dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactoring (#1201)

Browse Source 
* Some initial refactoring

* Make it one application

* Got it working

* Fix problem on Windows

* Move WebWolf

* Move first lesson

* Moved all lessons

* Fix pom.xml

* Fix tests

* Add option to initialize a lesson

This way we can create content for each user inside a lesson. The initialize method will be called when a new user is created or when a lesson reset happens

* Clean up pom.xml files

* Remove fetching labels based on language.

We only support English at the moment, all the lesson explanations are written in English which makes it very difficult to translate. If we only had labels it would make sense to support multiple languages

* Fix SonarLint issues

* And move it all to the main project

* Fix for documentation paths

* Fix pom warnings

* Remove PMD as it does not work

* Update release notes about refactoring

Update release notes about refactoring

Update release notes about refactoring

* Fix lesson template

* Update release notes

* Keep it in the same repo in Dockerhub

* Update documentation to show how the connection is obtained.

Resolves: #1180

* Rename all integration tests

* Remove command from Dockerfile

* Simplify GitHub actions

Currently, we use a separate actions for pull-requests and branch build.
This is now consolidated in one action.
The PR action triggers always, it now only trigger when the PR is
opened and not in draft.
Running all platforms on a branch build is a bit too much, it is better
 to only run all platforms when someone opens a PR.

* Remove duplicate entry from release notes

* Add explicit registry for base image

* Lesson scanner not working when fat jar

When running the fat jar we have to take into account we
are reading from the jar file and not the filesystem. In
this case you cannot use `getFile` for example.

* added info in README and fixed release docker

* changed base image and added ignore file

Co-authored-by: Zubcevic.com <rene@zubcevic.com>
This commit is contained in:
Nanne Baars
2022-04-09 14:56:12 +02:00
committed by GitHub
parent f3d8206a07
commit 711649924b
1130 changed files with 3540 additions and 7643 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/main/resources/lessons/cryptography/i18n/WebGoatLabels.properties Normal file
View File

@ -0,0 +1,32 @@
6.crypto.title=Crypto Basics
crypto-encoding.empty=Try again, did you decode it properly?
crypto-encoding.success=Congratulations. That was easy, right?
crypto-hashing.empty=Try again.
crypto-hashing.oneok=Try again. You got 1 right.
crypto-hashing.success=Congratulations. You found it!
crypto-hashing.hints.1=Guess the type of hashing from the length of the hash.
crypto-hashing.hints.2=Find a online hash database or just google on the hash itself.
crypto-signing.hints.1=Use openssl to get the public key from the private key. Apparently both private and public key information are stored.
crypto-signing.hints.2=Use the private key to sign the "modulus" value of the public key.
crypto-signing.hints.3=Actually the "modulus" of the public key is the same as the private key. You could use openssl rsa -in test.key -pubout > test.pub and then openssl rsa -in test.pub -pubin -modulus -noout or other components.
crypto-signing.hints.4=Make sure that you do not take hidden characters into account. You might want to use echo -n "00AE89..." | openssl dgst -sign somekey -sha256 ... and do not forget to base64 encode the outcome
crypto-signing.notok=The signature does not match the data (modulus)
crypto-signing.modulusnotok=The modulus is not correct
crypto-signing.success=Congratulations. You found it!
crypto-encoding-xor.empty=Try again. This is not right
crypto-encoding-xor.success=Congratulations.
crypto-encoding-xor.hints.1=Did you look for online decoders for WebSphere encoded password?
crypto-secure-defaults.hints.1=After starting the docker container enter the container using docker exec -ti _dockerid_ /bin/bash
crypto-secure-defaults.hints.2=Try to gain access to /root. Try to become user root by su -
crypto-secure-defaults.hints.3=Try to change the /etc/shadow file using docker cp
crypto-secure-defaults.success=Congratulations, you did it!
crypto-secure-defaults.messagenotok=The unencrypted message is not correct, try again. The filename of the password file is correct.
crypto-secure-defaults.notok=Try again or read some of the hints.