Merge tag 'v8.0.0.M22' into develop

v8.0.0.M22
2019-01-18 08:39:19 +01:00 · 2019-01-18 08:39:19 +01:00 · 5d5ba53473
commit 5d5ba53473
parent b0e3a06b50 7b8e3cdb52
27 changed files with 29 additions and 29 deletions
--- a/pom.xml
+++ b/pom.xml
@ -6,7 +6,7 @@
    <groupId>org.owasp.webgoat</groupId>
    <artifactId>webgoat-parent</artifactId>
    <packaging>pom</packaging>
-    <version>v8.0.0-SNAPSHOT</version>
+    <version>v8.0.0.M22</version>
    <name>WebGoat Parent Pom</name>
    <description>Parent Pom for the WebGoat Project. A deliberately insecure Web Application</description>
--- a/webgoat-container/pom.xml
+++ b/webgoat-container/pom.xml
@ -10,7 +10,7 @@
    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <profiles>
--- a/webgoat-lessons/auth-bypass/pom.xml
+++ b/webgoat-lessons/auth-bypass/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/bypass-restrictions/pom.xml
+++ b/webgoat-lessons/bypass-restrictions/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/challenge/pom.xml
+++ b/webgoat-lessons/challenge/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
--- a/webgoat-lessons/client-side-filtering/pom.xml
+++ b/webgoat-lessons/client-side-filtering/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/cross-site-scripting/pom.xml
+++ b/webgoat-lessons/cross-site-scripting/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <build>
       <plugins>
--- a/webgoat-lessons/csrf/pom.xml
+++ b/webgoat-lessons/csrf/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/html-tampering/pom.xml
+++ b/webgoat-lessons/html-tampering/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
--- a/webgoat-lessons/http-basics/pom.xml
+++ b/webgoat-lessons/http-basics/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/http-proxies/pom.xml
+++ b/webgoat-lessons/http-proxies/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
--- a/webgoat-lessons/idor/pom.xml
+++ b/webgoat-lessons/idor/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/insecure-deserialization/pom.xml
+++ b/webgoat-lessons/insecure-deserialization/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
--- a/webgoat-lessons/insecure-login/pom.xml
+++ b/webgoat-lessons/insecure-login/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
--- a/webgoat-lessons/jwt/pom.xml
+++ b/webgoat-lessons/jwt/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
--- a/webgoat-lessons/missing-function-ac/pom.xml
+++ b/webgoat-lessons/missing-function-ac/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/password-reset/pom.xml
+++ b/webgoat-lessons/password-reset/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
--- a/webgoat-lessons/pom.xml
+++ b/webgoat-lessons/pom.xml
@ -5,12 +5,12 @@
    <groupId>org.owasp.webgoat.lesson</groupId>
    <artifactId>webgoat-lessons-parent</artifactId>
    <packaging>pom</packaging>
-    <version>v8.0.0-SNAPSHOT</version>
+    <version>v8.0.0.M22</version>
    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <modules>
--- a/webgoat-lessons/sql-injection/pom.xml
+++ b/webgoat-lessons/sql-injection/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson12a.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson12a.java
@ -33,7 +33,7 @@ public class SqlInjectionLesson12a extends AssignmentEndpoint {
    @SneakyThrows
    public AttackResult completed(@RequestParam String ip) {
        Connection connection = DatabaseUtilities.getConnection(webSession);
-        PreparedStatement preparedStatement = connection.prepareStatement("select ip from servers where ip = ?");
+        PreparedStatement preparedStatement = connection.prepareStatement("select ip from servers where hostname = 'webgoat-prd' and ip = ?");
        preparedStatement.setString(1, ip);
        ResultSet resultSet = preparedStatement.executeQuery();
        if (resultSet.next()) {
--- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_content9.adoc
+++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_content9.adoc
@ -11,7 +11,7 @@ PreparedStatement ps = null;
 RecordSet rs = null;
 try {
    pUserName = request.getParameter("UserName");
-    if ( isUsernameValid (pUsername);
+    if ( isUsernameValid (pUsername) ) {
        ps = conn.prepareStatement("SELECT * FROM user_table 
                                   WHERE username = ? ");
        ps.setString(1, pUsername);
@ -22,4 +22,4 @@ try {
    } else { // handle invalid input }
 }
 catch (…) { // handle all exceptions … }
----
+----
--- a/webgoat-lessons/vulnerable-components/pom.xml
+++ b/webgoat-lessons/vulnerable-components/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
        <dependency>
--- a/webgoat-lessons/webgoat-introduction/pom.xml
+++ b/webgoat-lessons/webgoat-introduction/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/webwolf-introduction/pom.xml
+++ b/webgoat-lessons/webwolf-introduction/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
 </project>
--- a/webgoat-lessons/xxe/pom.xml
+++ b/webgoat-lessons/xxe/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>
--- a/webgoat-server/pom.xml
+++ b/webgoat-server/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <properties>
--- a/webwolf/pom.xml
+++ b/webwolf/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>v8.0.0-SNAPSHOT</version>
+        <version>v8.0.0.M22</version>
    </parent>
    <dependencies>