dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Replaced WebScarab references with OWASP ZAP in java code only

Browse Source
This commit is contained in:
Bruce Mayhew
2014-09-15 21:41:25 -04:00
parent 9bb1cb8d9c
commit 4202c12c18
8 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/org/owasp/webgoat/lessons/DBSQLInjection/DBSQLInjection.java
View File

@ -105,7 +105,7 @@ public class DBSQLInjection extends GoatHillsFinancial
+ "Remember: You need to end up with a SQL statement that only returns one row, since we are using an INTO clause");
// Stage 1
hints.add("You may need to use WebScarab to remove a field length limit to fit your attack.");
hints.add("You may need to use OWASP ZAP to remove a field length limit to fit your attack.");
hints.add("Try entering a password of [ ' OR userid=112 OR password=' ].");
// Stage 2

2
src/main/java/org/owasp/webgoat/lessons/FailOpenAuthentication.java
View File

@ -143,7 +143,7 @@ public class FailOpenAuthentication extends WeakAuthenticationCookie
hints.add("You can force errors during the authentication process.");
hints.add("You can change length, existance, or values of authentication parameters.");
hints
.add("Try removing a parameter ENTIRELY with <A href=\"http://www.owasp.org/development/webscarab\">WebScarab</A>.");
.add("Try removing a parameter ENTIRELY with <A href=\"https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project \">OWASP ZAP</A>.");
return hints;
}

2
src/main/java/org/owasp/webgoat/lessons/HttpBasics.java
View File

@ -92,7 +92,7 @@ public class HttpBasics extends LessonAdapter {
List<String> hints = new ArrayList<String>();
hints.add("Type in your name and press 'go'");
hints.add("Turn on Show Parameters or other features");
hints.add("Try to intercept the request with WebScarab");
hints.add("Try to intercept the request with OWASP ZAP");
hints.add("Press the Show Lesson Plan button to view a lesson summary");
hints.add("Press the Show Solution button to view a lesson solution");

2
src/main/java/org/owasp/webgoat/lessons/SQLInjection/SQLInjection.java
View File

@ -107,7 +107,7 @@ public class SQLInjection extends GoatHillsFinancial
+ "Try appending a SQL statement that always resolves to true");
// Stage 1
hints.add("You may need to use WebScarab to remove a field length limit to fit your attack.");
hints.add("You may need to use OWASP ZAP to remove a field length limit to fit your attack.");
hints.add("Try entering a password of [ smith' OR '1' = '1 ].");
// Stage 2

2
src/main/java/org/owasp/webgoat/lessons/WsSqlInjection.java
View File

@ -124,7 +124,7 @@ public class WsSqlInjection extends LessonAdapter
+ "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/ns1:getCreditCard&gt; <br>"
+ "&nbsp;&nbsp;&nbsp;&nbsp;&lt;/SOAP-ENV:Body&gt; <br>"
+ "&nbsp;&nbsp;&lt;/SOAP-ENV:Envelope&gt; <br>" + "");
hints.add("Use the \"Webservices\" Functions in WebScarab.");
hints.add("Use the \"Webservices\" Functions in OWASP ZAP.");
/*
* "&lt;?xml version=\"1.0\" encoding=\"UTF-8\"?&gt; <br>" + " &lt;SOAP-ENV:Envelope
* xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" <br>" + "