Startup scripts, changes to make offbyone more sequential
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@446 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
		| @ -73,6 +73,7 @@ delete artifacts from previous build: | |||||||
| Building the Eclipse project files | Building the Eclipse project files | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
|  |  | ||||||
|  | > mvn eclipse:clean | ||||||
| > mvn eclipse:eclipse | > mvn eclipse:eclipse | ||||||
|  |  | ||||||
| Afterward the project can be imported within Eclipse: | Afterward the project can be imported within Eclipse: | ||||||
|  | |||||||
							
								
								
									
										122
									
								
								build.xml
									
									
									
									
									
								
							
							
						
						
									
										122
									
								
								build.xml
									
									
									
									
									
								
							| @ -54,13 +54,20 @@ | |||||||
| 			     project is bound to this path. | 			     project is bound to this path. | ||||||
| --> | --> | ||||||
|  |  | ||||||
|   <property name="app.home"    		   value="${basedir}/project"/> |   	<property name="app.home"    		   value="${basedir}"/> | ||||||
|   <property name="app.name"    		   value="WebGoat"/>	<!-- MUST BE CONSISTENT WITH project/build.xml! --> |   	<property name="app.name"    		   value="WebGoat"/>	<!-- MUST BE CONSISTENT WITH src/main/build.xml! --> | ||||||
|   <property name="app.version"    		   value="5.1"/>		<!-- MUST BE CONSISTENT WITH project/build.xml! --> |   	<property name="app.version"    		   value="5.4"/>		<!-- MUST BE CONSISTENT WITH src/main/build.xml! --> | ||||||
|   <property name="catalina.home" 		   value="${basedir}/tomcat"/> |   	<property name="catalina.home" 		   value="${basedir}/../apache-tomcat-7.0.27"/> | ||||||
|   <property name="dist.home"     		   value="${app.home}/dist"/> |   	<property name="dist.home"     		   value="${app.home}/dist"/> | ||||||
|   <property name="dist.owasp"     		   value="${app.home}/owasp_distributions"/> |   	<property name="dist.owasp"     		   value="${app.home}/owasp_distributions"/> | ||||||
|   <property name="install.home"     	   value="WebGoat-${app.version}"/> |   	<property name="install.home"     	   value="WebGoat-${app.version}"/> | ||||||
|  |   	<property name="maven.war"     	   value="${basedir}/target/webgoat-5.4-SNAPSHOT.war"/> <!-- UPDATE THIS! --> | ||||||
|  | 	<property name="maven.target"     	   value="${basedir}/target/webgoat-5.4-SNAPSHOT"/> <!-- UPDATE THIS! --> | ||||||
|  | 	 <property name="java32.home"     	   value="C:/Program Files (x86)/Java/jre7"/> <!-- UPDATE THIS! --> | ||||||
|  | 	 <property name="java64.home"     	   value="C:/Program Files/Java/jdk1.6.0_26"/> <!-- UPDATE THIS! --> | ||||||
|  | 	 <property name="tomcat32.home"     	   value="C:/RTC/WebGoat/apache-tomcat-7.0.27-x86/"/> <!-- UPDATE THIS! --> | ||||||
|  | 	 <property name="tomcat64.home"     	   value="C:/RTC/WebGoat/apache-tomcat-7.0.27"/> <!-- UPDATE THIS! --> | ||||||
|  |  | ||||||
| 	 | 	 | ||||||
| <!-- ==================== Clean Target ==================================== --> | <!-- ==================== Clean Target ==================================== --> | ||||||
|  |  | ||||||
| @ -90,47 +97,6 @@ | |||||||
|  	<mkdir dir="${dist.owasp}"/> |  	<mkdir dir="${dist.owasp}"/> | ||||||
|   </target> |   </target> | ||||||
|  |  | ||||||
| <!-- ==================== Compile Target ===================================== --> |  | ||||||
| 	 |  | ||||||
|   <target name="compile" depends="Compile-WebGoat" |  | ||||||
| 	description="Build all dependency applications"> |  | ||||||
|   </target> |  | ||||||
|  |  | ||||||
|   <target name="Compile-WebGoat" |  | ||||||
| 	description="Build the WebGoat application"> |  | ||||||
| 		<ant dir="${app.home}" target="BuildWar" inheritAll="false"/> |  | ||||||
|   </target> |  | ||||||
|  |  | ||||||
| <!-- |  | ||||||
|   <target name="DELETE_ME_Compile-WebGoat-Unix" |  | ||||||
| 	description="Build the WebGoat application"> |  | ||||||
| 		<ant dir="${app.home}" target="BuildUnixWar" inheritAll="false"/> |  | ||||||
|   </target> |  | ||||||
| --> |  | ||||||
| 	 |  | ||||||
|   <target name="Compile-WebGoat-LAB" |  | ||||||
| 	description="Build the WebGoat application"> |  | ||||||
| 		<ant dir="${app.home}" inheritAll="false"> |  | ||||||
| 			<target name="-WebGoatPropertiesLAB"/> |  | ||||||
| 			<target name="BuildWar"/> |  | ||||||
| 		</ant> |  | ||||||
|   </target> |  | ||||||
|  |  | ||||||
|   <target name="Compile-WebGoat-Class" |  | ||||||
| 	description="Build the WebGoat application"> |  | ||||||
| 		<ant dir="${app.home}" inheritAll="false"> |  | ||||||
| 			<target name="-WebGoatPropertiesClass"/> |  | ||||||
| 			<target name="BuildWar"/> |  | ||||||
| 		</ant> |  | ||||||
|   </target> |  | ||||||
|  |  | ||||||
|   <target name="Compile-WebGoat-OWASP" |  | ||||||
| 	description="Build the WebGoat application"> |  | ||||||
| 		<ant dir="${app.home}" inheritAll="false"> |  | ||||||
| 			<target name="-WebGoatPropertiesOWASP"/> |  | ||||||
| 			<target name="BuildWar"/> |  | ||||||
| 		</ant> |  | ||||||
|   </target> |  | ||||||
|  |  | ||||||
| <!-- ==================== Dist Target ===================================== --> | <!-- ==================== Dist Target ===================================== --> | ||||||
|  |  | ||||||
| @ -143,8 +109,27 @@ | |||||||
|     dependencies) will have been assembled |     dependencies) will have been assembled | ||||||
| --> | --> | ||||||
|  |  | ||||||
|  | 	  <target name="DeployWar32"  | ||||||
|  | 	   	description="Copy existing war to Tomcat - Does not rebuild"> | ||||||
|  |  | ||||||
|   <target name="ZipProject" | 	    <!-- Install war to Tomcat --> | ||||||
|  | 	    <delete dir="${tomcat32.home}/webapps/${app.name}"/> | ||||||
|  | 	    <delete file="${tomcat32.home}/webapps/${app.name}.war"/> | ||||||
|  | 	    <copy file="${maven.war}" tofile="${tomcat32.home}/webapps/${app.name}.war"/> | ||||||
|  | 		  | ||||||
|  | 	  </target>  | ||||||
|  | 	  <target name="DeployWar64"  | ||||||
|  | 	   	description="Copy existing war to Tomcat - Does not rebuild"> | ||||||
|  |  | ||||||
|  | 	    <!-- Install war to Tomcat --> | ||||||
|  | 	    <delete dir="${tomcat64.home}/webapps/${app.name}"/> | ||||||
|  | 	    <delete file="${tomcat65.home}/webapps/${app.name}.war"/> | ||||||
|  | 	    <copy file="${maven.war}" tofile="${catalina.home}/webapps/${app.name}.war"/> | ||||||
|  | 		  | ||||||
|  | 	  </target>  | ||||||
|  | 	 | ||||||
|  |  | ||||||
|  |   <target name="ZipProject-Win64" | ||||||
|    	description="Create a zip archive of all Eclipse project files from C:\WebGoatClassCD"> |    	description="Create a zip archive of all Eclipse project files from C:\WebGoatClassCD"> | ||||||
|  |  | ||||||
| 		<!-- Put a copy of the keystore into the WTP dynamic deployment area --> | 		<!-- Put a copy of the keystore into the WTP dynamic deployment area --> | ||||||
| @ -156,22 +141,11 @@ | |||||||
|   </target>  |   </target>  | ||||||
|  |  | ||||||
|   |   | ||||||
|   <target name="DeployWar"  |  | ||||||
|    	description="Copy existing war to Tomcat - Does not rebuild"> |  | ||||||
|  |  | ||||||
|     <!-- Install war to Tomcat --> |  | ||||||
|     <delete dir="${catalina.home}/webapps/${app.name}"/> |  | ||||||
|     <delete file="${catalina.home}/webapps/${app.name}.war"/> |  | ||||||
|     <copy file="${app.home}/dist/${app.name}-${app.version}.war" tofile="${catalina.home}/webapps/${app.name}.war"/> |  | ||||||
| 	  |  | ||||||
|   </target>  |  | ||||||
| 	 |  | ||||||
|  |  | ||||||
| 	<!--Build patch release --> | 	<!--Build patch release --> | ||||||
| 	<target name="BuildPatch_release" depends="clean, compile" | 	<target name="BuildPatch_release" depends="clean" | ||||||
| 	   description="Creates patch release of class files for WebGoat">  | 	   description="Creates patch release of class files for WebGoat">  | ||||||
| 		<zip destfile="${dist.home}/${app.name}-${app.version}_patch.zip"> | 		<zip destfile="${dist.home}/${app.name}-${app.version}_patch.zip"> | ||||||
| 	    		<zipfileset dir="build/WEB-INF/classes" prefix="WEB-INF/classes"/> | 	    		<zipfileset dir="${maven.target}/WEB-INF/classes" prefix="WEB-INF/classes"/> | ||||||
| 			<zipfileset dir="." includes="readme_patch.txt"/> | 			<zipfileset dir="." includes="readme_patch.txt"/> | ||||||
| 		</zip> | 		</zip> | ||||||
| 	</target> | 	</target> | ||||||
| @ -236,18 +210,26 @@ | |||||||
| 		</zip> | 		</zip> | ||||||
| 	</target> 	 | 	</target> 	 | ||||||
|  |  | ||||||
| 	<target name="Build_OWASP_Standard_Release" depends="clean" | 	<target name="Build_OWASP_Standard_Release_32" depends="clean" | ||||||
|  | 			description="Builds WebGoat OWASP release"> | ||||||
|  | 		<antcall target="DeployWar32"> </antcall>  | ||||||
|  | 		<!-- Build the CD image --> | ||||||
|  | 		<zip destfile="${dist.home}/${ant.project.name}-OWASP_Standard_32-${app.version}.zip"> | ||||||
|  | 			<zipfileset dir="." prefix="${install.home}" | ||||||
|  | 				includes=", READ*.txt, webgoat.*, webgoat_8080.*" | ||||||
|  | 				excludes=".*, .settings/**,dist/**, owasp_distributions/**, bin/**, build/**"/> | ||||||
|  | 			<zipfileset dir="${java32.home}" prefix="${install.home}/java"/> | ||||||
|  | 			<zipfileset dir="${tomcat32.home}" prefix="${install.home}/tomcat"/> | ||||||
|  | 		</zip> | ||||||
|  | 	</target> 	 | ||||||
|  | 	 | ||||||
|  | 	<target name="Build_OWASP_Standard_Release_64" depends="clean" | ||||||
| 			description="Builds WebGoat OWASP release"> | 			description="Builds WebGoat OWASP release"> | ||||||
| 		<!-- Build the WebGoat WAR with the desired properties file --> |  | ||||||
| 		<ant dir="${app.home}" inheritAll="false"> |  | ||||||
| 			<target name="WebGoatPropertiesOWASP"/> |  | ||||||
| 			<target name="BuildWar"/> |  | ||||||
| 		</ant> |  | ||||||
| 		<antcall target="DeployWar"> </antcall>  | 		<antcall target="DeployWar"> </antcall>  | ||||||
| 		<!-- Build the CD image --> | 		<!-- Build the CD image --> | ||||||
| 		<zip destfile="${dist.home}/${ant.project.name}-OWASP_Standard-${app.version}.zip"> | 		<zip destfile="${dist.home}/${ant.project.name}-OWASP_Standard_64-${app.version}.zip"> | ||||||
| 			<zipfileset dir="." prefix="${install.home}" | 			<zipfileset dir="." prefix="${install.home}" | ||||||
| 				includes="java/, tomcat/, read*.txt, webgoat.bat, webgoat_8080.bat" | 				includes="java/, tomcat/, read*.txt, webgoat.*, webgoat_8080.*" | ||||||
| 				excludes="project/.*, project/.settings/**, project/dist/**, project/owasp_distributions/**, project/bin/**, project/build/**"/> | 				excludes="project/.*, project/.settings/**, project/dist/**, project/owasp_distributions/**, project/bin/**, project/build/**"/> | ||||||
| 		</zip> | 		</zip> | ||||||
| 	</target> 	 | 	</target> 	 | ||||||
|  | |||||||
							
								
								
									
										2
									
								
								pom.xml
									
									
									
									
									
								
							
							
						
						
									
										2
									
								
								pom.xml
									
									
									
									
									
								
							| @ -4,7 +4,7 @@ | |||||||
| 	<groupId>webgoat</groupId> | 	<groupId>webgoat</groupId> | ||||||
| 	<artifactId>webgoat</artifactId> | 	<artifactId>webgoat</artifactId> | ||||||
| 	<packaging>war</packaging> | 	<packaging>war</packaging> | ||||||
| 	<version>5.41-SNAPSHOT</version> | 	<version>5.4-SNAPSHOT</version> | ||||||
| 	 | 	 | ||||||
| 	<repositories> | 	<repositories> | ||||||
| 		<repository> | 		<repository> | ||||||
|  | |||||||
| @ -130,6 +130,8 @@ public class OffByOne extends LessonAdapter | |||||||
| 		hints.add("See which fields during the registration process, allow for really long input to be submitted."); | 		hints.add("See which fields during the registration process, allow for really long input to be submitted."); | ||||||
| 		hints.add("Check for hidden form fields during registration"); | 		hints.add("Check for hidden form fields during registration"); | ||||||
| 		hints.add("Typically, web-based buffer overflows occur just above the value of 2 to the power of a number. E.g. 1024 + 1, 2048 + 1, 4096 + 1"); | 		hints.add("Typically, web-based buffer overflows occur just above the value of 2 to the power of a number. E.g. 1024 + 1, 2048 + 1, 4096 + 1"); | ||||||
|  | 		hints.add("Overflow the room number field with 4096+1 characters and look for hidden fields"); | ||||||
|  | 		hints.add("Enter the VIP name in the first and last naem fields"); | ||||||
| 		return hints; | 		return hints; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| @ -405,7 +407,9 @@ public class OffByOne extends LessonAdapter | |||||||
| 	private Element makeThirdStep(WebSession s) | 	private Element makeThirdStep(WebSession s) | ||||||
| 	{ | 	{ | ||||||
| 		ElementContainer ec = new ElementContainer(); | 		ElementContainer ec = new ElementContainer(); | ||||||
| 		String param = ""; | 		String param1 = ""; | ||||||
|  | 		String param2 = ""; | ||||||
|  | 		String param3 = ""; | ||||||
|  |  | ||||||
| 		// Header | 		// Header | ||||||
| 		ec.addElement(new StringElement("You have now completed the 2 step process and have access to the Internet")); | 		ec.addElement(new StringElement("You have now completed the 2 step process and have access to the Internet")); | ||||||
| @ -453,23 +457,23 @@ public class OffByOne extends LessonAdapter | |||||||
| 		ec.addElement("\r\n"); | 		ec.addElement("\r\n"); | ||||||
|  |  | ||||||
| 		// Hidden Form Fields | 		// Hidden Form Fields | ||||||
| 		param = s.getParser().getStringParameter(LAST_NAME, ""); | 		param1 = s.getParser().getStringParameter(LAST_NAME, ""); | ||||||
| 		Input input = new Input(Input.HIDDEN, "a", param); | 		Input input = new Input(Input.HIDDEN, "a", param1); | ||||||
| 		ec.addElement(input); | 		ec.addElement(input); | ||||||
| 		ec.addElement("\r\n"); | 		ec.addElement("\r\n"); | ||||||
|  |  | ||||||
| 		param = s.getParser().getStringParameter(FIRST_NAME, ""); | 		param2 = s.getParser().getStringParameter(FIRST_NAME, ""); | ||||||
| 		input = new Input(Input.HIDDEN, "b", param); | 		input = new Input(Input.HIDDEN, "b", param2); | ||||||
| 		ec.addElement(input); | 		ec.addElement(input); | ||||||
| 		ec.addElement("\r\n"); | 		ec.addElement("\r\n"); | ||||||
|  |  | ||||||
| 		param = s.getParser().getStringParameter(ROOM_NUMBER, ""); | 		param3 = s.getParser().getStringParameter(ROOM_NUMBER, ""); | ||||||
| 		input = new Input(Input.HIDDEN, "c", param); | 		input = new Input(Input.HIDDEN, "c", param3); | ||||||
| 		ec.addElement(input); | 		ec.addElement(input); | ||||||
| 		ec.addElement("\r\n"); | 		ec.addElement("\r\n"); | ||||||
|  |  | ||||||
| 		// And finally the check... | 		// And finally the check... | ||||||
| 		if(param.length() > 4096) | 		if(param3.length() > 4096) | ||||||
| 		{ | 		{ | ||||||
| 			ec.addElement(new Input(Input.hidden, "d", "Johnathan")); | 			ec.addElement(new Input(Input.hidden, "d", "Johnathan")); | ||||||
| 			ec.addElement("\r\n"); | 			ec.addElement("\r\n"); | ||||||
| @ -498,9 +502,18 @@ public class OffByOne extends LessonAdapter | |||||||
| 			ec.addElement("\r\n"); | 			ec.addElement("\r\n"); | ||||||
| 			ec.addElement(new Input(Input.hidden, "o", "9901")); | 			ec.addElement(new Input(Input.hidden, "o", "9901")); | ||||||
| 			ec.addElement("\r\n"); | 			ec.addElement("\r\n"); | ||||||
| 			// :) |  | ||||||
| 			makeSuccess(s); |  | ||||||
|  |  | ||||||
|  | 			s.setMessage("To complete the lesson, restart lesson and enter VIP first/last name"); | ||||||
|  |  | ||||||
|  | 		} | ||||||
|  | 		if (("Johnathan".equalsIgnoreCase(param2) || "John".equalsIgnoreCase(param2) | ||||||
|  | 				|| "Ana".equalsIgnoreCase(param2) ||"Lewis".equalsIgnoreCase(param2)) | ||||||
|  | 				&& ("Ravern".equalsIgnoreCase(param1) || "Smith".equalsIgnoreCase(param1) | ||||||
|  | 						|| "Arneta".equalsIgnoreCase(param1) ||"Hamilton".equalsIgnoreCase(param1))) | ||||||
|  | 		{ | ||||||
|  | 			// :) | ||||||
|  | 			// Allows for mixed VIP names, but that's not really the point | ||||||
|  | 			makeSuccess(s); | ||||||
| 		} | 		} | ||||||
| 		 | 		 | ||||||
| 		// Footer | 		// Footer | ||||||
| @ -510,7 +523,6 @@ public class OffByOne extends LessonAdapter | |||||||
| 		ec.addElement(new br()); | 		ec.addElement(new br()); | ||||||
| 		ec.addElement(new br()); | 		ec.addElement(new br()); | ||||||
| 		 | 		 | ||||||
| 		 |  | ||||||
| 		return ec; | 		return ec; | ||||||
| 	} | 	} | ||||||
| 		 | 		 | ||||||
|  | |||||||
							
								
								
									
										34
									
								
								webgoat for SQL Server.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										34
									
								
								webgoat for SQL Server.bat
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,34 @@ | |||||||
|  | @echo on | ||||||
|  |  | ||||||
|  |  | ||||||
|  | @REM Clear the lib env var as it can hose tomcat | ||||||
|  | SET lib=  | ||||||
|  |  | ||||||
|  | @REM Make sure the webgoat DB is writable | ||||||
|  | attrib -R .\tomcat\webapps\WebGoat\database\*.* | ||||||
|  |  | ||||||
|  | @REM Set env vars for tomcat and java, use PWD as some machines don't have | ||||||
|  | @REM \. on their path | ||||||
|  | set PWD=%cd% | ||||||
|  | set CATALINA_HOME=%PWD%\tomcat | ||||||
|  | set JAVA_HOME=%PWD%\java | ||||||
|  |  | ||||||
|  | @REM Configure environment variables to override web.xml | ||||||
|  | SET DatabaseDriver=net.sourceforge.jtds.jdbc.Driver | ||||||
|  | SET DatabaseConnectionString=jdbc:jtds:sqlserver://./webgoat;namedPipe=true;INSTANCE=WEBGOAT | ||||||
|  | SET DatabaseUser=webgoat | ||||||
|  | SET DtabasePassword=_webgoat | ||||||
|  |  | ||||||
|  | delete .\tomcat\conf\server.xml | ||||||
|  | copy .\tomcat\conf\server_80.xml .\tomcat\conf\server.xml | ||||||
|  |  | ||||||
|  | @REM Run tomcat: must have quotes incase var has spaces in it | ||||||
|  | call "%CATALINA_HOME%\bin\startup.bat" start | ||||||
|  |  | ||||||
|  | echo  | ||||||
|  | echo If the Tomcat DOS shell quit immediately, it is likely that  | ||||||
|  | echo there is another service listening on port 80. | ||||||
|  | echo | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
							
								
								
									
										25
									
								
								webgoat.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								webgoat.bat
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,25 @@ | |||||||
|  | @echo on | ||||||
|  |  | ||||||
|  |  | ||||||
|  | @REM Clear the lib env var as it can hose tomcat | ||||||
|  | SET lib=  | ||||||
|  |  | ||||||
|  | @REM Make sure the webgoat DB is writable | ||||||
|  | attrib -R .\tomcat\webapps\WebGoat\database\*.* | ||||||
|  |  | ||||||
|  | @REM Set env vars for tomcat and java, use PWD as some machines don't have | ||||||
|  | @REM \. on their path | ||||||
|  | set PWD=%cd% | ||||||
|  | set CATALINA_HOME=%PWD%\tomcat | ||||||
|  | set JAVA_HOME=%PWD%\java | ||||||
|  |  | ||||||
|  | delete .\tomcat\conf\server.xml | ||||||
|  | copy .\tomcat\conf\server_80.xml .\tomcat\conf\server.xml | ||||||
|  |  | ||||||
|  | @REM Run tomcat: must have quotes incase var has spaces in it | ||||||
|  | call "%CATALINA_HOME%\bin\startup.bat" start | ||||||
|  |  | ||||||
|  | echo  | ||||||
|  | echo If the Tomcat DOS shell quit immediately, it is likely that  | ||||||
|  | echo there is another service listening on port 80. | ||||||
|  | echo | ||||||
							
								
								
									
										60
									
								
								webgoat.sh
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										60
									
								
								webgoat.sh
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,60 @@ | |||||||
|  | #! /bin/sh | ||||||
|  |  | ||||||
|  | SYSTEM=`uname -s` | ||||||
|  | CATALINA_HOME=./tomcat | ||||||
|  | PATH=${PATH}:./tomcat/bin | ||||||
|  | export CATALINA_HOME PATH | ||||||
|  |  | ||||||
|  | chmod +x ./$CATALINA_HOME/bin/*.sh | ||||||
|  | if [ $SYSTEM = "Darwin" ]; then | ||||||
|  |         JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/1.5/Home | ||||||
|  |         export JAVA_HOME | ||||||
|  |  | ||||||
|  | else | ||||||
|  |  | ||||||
|  | is_java_1dot5() { | ||||||
|  |         if [ "X$JAVA_HOME" != "X" -a -d $JAVA_HOME ]; then | ||||||
|  |                 $JAVA_HOME/bin/java -version 2>&1 | grep 'version \"1.5' >/dev/null | ||||||
|  |                 if [ $? -ne 0 ]; then | ||||||
|  |                         echo "The JVM in \$JAVA_HOME isn't version 1.5." | ||||||
|  |                         exit 1 | ||||||
|  |                 fi | ||||||
|  |         else | ||||||
|  |                 echo "Please set JAVA_HOME to a Java 1.5 JDK install" | ||||||
|  |                 exit 1 | ||||||
|  |         fi | ||||||
|  | } | ||||||
|  |  | ||||||
|  | is_java_1dot5 | ||||||
|  |  | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | case "$1" in | ||||||
|  | 	start80) | ||||||
|  | 		cp -f $CATALINA_HOME/conf/server_80.xml $CATALINA_HOME/conf/server.xml  | ||||||
|  | 		$CATALINA_HOME/bin/startup.sh | ||||||
|  | 		printf "\n  Open http://127.0.0.1/WebGoat/attack" | ||||||
|  | 		printf "\n  Username: guest" | ||||||
|  | 		printf "\n  Password: guest" | ||||||
|  | 		printf "\n  Or try http://guest:guest@127.0.0.1/WebGoat/attack \n\n\r" | ||||||
|  | 		sleep 2 | ||||||
|  | 		tail -f $CATALINA_HOME/logs/catalina.out | ||||||
|  | 	;; | ||||||
|  | 	start8080) | ||||||
|  | 		cp -f $CATALINA_HOME/conf/server_8080.xml $CATALINA_HOME/conf/server.xml  | ||||||
|  | 		$CATALINA_HOME/bin/startup.sh | ||||||
|  | 		printf "\n  Open http://127.0.0.1:8080/WebGoat/attack" | ||||||
|  | 		printf "\n  Username: guest" | ||||||
|  | 		printf "\n  Password: guest" | ||||||
|  | 		printf "\n  Or try http://guest:guest@127.0.0.1:8080/WebGoat/attack \n\n\r" | ||||||
|  | 		sleep 2 | ||||||
|  | 		tail -f $CATALINA_HOME/logs/catalina.out | ||||||
|  | 	;; | ||||||
|  | 	stop) | ||||||
|  | 		$CATALINA_HOME/bin/shutdown.sh | ||||||
|  | 	;; | ||||||
|  | 	*) | ||||||
|  | 		echo $"Usage: $prog {start8080|start80|stop}" | ||||||
|  | 		exit 1 | ||||||
|  | 	;; | ||||||
|  | esac | ||||||
							
								
								
									
										25
									
								
								webgoat_8080.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								webgoat_8080.bat
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,25 @@ | |||||||
|  | @echo on | ||||||
|  |  | ||||||
|  |  | ||||||
|  | @REM Clear the lib env var as it can hose tomcat | ||||||
|  | SET lib=  | ||||||
|  |  | ||||||
|  | @REM Make sure the webgoat DB is writable | ||||||
|  | attrib -R .\tomcat\webapps\WebGoat\database\*.* | ||||||
|  |  | ||||||
|  | @REM Set env vars for tomcat and java, use PWD as some machines don't have | ||||||
|  | @REM \. on their path | ||||||
|  | set PWD=%cd% | ||||||
|  | set CATALINA_HOME=%PWD%\tomcat | ||||||
|  | set JAVA_HOME=%PWD%\java | ||||||
|  |  | ||||||
|  | delete .\tomcat\conf\server.xml | ||||||
|  | copy .\tomcat\conf\server_8080.xml .\tomcat\conf\server.xml | ||||||
|  |  | ||||||
|  | @REM Run tomcat: must have quotes incase var has spaces in it | ||||||
|  | call "%CATALINA_HOME%\bin\startup.bat" start | ||||||
|  |  | ||||||
|  | echo  | ||||||
|  | echo If the Tomcat DOS shell quit immediately, it is likely that  | ||||||
|  | echo there is another service listening on port 80. | ||||||
|  | echo | ||||||
							
								
								
									
										7
									
								
								webscarab.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								webscarab.bat
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,7 @@ | |||||||
|  | @echo off | ||||||
|  |  | ||||||
|  |  | ||||||
|  | @REM Run webscarab | ||||||
|  | @REM    - Assumes webscarab.properties file is in webscarab directory | ||||||
|  | cd webscarab | ||||||
|  | ..\java\bin\javaw -Duser.home=.\ -jar webscarab.jar | ||||||
		Reference in New Issue
	
	Block a user