a> <a href="#getFAQ()" <a href="j_spring_security_logout" onmouseout="MM_swapImgRestore()"
onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('logout', '', 'images/buttons/logoutOver.jpg', 1)"><img
onmouseover="MM_swapImage('help','','images/buttons/helpOver.jpg',1)"><img src="images/buttons/logout.jpg" alt="LogOut" name="logout" width="45"
src="images/buttons/help.jpg" alt="Help" name="help" width="22" height="22" border="0" id="logout" /></a> <a href="#getFAQ()"
height="22" border="0" id="help" /></a> onmouseout="MM_swapImgRestore()"
</div> onmouseover="MM_swapImage('help', '', 'images/buttons/helpOver.jpg', 1)"><img
<div id="lessonTitle" align="right"><%=currentLesson.getTitle()%></div> src="images/buttons/help.jpg" alt="Help" name="help" width="22"
<div id="hMenuBar"> height="22" border="0" id="help" /></a>
<% </div>
if (webSession.isAuthorizedInLesson(webSession.getRole(), WebSession.SHOWHINTS)) <div id="lessonTitle" align="right"><%=currentLesson.getTitle()%></div>
{ <div id="hMenuBar">
%> <%
<a href="<%= webSession.getCurrentLesson().getLink() %>&show=PreviousHint" target="_top" onclick="MM_nbGroup('down','group1','hintLeft','',1)" if (webSession.isAuthorizedInLesson(webSession.getRole(), WebSession.SHOWHINTS)) {
onmouseover="MM_nbGroup('over','hintLeft','images/buttons/hintLeftOver.jpg','',1)" %>
onmouseout="MM_nbGroup('out')"> <a href="<%= webSession.getCurrentLesson().getLink()%>&show=PreviousHint" target="_top" onclick="MM_nbGroup('down', 'group1', 'hintLeft', '', 1)"
<img src="images/buttons/hintLeft.jpg" alt="Previous Hint" name="hintLeft" width="20" height="20" border="0" id="hintLeft"/> onmouseover="MM_nbGroup('over', 'hintLeft', 'images/buttons/hintLeftOver.jpg', '', 1)"
</a> onmouseout="MM_nbGroup('out')">
<a href="<%= webSession.getCurrentLesson().getLink() %>&show=NextHint" target="_top" onclick="MM_nbGroup('down','group1','hint','',1)" <img src="images/buttons/hintLeft.jpg" alt="Previous Hint" name="hintLeft" width="20" height="20" border="0" id="hintLeft"/>
onmouseover="MM_nbGroup('over','hint','images/buttons/hintOver.jpg','',1)" </a>
onmouseout="MM_nbGroup('out')"> <a href="<%= webSession.getCurrentLesson().getLink()%>&show=NextHint" target="_top" onclick="MM_nbGroup('down', 'group1', 'hint', '', 1)"
<img src="images/buttons/hint.jpg" alt="Hints" name="hint" width="35" height="20" border="0" id="hint"/> onmouseover="MM_nbGroup('over', 'hint', 'images/buttons/hintOver.jpg', '', 1)"
</a> onmouseout="MM_nbGroup('out')">
<a href="<%= webSession.getCurrentLesson().getLink() %>&show=NextHint" target="_top" onclick="MM_nbGroup('down','group1','hintRight','',1)" <img src="images/buttons/hint.jpg" alt="Hints" name="hint" width="35" height="20" border="0" id="hint"/>
onmouseover="MM_nbGroup('over','hintRight','images/buttons/hintRightOver.jpg','',1)" </a>
onmouseout="MM_nbGroup('out')"> <a href="<%= webSession.getCurrentLesson().getLink()%>&show=NextHint" target="_top" onclick="MM_nbGroup('down', 'group1', 'hintRight', '', 1)"
<img src="images/buttons/hintRight.jpg" alt="Next Hint" name="hintRight" width="20" height="20" border="0" id="hintRight"/> onmouseover="MM_nbGroup('over', 'hintRight', 'images/buttons/hintRightOver.jpg', '', 1)"
</a> onmouseout="MM_nbGroup('out')">
<%}%> <img src="images/buttons/hintRight.jpg" alt="Next Hint" name="hintRight" width="20" height="20" border="0" id="hintRight"/>
<a href="<%= webSession.getCurrentLesson().getLink() %>&show=Params" target="_top" onclick="MM_nbGroup('down','group1','params','',1)" </a>
onmouseover="MM_nbGroup('over','params','images/buttons/paramsOver.jpg','',1)" <%}%>
onmouseout="MM_nbGroup('out')"> <a href="<%= webSession.getCurrentLesson().getLink()%>&show=Params" target="_top" onclick="MM_nbGroup('down', 'group1', 'params', '', 1)"
<img src="images/buttons/params.jpg" alt="Show Params" name="<%= webSession.getCurrentLesson().getLink() %>&show=Params" width="87" height="20" border="0" id="params"/> onmouseover="MM_nbGroup('over', 'params', 'images/buttons/paramsOver.jpg', '', 1)"
</a> onmouseout="MM_nbGroup('out')">
<a href="<%= webSession.getCurrentLesson().getLink() %>&show=Cookies" target="_top" onclick="MM_nbGroup('down','group1','cookies','',1)" <img src="images/buttons/params.jpg" alt="Show Params" name="<%= webSession.getCurrentLesson().getLink()%>&show=Params" width="87" height="20" border="0" id="params"/>
onmouseover="MM_nbGroup('over','cookies','images/buttons/cookiesOver.jpg','',1)" </a>
onmouseout="MM_nbGroup('out')"> <a href="<%= webSession.getCurrentLesson().getLink()%>&show=Cookies" target="_top" onclick="MM_nbGroup('down', 'group1', 'cookies', '', 1)"
<img src="images/buttons/cookies.jpg" alt="Show Cookies" name="cookies" width="99" height="20" border="0" id="cookies"/> onmouseover="MM_nbGroup('over', 'cookies', 'images/buttons/cookiesOver.jpg', '', 1)"
</a> onmouseout="MM_nbGroup('out')">
<a href="javascript:toggle('lessonPlans')" target="_top" onclick="MM_nbGroup('down','group1','plans','',1)" <img src="images/buttons/cookies.jpg" alt="Show Cookies" name="cookies" width="99" height="20" border="0" id="cookies"/>
onmouseover="MM_nbGroup('over','plans','images/buttons/plansOver.jpg','',1)" </a>
onmouseout="MM_nbGroup('out')"> <a href="javascript:toggle('lessonPlans')" target="_top" onclick="MM_nbGroup('down', 'group1', 'plans', '', 1)"
<img src="images/buttons/plans.jpg" alt="Lesson Plans" width="89" height="20" border="0" id="plans"/> onmouseover="MM_nbGroup('over', 'plans', 'images/buttons/plansOver.jpg', '', 1)"
</a> onmouseout="MM_nbGroup('out')">
<% <img src="images/buttons/plans.jpg" alt="Lesson Plans" width="89" height="20" border="0" id="plans"/>
if (webSession.isAuthorizedInLesson(webSession.getRole(), WebSession.SHOWSOURCE)) </a>
{ <%
%> if (webSession.isAuthorizedInLesson(webSession.getRole(), WebSession.SHOWSOURCE)) {
<a href="source" onclick="makeWindow(this.href+ '?source=true', 'Java Source');return false;" target="javaWin" %>
onmouseover="MM_nbGroup('over','java','images/buttons/javaOver.jpg','',1)" <a href="source" onclick="makeWindow(this.href + '?source=true', 'Java Source');
onmouseout="MM_nbGroup('out')"> return false;" target="javaWin"
<img src="images/buttons/java.jpg" alt="Show Java" name="java" width="75" height="20" border="0" id="java"/> onmouseover="MM_nbGroup('over', 'java', 'images/buttons/javaOver.jpg', '', 1)"
</a> onmouseout="MM_nbGroup('out')">
<a href="source" onclick="makeWindow(this.href + '?solution=true', 'Java Solution');return false;" target="javaWin" <img src="images/buttons/java.jpg" alt="Show Java" name="java" width="75" height="20" border="0" id="java"/>
onmouseover="MM_nbGroup('over','solutions','images/buttons/solutionsOver.jpg','',1)" </a>
onmouseout="MM_nbGroup('out')"> <a href="source" onclick="makeWindow(this.href + '?solution=true', 'Java Solution');
<img src="images/buttons/solutions.jpg" alt="Show Solution" name="solutions" width="73" height="20" border="0" id="solutions"/> return false;" target="javaWin"
</a> onmouseover="MM_nbGroup('over', 'solutions', 'images/buttons/solutionsOver.jpg', '', 1)"
<%}%> onmouseout="MM_nbGroup('out')">
<img src="images/buttons/solutions.jpg" alt="Show Solution" name="solutions" width="73" height="20" border="0" id="solutions"/>
</div> </a>
<div id="twoCol"> <%}%>
<div id="menuSpacer"></div>
<div id="lessonAreaTop"> </div>
<% <div id="twoCol">
if (currentLesson != null) <div id="menuSpacer"></div>
{ <div id="lessonAreaTop">
%> <%
<div id="training_wrap"> if (currentLesson != null) {
<div id="training" class="info"><a href="http://yehg.net/lab/pr0js/training/webgoat.php" target="_blank"><%=WebGoatI18N.get("SolutionVideos")%></a></div> %>
<div id="reset" class="info"><a href="<%=webSession.getRestartLink()%>"><%=WebGoatI18N.get("RestartLesson")%></a></div> <div id="training_wrap">
</div> <div id="training" class="info"><a href="http://yehg.net/lab/pr0js/training/webgoat.php" target="_blank"><%=WebGoatI18N.get("SolutionVideos")%></a></div>
<% <div id="reset" class="info"><a href="<%=webSession.getRestartLink()%>"><%=WebGoatI18N.get("RestartLesson")%></a></div>
} </div>
%> <%
</div> }
<div id="lessonArea"> %>
<% </div>
if (webSession.getHint() != null) <div id="lessonArea">
{ <%
printHint = "<div id=\"hint\" class=\"info\">" + webSession.getHint() + "</div><br>"; if (webSession.getHint() != null) {
out.println(printHint); printHint = "<div id=\"hint\" class=\"info\">" + webSession.getHint() + "</div><br>";
} out.println(printHint);
}
if (webSession.getParams() != null)
{ if (webSession.getParams() != null) {
Iterator i = webSession.getParams().iterator(); Iterator i = webSession.getParams().iterator();
while (i.hasNext()) while (i.hasNext()) {
{ Parameter p = (Parameter) i.next();
Parameter p = (Parameter) i.next(); printParameters = "<div id=\"parameter\" class=\"info\">" + p.getName() + "=" + p.getValue() + "</div><br>";
printParameters = "<div id=\"parameter\" class=\"info\">" + p.getName() + "=" + p.getValue() + "</div><br>"; out.println(printParameters);
out.println(printParameters); }
} }
}
if (webSession.getCookies() != null) {
if (webSession.getCookies() != null) Iterator i = webSession.getCookies().iterator();
{ while (i.hasNext()) {
Iterator i = webSession.getCookies().iterator(); Cookie c = (Cookie) i.next();
while (i.hasNext()) printCookies = "<div id=\"cookie\" class=\"info\">" + c.getName() + " <img src=\"images/icons/rightArrow.jpg\" alt=\"\"> " + c.getValue() + "</div><br>";
{ out.println(printCookies);
Cookie c = (Cookie) i.next(); }
printCookies = "<div id=\"cookie\" class=\"info\">" + c.getName() + " <img src=\"images/icons/rightArrow.jpg\" alt=\"\"> " + c.getValue() + "</div><br>"; }%>
out.println(printCookies); <div id="lessonPlans" style="visibility:hidden; height:1px; position:absolute; left:260px; top:130px; width:425px; z-index:105;"><%=currentLesson.getLessonPlan(webSession)%>
} <br/>
}%> <br/>
<div id="lessonPlans" style="visibility:hidden; height:1px; position:absolute; left:260px; top:130px; width:425px; z-index:105;"><%=currentLesson.getLessonPlan(webSession) %> <a href="javascript:toggle('lessonPlans')" target="_top" onclick="MM_nbGroup('down', 'group1', 'plans', '', 1)">Close this Window</a>
<br/> </div>
<br/> <div id="lessonContent">
<a href="javascript:toggle('lessonPlans')" target="_top" onclick="MM_nbGroup('down','group1','plans','',1)">Close this Window</a> <%
</div> AbstractLesson lesson = webSession.getCurrentLesson();
<div id="lessonContent"> if (lesson instanceof RandomLessonAdapter) {
<% RandomLessonAdapter rla = (RandomLessonAdapter) lesson;
AbstractLesson lesson = webSession.getCurrentLesson(); %>
if (lesson instanceof RandomLessonAdapter) { <div class="info">Stage <%= rla.getLessonTracker(webSession).getStageNumber(rla.getStage(webSession)) + 1%></div>
RandomLessonAdapter rla = (RandomLessonAdapter) lesson; <%
%> }
<div class="info">Stage <%= rla.getLessonTracker(webSession).getStageNumber(rla.getStage(webSession)) + 1 %></div> %>
<% <%=webSession.getInstructions()%></div>
} <div id="message" class="info"><%=webSession.getMessage()%></div>
%>
<%=webSession.getInstructions()%></div> <%
<div id="message" class="info"><%=webSession.getMessage()%></div> if (currentLesson.getTemplatePage(webSession) != null) {
//System.out.println("Main.jsp - current lesson: " + currentLesson.getName() );
<% //System.out.println(" - template Page: " + currentLesson.getTemplatePage(webSession));
if (currentLesson.getTemplatePage(webSession) != null) %>
{ <jsp:include page="<%=currentLesson.getTemplatePage(webSession)%>" />
//System.out.println("Main.jsp - current lesson: " + currentLesson.getName() ); <%
//System.out.println(" - template Page: " + currentLesson.getTemplatePage(webSession)); } else {
%> %>
<jsp:include page="<%=currentLesson.getTemplatePage(webSession)%>" /> <div id="lessonContent"><%=currentLesson.getContent()%></div>
<% <%
} }
else %>
{ <div id="credits">
%> <% out.println(currentLesson.getCredits());%>
<div id="lessonContent"><%=currentLesson.getContent()%></div> </div>
<% </div>
} </div>
%>
<div id="credits"> <div id="bottom">
<% out.println(currentLesson.getCredits());%> <div align="center"><a href="http://www.owasp.org">OWASP Foundation</a> |
</div> <a href="http://www.owasp.org/index.php/OWASP_WebGoat_Project">Project WebGoat</a> |
</div> <a href="reportBug.jsp">Report Bug</a>
</div> </div>
</div>
<div id="bottom"> </div>
<div align="center"><a href="http://www.owasp.org">OWASP Foundation</a> | </body>
<a href="http://www.owasp.org/index.php/OWASP_WebGoat_Project">Project WebGoat</a> | </html>
<a href="reportBug.jsp">Report Bug</a>
</div>
</div>
</div>
</body>
</html>

4
webapp/webgoat.jsp
View File

@ -2,7 +2,7 @@
errorPage=""%> errorPage=""%>
<%@page import="org.owasp.webgoat.session.WebSession"%> <%@page import="org.owasp.webgoat.session.WebSession"%>
<% <%
WebSession webSession = ((WebSession) session.getAttribute("websession")); //WebSession webSession = ((WebSession) session.getAttribute("websession"));
%> %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@ -22,7 +22,7 @@
The exercises are intended to provide hands on experience with The exercises are intended to provide hands on experience with
application penetration testing techniques. </p> application penetration testing techniques. </p>
<p>The WebGoat project is led <p>The WebGoat project is led
by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatContext().getFeedbackAddress()%>.</p> by Bruce Mayhew. Please send all comments to Bruce at [TODO, session was blowing up here for some reason].</p>
<div id="team"> <div id="team">
<table border="0" align="center" class="lessonText"> <table border="0" align="center" class="lessonText">