dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Hints added

Browse Source 
* Solutions added
* Bugfixes
* Introduction added (including how to start with webgoat and useful tools)
* New lesson: Password strength
* New lessons: Multi Level Login
* Not yet working new lesson: Session fixation (inital release)

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@301 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel
2008-04-07 14:28:38 +00:00
parent 84f01ba70a
commit 5d930ec235
137 changed files with 4230 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
main/project/WebContent/lesson_solutions/StoredXss.html
View File

@ -651,9 +651,9 @@ style='font-family:"Arial","sans-serif"'>Solution:<o:p></o:p></span></b></p>
<p class=MsoNormal><b style='mso-bidi-font-weight:normal'><span
style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></b></p>
<p class=MsoNormal>Enter this: &lt;script language=<EFBFBD>javascript<EFBFBD>
type=<EFBFBD>text/javascript<EFBFBD>&gt;alert(<EFBFBD>Ha Ha Ha<EFBFBD>);&lt;/script&gt; in the message text
box.</p>
<p class=MsoNormal>Enter this: &lt;script language="javascript"
type="text/javascript"&gt;alert("Ha Ha Ha");&lt;/script&gt; in the message text
box.<br><br></p>
<p class=MsoNormal style='page-break-after:avoid'><span style='font-family:
"Arial","sans-serif";mso-no-proof:yes'><!--[if gte vml 1]><v:shape id="Picture_x0020_1340"
@ -683,9 +683,15 @@ src="/WebGoat/lesson_solutions/StoredXSS_files/image009.jpg" v:shapes="Picture_x
field-begin'></span><span style='mso-spacerun:yes'><3E></span>SEQ Figure \* ARABIC
<span style='mso-element:field-separator'></span><![endif]--><span
style='mso-no-proof:yes'>3</span><!--[if supportFields]><span style='mso-element:
field-end'></span><![endif]--> Lesson 14 Completed<span style='font-family:
field-end'></span><![endif]--> Lesson 14 nearly completed<span style='font-family:
"Arial","sans-serif"'><o:p></o:p></span></p>
<p class=MsoNormal><o:p>&nbsp;</o:p></p>
<p class=MsoNormal>Now enter this:<font color="ff0000"> &lt;script language="javascript"
type="text/javascript"&gt;alert(document.cookie);&lt;/script&gt;</font> in the message text
box. You will get your SessionId in a popup.<br><br></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>
<p class=MsoNormal><o:p>&nbsp;</o:p></p>