dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

General cleanup of lesson, removed sub credit from csrf lesson, add cam credit as lesson contributor

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@409 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64@gmail.com
2009-11-09 01:49:41 +00:00
parent c35169291b
commit 5394b0d8a1
3 changed files with 7 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/java/org/owasp/webgoat/lessons/CsrfPromptByPass.java
View File

@ -1,10 +1,6 @@
package org.owasp.webgoat.lessons;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;
@ -18,16 +14,7 @@ import org.apache.ecs.html.B;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.H1;
import org.apache.ecs.html.HR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.P;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
import org.apache.ecs.html.TextArea;
import org.owasp.webgoat.session.DatabaseUtilities;
import org.owasp.webgoat.session.ECSFactory;
import org.owasp.webgoat.session.WebSession;
import org.owasp.webgoat.util.HtmlEncoder;
@ -193,8 +180,6 @@ public class CsrfPromptByPass extends CSRF
ElementContainer credits = new ElementContainer();
credits.addElement(new StringElement("Contributed by "));
credits.addElement(partnet);
credits.addElement(new BR());
credits.addElement(new StringElement("Derived from Sherif Koussa's CSRF Lesson"));
return credits;
}
}

16
src/main/java/org/owasp/webgoat/lessons/CsrfTokenByPass.java
View File

@ -2,10 +2,6 @@
package org.owasp.webgoat.lessons;
import java.security.SecureRandom;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;
import java.util.Random;
@ -20,17 +16,7 @@ import org.apache.ecs.html.B;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.H1;
import org.apache.ecs.html.H2;
import org.apache.ecs.html.HR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.P;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
import org.apache.ecs.html.TextArea;
import org.owasp.webgoat.session.DatabaseUtilities;
import org.owasp.webgoat.session.ECSFactory;
import org.owasp.webgoat.session.WebSession;
import org.owasp.webgoat.util.HtmlEncoder;
@ -174,8 +160,6 @@ public class CsrfTokenByPass extends CsrfPromptByPass
ElementContainer credits = new ElementContainer();
credits.addElement(new StringElement("Contributed by "));
credits.addElement(partnet);
credits.addElement(new BR());
credits.addElement(new StringElement("Derived from Sherif Koussa's CSRF Lesson"));
return credits;
}
}

16
src/main/webapp/webgoat.jsp
View File

@ -23,7 +23,6 @@ The exercises are intended to provide hands on experience with
application penetration testing techniques. </p>
<p>The WebGoat project is lead
by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatContext().getFeedbackAddress()%>.</p>
<p>Thanks to <a href="http://www.ouncelabs.com"><img align="top" height="20" width="160" border = "0" src="images/logos/ounce.jpg" alt="Ounce Labs"/></a> for supporting Bruce on the WebGoat Project.</p>
<div id="team">
<table border="0" align="center" class="lessonText">
@ -46,7 +45,7 @@ by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatCo
</td>
<td width="50%">
<div align="center"><span class="style1"><br />
Lesson Contributers </span></div>
V5.3 Lesson Contributers </span></div>
</td>
</tr>
<tr>
@ -57,9 +56,8 @@ by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatCo
<div align="center" class="style2">Laurence Casey (Graphics)</div>
</td>
<td valign="top">
<div align="center" class="style2">Aspect Security</div>
<div align="center" class="style2">Sherif Koussa</div>
<div align="center" class="style2">Romain Brechet</div>
<div align="center" class="style2">Chuck Willis</div>
<div align="center" class="style2">Cam Morris</div>
<div align="center" class="style2"></div>
</td>
@ -67,7 +65,7 @@ by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatCo
<tr>
<td height="25" valign="bottom">
<div align="center"><span class="style1">Special Thanks
for V5.2</span></div>
for V5.3</span></div>
</td>
<td height="25" valign="bottom">
<div align="center"><span class="style1">Documentation
@ -76,8 +74,8 @@ by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatCo
</tr>
<tr>
<td>
<div align="center" class="style2">Reto Lippuner</div>
<div align="center" class="style2">Marcel Wirth </div>
<div align="center" class="style2">Christine (Maven)</div>
<div align="center" class="style2">Marek Jawurek (Internationalization)</div>
<br/><div align="center" class="style2">To all who have sent comments</div>
</td>
@ -111,7 +109,7 @@ by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatCo
<div align="center" class="style2">&nbsp;</div>
<div id="warning">WARNING<br />
While running this program, your machine is extremely vulnerable to
attack. You should disconnect from the network while using this program.
attack if you are not running on localhost. If tou are NOT running on localhost (default configuration), You should disconnect from the network while using this program.
<br />
<br />
This program is for educational purposes only. Use of these techniques