Modified all "Aspect" lessons to include the Aspect logo. The logo links to http://aspectsecurity.com. Moved the "OWASP" logo and added an Aspect logo on the main.jsp page. Adjusted the padding of the "warning" text to prevent "Start" button overlap.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@112 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
esheri3
parent
e735aea7b0
commit
6dc383b7b4
@ -5,6 +5,8 @@ import java.util.List;
|
||||
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.P;
|
||||
import org.owasp.webgoat.session.ECSFactory;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
@ -44,7 +46,8 @@ import org.owasp.webgoat.session.WebSession;
|
||||
|
||||
public class AccessControlMatrix extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
private final static String RESOURCE = "Resource";
|
||||
|
||||
private final static String USER = "User";
|
||||
@ -253,4 +256,9 @@ public class AccessControlMatrix extends LessonAdapter
|
||||
List resources = getResources(roles);
|
||||
return (resources.contains(resource));
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@ import java.util.Map;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.owasp.webgoat.lessons.AbstractLesson;
|
||||
import org.owasp.webgoat.lessons.Category;
|
||||
import org.owasp.webgoat.lessons.LessonAdapter;
|
||||
@ -59,7 +60,7 @@ import org.owasp.webgoat.session.WebSession;
|
||||
*/
|
||||
public class CrossSiteScripting extends LessonAdapter
|
||||
{
|
||||
public final static IMG ASPECT_LOGO = new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0);
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
public final static String DESCRIPTION = "description";
|
||||
|
||||
|
||||
@ -22,7 +22,9 @@ import javax.crypto.spec.PBEParameterSpec;
|
||||
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.B;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.Input;
|
||||
import org.apache.ecs.html.P;
|
||||
import org.apache.ecs.html.TD;
|
||||
@ -68,7 +70,8 @@ import org.owasp.webgoat.util.HtmlEncoder;
|
||||
|
||||
public class Encoding extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
private final static String INPUT = "input";
|
||||
|
||||
private final static String KEY = "key";
|
||||
@ -1033,4 +1036,9 @@ public class Encoding extends LessonAdapter
|
||||
i2e.put( entities[i][1], entities[i][0] );
|
||||
}
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,6 +4,8 @@ import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
|
||||
/*******************************************************************************
|
||||
@ -40,7 +42,8 @@ import org.owasp.webgoat.session.WebSession;
|
||||
*/
|
||||
public class FailOpenAuthentication extends WeakAuthenticationCookie
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
/**
|
||||
* Description of the Method
|
||||
*
|
||||
@ -182,4 +185,9 @@ public class FailOpenAuthentication extends WeakAuthenticationCookie
|
||||
{
|
||||
return ("How to Bypass a Fail Open Authentication Scheme");
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,6 +7,7 @@ import java.util.HashMap;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.B;
|
||||
import org.apache.ecs.html.BR;
|
||||
import org.apache.ecs.html.H1;
|
||||
@ -55,7 +56,7 @@ import org.owasp.webgoat.session.WebSession;
|
||||
public class ForgotPassword extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static IMG ASPECT_LOGO = new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0);
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
private final static String USERNAME = "Username";
|
||||
|
||||
|
||||
@ -5,10 +5,12 @@ import java.util.List;
|
||||
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.B;
|
||||
import org.apache.ecs.html.BR;
|
||||
import org.apache.ecs.html.Center;
|
||||
import org.apache.ecs.html.H1;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.Input;
|
||||
import org.apache.ecs.html.P;
|
||||
import org.apache.ecs.html.TD;
|
||||
@ -52,7 +54,8 @@ import org.owasp.webgoat.session.WebSession;
|
||||
*/
|
||||
public class HiddenFieldTampering extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
private final static String PRICE = "Price";
|
||||
|
||||
private final static String PRICE_TV = "2999.99";
|
||||
@ -227,4 +230,9 @@ public class HiddenFieldTampering extends LessonAdapter
|
||||
{
|
||||
return ("How to Exploit Hidden Fields");
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -6,9 +6,11 @@ import java.util.List;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.B;
|
||||
import org.apache.ecs.html.Comment;
|
||||
import org.apache.ecs.html.H1;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.Input;
|
||||
import org.apache.ecs.html.P;
|
||||
import org.apache.ecs.html.TD;
|
||||
@ -53,7 +55,8 @@ import org.owasp.webgoat.session.WebSession;
|
||||
*/
|
||||
public class HtmlClues extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
/**
|
||||
* Description of the Field
|
||||
*/
|
||||
@ -249,4 +252,9 @@ public class HtmlClues extends LessonAdapter
|
||||
{
|
||||
return ("How to Discover Clues in the HTML");
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletResponse;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.Form;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.Input;
|
||||
@ -50,7 +51,7 @@ import sun.misc.BASE64Encoder;
|
||||
*/
|
||||
public class HttpOnly extends LessonAdapter {
|
||||
|
||||
public final static IMG ASPECT_LOGO = new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0);
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
private final static Integer DEFAULT_RANKING = new Integer(125);
|
||||
|
||||
|
||||
@ -7,7 +7,9 @@ import java.util.regex.Pattern;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.Div;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.Input;
|
||||
import org.apache.ecs.html.P;
|
||||
import org.apache.ecs.html.TextArea;
|
||||
@ -49,7 +51,8 @@ import org.owasp.webgoat.session.WebSession;
|
||||
|
||||
public class JavaScriptValidation extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
/**
|
||||
* Description of the Method
|
||||
*
|
||||
@ -322,4 +325,9 @@ public class JavaScriptValidation extends LessonAdapter
|
||||
{
|
||||
return ("How to Bypass Client Side JavaScript Validation");
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,6 +9,7 @@ import java.util.Map;
|
||||
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.owasp.webgoat.lessons.AbstractLesson;
|
||||
import org.owasp.webgoat.lessons.Category;
|
||||
@ -52,7 +53,7 @@ import org.owasp.webgoat.session.WebSession;
|
||||
*/
|
||||
public class RoleBasedAccessControl extends LessonAdapter
|
||||
{
|
||||
public final static IMG ASPECT_LOGO = new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0);
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
public final static String DESCRIPTION = "description";
|
||||
|
||||
|
||||
@ -9,6 +9,7 @@ import java.util.Map;
|
||||
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.owasp.webgoat.lessons.AbstractLesson;
|
||||
import org.owasp.webgoat.lessons.Category;
|
||||
@ -58,7 +59,7 @@ import org.owasp.webgoat.session.WebSession;
|
||||
*/
|
||||
public class SQLInjection extends LessonAdapter
|
||||
{
|
||||
public final static IMG ASPECT_LOGO = new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0);
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
public final static String DESCRIPTION = "description";
|
||||
|
||||
|
||||
@ -9,8 +9,10 @@ import java.util.List;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.Input;
|
||||
import org.apache.ecs.html.P;
|
||||
import org.apache.ecs.html.A;
|
||||
|
||||
import org.owasp.webgoat.session.*;
|
||||
|
||||
@ -48,7 +50,8 @@ import org.owasp.webgoat.session.*;
|
||||
*/
|
||||
public class ThreadSafetyProblem extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
private final static String USER_NAME = "username";
|
||||
|
||||
private Connection connection = null;
|
||||
@ -214,4 +217,9 @@ public class ThreadSafetyProblem extends LessonAdapter
|
||||
e.printStackTrace(System.out);
|
||||
}
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -6,8 +6,10 @@ import javax.servlet.http.Cookie;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.B;
|
||||
import org.apache.ecs.html.H1;
|
||||
import org.apache.ecs.html.IMG;
|
||||
import org.apache.ecs.html.Input;
|
||||
import org.apache.ecs.html.P;
|
||||
import org.apache.ecs.html.TD;
|
||||
@ -50,7 +52,8 @@ import org.owasp.webgoat.session.*;
|
||||
*/
|
||||
public class WeakAuthenticationCookie extends LessonAdapter
|
||||
{
|
||||
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
|
||||
/**
|
||||
* Description of the Field
|
||||
*/
|
||||
@ -381,4 +384,9 @@ public class WeakAuthenticationCookie extends LessonAdapter
|
||||
|
||||
return (ec);
|
||||
}
|
||||
|
||||
public Element getCredits()
|
||||
{
|
||||
return super.getCustomCredits("", ASPECT_LOGO);
|
||||
}
|
||||
}
|
||||
|
||||
@ -8,6 +8,7 @@ import javax.servlet.http.Cookie;
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
import org.apache.ecs.html.A;
|
||||
import org.apache.ecs.html.B;
|
||||
import org.apache.ecs.html.H1;
|
||||
import org.apache.ecs.html.IMG;
|
||||
@ -55,7 +56,7 @@ import org.owasp.webgoat.session.WebSession;
|
||||
*/
|
||||
public class WeakSessionID extends LessonAdapter
|
||||
{
|
||||
public final static IMG ASPECT_LOGO = new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0);
|
||||
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
|
||||
/**
|
||||
* Description of the Field
|
||||
*/
|
||||
|
||||
@ -474,7 +474,7 @@ public class CreateDB
|
||||
|
||||
String insertData1 = "INSERT INTO employee VALUES (101, 'Larry', 'Stooge', '386-09-5451', 'larry',"
|
||||
+ "'Technician','443-689-0192','9175 Guilford Rd','New York, NY', 102, 01012000,55000,'2578546969853547',"
|
||||
+ "5000,010106,'Constantly harrassing coworkers','Does not work well with others')";
|
||||
+ "5000,010106,'Constantly harassing coworkers','Does not work well with others')";
|
||||
|
||||
String insertData2 = "INSERT INTO employee VALUES (102, 'Moe', 'Stooge', '936-18-4524','moe',"
|
||||
+ "'CSO','443-938-5301', '3013 AMD Ave', 'New York, NY', 112, 03082003, 140000, 'NA', 0, 0101013, "
|
||||
|
||||
@ -242,7 +242,7 @@ html>body #navBar li {}
|
||||
}
|
||||
|
||||
#start {
|
||||
height: 360px;
|
||||
height: 380px;
|
||||
width: 700px;
|
||||
padding: 10px 50px 10px 50px;
|
||||
font-size: 12px;
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 33 KiB After Width: | Height: | Size: 3.1 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 16 KiB After Width: | Height: | Size: 3.5 KiB |
@ -19,7 +19,11 @@
|
||||
The exercises are intended to provide hands on experience with application
|
||||
penetration testing techniques.</p>
|
||||
<div id="team">
|
||||
<table width="460" border="0" align="center" class="lessonText">
|
||||
<table border="0" align="center" class="lessonText">
|
||||
<tr>
|
||||
<td width="50%"><div align="center"><a href="http://www.owasp.org"><img border="0" src="images/logos/owasp.jpg" alt="OWASP Foundation" longdesc="http://www.owasp.org" /></a></div></td>
|
||||
<td width="50%"><div align="center"><a href="http://www.aspectsecurity.com"><img border="0" src="images/logos/aspect.jpg" alt="Aspect Security" longdesc="http://www.aspectsecurity.com" /></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="50%"><div align="center"><span class="style1">WebGoat Design Team </span></div></td>
|
||||
<td width="50%"><div align="center"><span class="style1">Lesson Contributers </span></div></td>
|
||||
@ -86,10 +90,6 @@
|
||||
Use of these techniques without permission could lead to
|
||||
job termination, financial liability, and/or criminal penalties.
|
||||
</div>
|
||||
<div id="bottom">
|
||||
<div align="center"><img src="images/logos/owasp.jpg" alt="OWASP Foundation" width="238" height="43" longdesc="http://www.owasp.org" /><a href="http://www.owasp.org"><br />
|
||||
Project WebGoat </a></div>
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user