Added a hint in log spoofing instructions for the user to add a script in the log file

git-svn-id: http://webgoat.googlecode.com/svn/trunk@41 4033779f-a91e-0410-96ef-6bf7bf53c507
2006-12-23 00:39:18 +00:00
parent 7acbacbe61
commit 67497f0919
1 changed files with 1 additions and 0 deletions
--- a/webgoat/main/project/WebContent/lesson_plans/LogSpoofing.html
+++ b/webgoat/main/project/WebContent/lesson_plans/LogSpoofing.html
@ -16,4 +16,5 @@ using this attack.
 <!-- Start Instructions -->
 * The grey area below represents what is going to be logged in the web server's log file.<br>
 * Your goal is to make it like a username "admin" has succeeded into logging in.
+* Also, you can elevate your attack by adding a script to the log file.
 <!-- Stop Instructions -->