dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adjust lesson template (#704)

Browse Source 
* Remove method `getId()` from all lessons as it defaults to the class name

* remove clean up endpoint

* remove unused class `RequestParameter`

* remove unused class `PluginLoadingFailure`

* Move `CourseConfiguration` to lesson package

* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat

* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`

* Put original solution back as well for SQL string injection

* review comments

* Add
This commit is contained in:
Nanne Baars
2019-11-17 13:39:56 +01:00
committed by René Zubcevic
parent f40b6ffd31
commit 5dd6b31905
139 changed files with 769 additions and 870 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
webgoat-lessons/webwolf-introduction/src/main/java/org/owasp/webgoat/webwolf_introduction/LandingAssignment.java
View File

@ -50,9 +50,9 @@ public class LandingAssignment extends AssignmentEndpoint {
@ResponseBody
public AttackResult click(String uniqueCode) {
if (StringUtils.reverse(getWebSession().getUserName()).equals(uniqueCode)) {
return trackProgress(success().build());
return success(this).build();
}
return failed().feedback("webwolf.landing_wrong").build();
return failed(this).feedback("webwolf.landing_wrong").build();
}

13
webgoat-lessons/webwolf-introduction/src/main/java/org/owasp/webgoat/webwolf_introduction/MailAssignment.java
View File

@ -24,7 +24,6 @@ package org.owasp.webgoat.webwolf_introduction;
import org.apache.commons.lang3.StringUtils;
import org.owasp.webgoat.assignments.AssignmentEndpoint;
import org.owasp.webgoat.assignments.AssignmentPath;
import org.owasp.webgoat.assignments.AttackResult;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.PostMapping;
@ -34,8 +33,6 @@ import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
import java.time.LocalDateTime;
/**
* @author nbaars
* @since 8/20/17.
@ -65,11 +62,11 @@ public class MailAssignment extends AssignmentEndpoint {
try {
restTemplate.postForEntity(webWolfURL, mailEvent, Object.class);
} catch (RestClientException e ) {
return informationMessage().feedback("webwolf.email_failed").output(e.getMessage()).build();
return informationMessage(this).feedback("webwolf.email_failed").output(e.getMessage()).build();
}
return informationMessage().feedback("webwolf.email_send").feedbackArgs(email).build();
return informationMessage(this).feedback("webwolf.email_send").feedbackArgs(email).build();
} else {
return informationMessage().feedback("webwolf.email_mismatch").feedbackArgs(username).build();
return informationMessage(this).feedback("webwolf.email_mismatch").feedbackArgs(username).build();
}
}
@ -77,9 +74,9 @@ public class MailAssignment extends AssignmentEndpoint {
@ResponseBody
public AttackResult completed(@RequestParam String uniqueCode) {
if (uniqueCode.equals(StringUtils.reverse(getWebSession().getUserName()))) {
return trackProgress(success().build());
return success(this).build();
} else {
return trackProgress(failed().feedbackArgs("webwolf.code_incorrect").feedbackArgs(uniqueCode).build());
return failed(this).feedbackArgs("webwolf.code_incorrect").feedbackArgs(uniqueCode).build();
}
}
}

4
webgoat-lessons/webwolf-introduction/src/main/java/org/owasp/webgoat/webwolf_introduction/WebWolfIntroduction.java
View File

@ -38,8 +38,4 @@ public class WebWolfIntroduction extends Lesson {
return "webwolf.title";
}
@Override
public String getId() {
return "WebWolfIntroduction";
}
}