dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added Buffer Overflow lesson, added and updated solutions, fixed errors in lessons preventing them from being completed correctly

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@436 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
x71c4l@gmail.com
2011-08-12 03:00:27 +00:00
parent be8b4311e0
commit 4059bb5d33
110 changed files with 2590 additions and 1116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/main/webapp/lesson_plans/English/HttpSplitting.html
View File

@ -30,5 +30,6 @@ Date: Fri, 30 Dec 2005 17:32:47 GMT</blockquote>
<!-- Start Instructions -->
<p>This lesson has two stages. Stage 1 teaches you how to do HTTP Splitting attacks while stage 2 builds on that to teach you how to elevate HTTP Splitting to Cache Poisoning.</p>
<p>Enter a language for the system to search by. You will notice that the application is redirecting your request to another resource on the server. You should be able to use the CR (%0d) and LF (%0a) characters to exploit the attack. Your goal should be to force the server to send a 200 OK. If the screen changed as an effect to your attack, just go back to the homepage. After stage 2 is exploited successfully, you will find the green check in the left menu.</p>
<p>You may find the <a href="http://yehg.net/encoding/">PHP Charset Encoder</a> useful. The Encode and DecodeURIComponent buttons translate CR and LF.</p>
<!-- Stop Instructions -->