dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Hints added

Browse Source 
* Solutions added
* Bugfixes
* Introduction added (including how to start with webgoat and useful tools)
* New lesson: Password strength
* New lessons: Multi Level Login
* Not yet working new lesson: Session fixation (inital release)

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@301 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel
2008-04-07 14:28:38 +00:00
parent 84f01ba70a
commit 5d930ec235
137 changed files with 4230 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
main/project/WebContent/lesson_solutions/WeakAuthenticationCookie.html
View File

@ -645,8 +645,8 @@ should be able to bypass the authentication check.<o:p></o:p></span></p>
<p class=MsoNormal><o:p>&nbsp;</o:p></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>Make sure
that you have <EFBFBD>Show Cookies<EFBFBD> enabled in WebGoat. And you need to disable the
feature <EFBFBD>Inject know cookies into requests<EFBFBD> in WebScarab otherwise WebScarab
that you have "Show Cookies" enabled in WebGoat. And you need to disable the
feature "Inject know cookies into requests" in WebScarab otherwise WebScarab
will always inject your old cookie and not the new cookie.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>
@ -726,7 +726,7 @@ field-end'></span><![endif]--> Logged on as webgoat</p>
<p class=MsoNormal><o:p>&nbsp;</o:p></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>Hit
<EFBFBD>Refresh<EFBFBD>. This refresh will show our AuthCookie. And you are now authenticated
"Refresh". This refresh will show our AuthCookie. And you are now authenticated
using this cookie and not with parameters like above.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>
@ -782,7 +782,7 @@ field-end'></span><![endif]--> Logged on as aspect<span style='font-family:
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>Hit <EFBFBD>Refresh<EFBFBD>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>Hit "Refresh"
to see the new cookie.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>