renamed JavaSource -> java, WebContent -> webapp regarding to Maven convention
git-svn-id: http://webgoat.googlecode.com/svn/trunk@392 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
webgoat/main/project
build.xmlmain.jspsideWindow.jsp
java
WebGoatLabels_english.propertiesWebGoatLabels_german.properties
org
owasp
webgoat
Catcher.javaHammerHead.javaLessonSource.java
lessons
AbstractLesson.javaAccessControlMatrix.javaBackDoors.javaBasicAuthentication.javaBlindNumericSqlInjection.javaBlindScript.javaBlindStringSqlInjection.javaBufferOverflow.javaBypassHtmlFieldRestrictions.javaCSRF.javaCategory.javaChallenge2Screen.java
ClientSideFiltering
ClientSideValidation.javaCommandInjection.javaConcurrencyCart.javaCrossSiteScripting
CsrfPromptByPass.javaCsrfTokenByPass.javaDBCrossSiteScripting
DBSQLInjection
DOMInjection.javaDOMXSS.javaDOS_Login.javaDangerousEval.javaEncoding.javaFailOpenAuthentication.javaForcedBrowsing.javaForgotPassword.javaGoatHillsFinancial
DefaultLessonAction.javaDeleteProfile.javaEditProfile.javaFindProfile.javaGoatHillsFinancial.javaLessonAction.javaListStaff.javaLogin.javaLogout.javaSearchStaff.javaUpdateProfile.javaViewProfile.java
HiddenFieldTampering.javaHowToWork.javaHtmlClues.javaHttpBasics.javaHttpOnly.javaHttpSplitting.javaInsecureLogin.javaJSONInjection.javaJavaScriptValidation.javaLessonAdapter.javaLogSpoofing.javaMaliciousFileExecution.javaMultiLevelLogin1.javaMultiLevelLogin2.javaNewLesson.javaPasswordStrength.javaPathBasedAccessControl.javaPhishing.javaRandomLessonAdapter.javaReflectedXSS.javaRemoteAdminFlaw.javaRoleBasedAccessControl
SQLInjection
SameOriginPolicyProtection.javaSequentialLessonAdapter.javaSessionFixation.javaSilentTransactions.javaSoapRequest.javaSqlAddData.javaSqlModifyData.javaSqlNumericInjection.javaSqlStringInjection.javaStoredXss.javaThreadSafetyProblem.javaTomcatSetup.javaTraceXSS.javaUncheckedEmail.javaUsefulTools.javaWSDLScanning.javaWeakAuthenticationCookie.javaWeakSessionID.javaWelcomeScreen.javaWsSAXInjection.javaWsSqlInjection.javaXMLInjection.javaXPATHInjection.javaadmin
AdminScreen.javaProductsAdminScreen.javaRefreshDBScreen.javaReportCardScreen.javaSummaryReportCardScreen.javaUserAdminScreen.javaViewDatabase.javaWelcomeAdminScreen.java
instructor
CrossSiteScripting
DBCrossSiteScripting
DBSQLInjection
RoleBasedAccessControl
DeleteProfile_i.javaEditProfile_i.javaRoleBasedAccessControl_i.javaUpdateProfile_i.javaViewProfile_i.java
SQLInjection
servlets
session
Authorization.javaCourse.javaCreateDB.javaDatabaseUtilities.javaECSFactory.javaEmployee.javaEmployeeStub.javaErrorScreen.javaLessonSession.javaLessonTracker.javaParameter.javaParameterNotFoundException.javaParameterParser.javaRandomLessonTracker.javaScreen.javaSequentialLessonTracker.javaUnauthenticatedException.javaUnauthorizedException.javaUserTracker.javaValidationException.javaWebSession.javaWebgoatContext.javaWebgoatProperties.java
util
webapp
META-INF
WEB-INF
lib
activation-1.1.jaraxis-1.2.jaraxis-ant-1.2.jaraxis-jaxrpc-1.2.jaraxis-saaj-1.2.jarcatalina.jarcommons-collections-3.1.jarcommons-digester-1.4.1.jarcommons-discovery-0.2.jarcommons-fileupload-1.2.1.jarcommons-io-1.4.jarcommons-logging-1.0.4.jardependencies.txtdsn-1.4.2.jarecs-1.4.2.jarhsqldb-1.8.0.7.jarimap-1.4.2.jarj2h-1.3.1.jarjta-1.0.1B.jarjtds-1.2.2.jarlog4j-1.2.8.jarmail-1.4.2.jarmailapi-1.4.2.jarojdbc14.jarpop3-1.4.2.jarsmtp-1.4.2.jarwsdl4j-1.5.1.jar
server-config.wsddweb.xmlwebgoat-class.propertieswebgoat-lab.propertieswebgoat-owasp.propertieswebgoat.propertieswebgoat_oracle.sqlwebgoat_sqlserver.sqlcss
database
images
WebGoatFinancial
buttons
catStarted.jpgcookies.jpgcookiesOver.jpghelp.jpghelpOver.jpghint.jpghintLeft.jpghintLeftOver.jpghintOver.jpghintRight.jpghintRightOver.jpghtml.jpghtmlOver.jpgjava.jpgjavaOver.jpglessonComplete.jpglogout.jpglogoutOver.jpgparams.jpgparamsOver.jpgplans.jpgplansOver.jpgsolutions.jpgsolutionsOver.jpg
header
icons
introduction
HowToUse_1.jpgHowToUse_2.jpgHowToUse_3.jpgfirebug.jpgiewatch.jpginterface.jpgwebscarab.jpgwireshark.png
logos
menu_images
javascript
DOMXSS.jsDOMXSS_backup.jsclientSideFiltering.jsclientSideValidation.jsescape.jseval.js
instructor
javascript.jslessonNav.jsmakeWindow.jsmenu_system.jssameOrigin.jstoggle.jslesson_plans
English
AccessControlMatrix.htmlBackDoors.htmlBasicAuthentication.htmlBlindSqlInjection.htmlBufferOverflow.htmlCSRF.htmlChallengeScreen.htmlClientSideFiltering.htmlClientSideValidation.htmlCommandInjection.htmlConcurrencyCart.htmlCrossSiteScripting.htmlCsrfPromptByPass.htmlCsrfTokenByPass.htmlDBCrossSiteScripting.htmlDBSQLInjection.htmlDOMInjection.htmlDOMXSS.htmlDOS_Login.htmlDangerousEval.htmlEncoding.htmlFailOpenAuthentication.htmlForcedBrowsing.htmlForgotPassword.htmlHiddenFieldTampering.htmlHowToWork.htmlHtmlClues.htmlHttpBasics.htmlHttpOnly.htmlHttpSplitting.htmlInsecureLogin.htmlJSONInjection.htmlJavaScriptValidation.htmlLesson_Plan_Template.htmlLogSpoofing.htmlMultiLevelLogin1.htmlMultiLevelLogin2.htmlNewLesson.htmlPasswordStrength.htmlPathBasedAccessControl.htmlPhishing.htmlReflectedXSS.htmlRemoteAdminFlaw.htmlRoleBasedAccessControl.htmlSQLInjection.htmlSameOriginPolicyProtection.htmlSessionFixation.htmlSilentTransactions.htmlSoapRequest.htmlSqlNumericInjection.htmlSqlStringInjection.htmlStoredXss.htmlThreadSafetyProblem.htmlTomcatSetup.htmlTraceXSS.htmlUncheckedEmail.htmlUsefulTools.htmlWSDLScanning.htmlWeakAuthenticationCookie.htmlWeakSessionID.htmlWelcomeScreeen.htmlWsSAXInjection.htmlWsSqlInjection.htmlXMLInjection.htmlXPATHInjection.html
German
lesson_solutions
AccessControlMatrix.html
AccessControlMatrix_files
Thumbs.dbcolorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgthemedata.thmx
BackDoors.htmlBackDoors_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.jpgimage014.jpgimage015.jpgimage016.jpgimage017.jpgimage018.jpgthemedata.thmx
BasicAuthentication.htmlBasicAuthentication_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.pngimage015.pngimage017.pngimage019.pngimage021.pngimage023.pngimage025.jpgimage026.jpgimage027.jpgimage028.jpgimage029.jpgimage030.jpgimage031.jpgimage032.jpgimage033.jpgimage034.jpgimage035.jpgimage036.jpgthemedata.thmx
BlindSqlInjection.htmlBlindSqlInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.jpgimage014.jpgimage015.jpgimage016.jpgimage017.jpgimage018.jpgthemedata.thmx
CSRF.htmlCSRF_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.jpgimage012.jpgimage013.jpgimage014.jpgimage015.jpgthemedata.thmx
ClientSideFiltering.htmlClientSideFiltering_files
ClientSideValidation.htmlClientSideValidation_files
CommandInjection.htmlCommandInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.jpgimage008.jpgimage009.jpgthemedata.thmx
ConcurrencyCart.htmlConcurrencyCart_files
CsrfPromptByPass.htmlCsrfPromptByPass_files
iframePromptHack.pngiframePromptHacked.pngimgPromptHack.pngtransferFundsComplete.pngtransferFundsHack.pngtransferFundsPage.pngtransferFundsPrompt.png
CsrfTokenByPass.htmlCsrfTokenByPass_files
DOMInjection.htmlDOMInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgimage007.pngimage008.jpgimage009.pngimage010.jpgimage011.pngimage012.jpgthemedata.thmx
DOMXSS.htmlDOMXSS_files
DOS_Login.htmlDOS_Login_files
DangerousEval.htmlEncoding.htmlFailOpenAuthentication.htmlFailOpenAuthentication_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.jpgimage010.jpgimage011.jpgimage012.jpgthemedata.thmx
ForcedBrowsing.htmlForcedBrowsing_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgimage007.pngimage008.jpgthemedata.thmx
ForgotPassword.htmlForgotPassword_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.pngimage015.jpgimage016.jpgimage017.jpgimage018.jpgimage019.jpgimage020.jpgimage021.jpgthemedata.thmx
HiddenFieldTampering.htmlHiddenFieldTampering_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.jpgimage012.jpgimage013.jpgimage014.jpgimage015.jpgthemedata.thmx
HtmlClues.htmlHtmlClues_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.jpgimage012.jpgimage013.jpgimage014.jpgimage015.jpgthemedata.thmx
HttpBasics.htmlHttpBasics_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.jpgimage006.jpgthemedata.thmxwebscarab1.jpgwebscarab2.jpg
HttpOnly.htmlHttpOnly_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.pngimage015.jpgimage016.jpgimage017.jpgimage018.jpgimage019.jpgimage020.jpgimage021.jpgthemedata.thmx
HttpSplitting.htmlHttpSplitting_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.pngimage015.pngimage017.pngimage019.pngimage021.pngimage023.pngimage025.pngimage027.pngimage029.jpgimage030.jpgimage031.jpgimage032.jpgimage033.jpgimage034.jpgimage035.jpgimage036.jpgimage037.jpgimage038.jpgimage039.jpgimage040.jpgimage041.jpgimage042.jpgthemedata.thmx
InsecureLogin.htmlInsecureLogin_files
JSONInjection.htmlJSONInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.jpgimage014.jpgimage015.jpgimage016.jpgimage017.jpgimage018.jpgthemedata.thmx
JavaScriptValidation.htmlJavaScriptValidation_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgimage007.pngimage008.jpgimage009.gifimage010.pngimage011.jpgimage012.pngimage013.jpgimage014.pngimage015.jpgimage016.pngimage017.jpgimage018.pngimage019.jpgimage020.pngimage021.jpgimage022.pngimage023.jpgthemedata.thmx
Lab Access Control
Lab Add Business Layer Access Control.htmlLab Add Data Layer Access Control.htmlLab Bypass Business Layer Access Control.htmlLab Bypass Data Layer Access Control.html
images
Lab SQL Injection
Lab Numeric SQL Injection.htmlLab Parameterized Query #1.htmlLab Parameterized Query #2.htmlLab String SQL Injection.html
Lab XSS
Lab Block Reflected XSS.htmlLab Block Stored XSS using Input Validation.htmlLab Block Stored XSS using Output Encoding.htmlLab Reflected XSS.htmlLab Stored XSS Revisited.htmlLab Stored XSS.html
LogSpoofing.htmlimages
LogSpoofing_files
Thumbs.dbcolorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.jpgimage008.jpgimage009.jpgthemedata.thmx
MultiLevelLogin1.htmlMultiLevelLogin1_files
MultiLevelLogin2.htmlMultiLevelLogin2_files
PasswordStrength.htmlPasswordStrength_files
PathBasedAccessControl.htmlPathBasedAccessControl_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgthemedata.thmx
Phishing.htmlReflectedXSS.htmlReflectedXSS_files
RemoteAdminFlaw.htmlRemoteAdminFlaw_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgthemedata.thmx
SessionFixation.htmlSessionFixation_files
SilentTransactions.htmlSilentTransactions_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.jpgimage010.jpgimage011.jpgimage012.jpgthemedata.thmx
SoapRequest.htmlSoapRequest_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgimage007.pngimage008.jpgimage009.pngimage010.jpgthemedata.thmx
SqlNumericInjection.htmlSqlNumericInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgnumericinjection.pngnumericinjection_solved.pngthemedata.thmx
SqlStringInjection.htmlSqlStringInjection_files
StoredXSS_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.jpgimage008.jpgimage009.jpgthemedata.thmx
StoredXss.htmlThreadSafetyProblem.htmlThreadSafetyProblem_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage007.pngimage009.jpgthemedata.thmx
TraceXSS.htmlTraceXSS_files
UncheckedEmail.htmlUncheckedEmail_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgimage007.pngimage008.jpgthemedata.thmx
WSDLScanning.htmlWSDLScanning_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.jpgimage010.jpgimage011.jpgimage012.jpgthemedata.thmx
WeakAuthenticationCookie.htmlWeakAuthenticationCookie_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.pngimage015.pngimage017.pngimage019.jpgimage020.jpgimage021.jpgimage022.jpgimage023.jpgimage024.jpgimage025.jpgimage026.jpgimage027.jpgthemedata.thmx
WeakSessionID.htmlWeakSessionID_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage010.pngimage012.pngimage014.pngimage016.pngimage018.pngimage020.jpgimage021.jpgimage022.jpgimage023.jpgimage024.jpgimage025.jpgimage026.jpgimage027.jpgimage028.jpgimage029.jpgthemedata.thmx
WsSAXInjection.htmlWsSAXInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgimage007.pngimage008.jpgimage009.pngimage010.jpgthemedata.thmx
WsSqlInjection.htmlWsSqlInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage002.jpgimage003.pngimage004.jpgimage005.pngimage006.jpgimage007.pngimage008.jpgthemedata.thmx
XMLInjection.htmlXMLInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.pngimage009.pngimage011.pngimage013.pngimage015.pngimage017.jpgimage018.jpgimage019.jpgimage020.jpgimage021.jpgimage022.jpgimage023.jpgimage024.jpgthemedata.thmx
XPATHInjection.htmlXPATHInjection_files
colorschememapping.xmlfilelist.xmlimage001.pngimage003.pngimage005.pngimage007.jpgimage008.jpgimage009.jpgthemedata.thmx
formate.csslessons
Ajax
clientSideFiltering.jspclientSideFiltering_backup.jspclientSideValidation.jspemployees.xmleval.jsp
images
instructor
sameOrigin.jspConfManagement
CrossSiteScripting
CrossSiteScripting.cssCrossSiteScripting.jspEditProfile.jspListStaff.jspLogin.jspSearchStaff.jspViewProfile.jsperror.jsp
images
DBCrossSiteScripting
DBCrossSiteScripting.cssDBCrossSiteScripting.jspEditProfile.jspListStaff.jspLogin.jspSearchStaff.jspViewProfile.jsperror.jsp
images
DBSQLInjection
DBSQLInjection.cssDBSQLInjection.jspEditProfile.jspListStaff.jspLogin.jspSearchStaff.jspViewProfile.jsperror.jsp
images
General
GoatHillsFinancial
EditProfile.jspGoatHillsFinancial.cssGoatHillsFinancial.jspListStaff.jspLogin.jspSearchStaff.jspViewProfile.jsperror.jsp
images
RoleBasedAccessControl
EditProfile.jspListStaff.jspLogin.jspRoleBasedAccessControl.cssRoleBasedAccessControl.jspSearchStaff.jspViewProfile.jsperror.jsp
images
SQLInjection
EditProfile.jspListStaff.jspLogin.jspSQLInjection.cssSQLInjection.jspSearchStaff.jspViewProfile.jsperror.jsp
images
XPATHInjection
users
webgoat.jspwebgoat_challenge.jsp@ -83,8 +83,8 @@
|
||||
<property name="manager.url" value="http://localhost/manager"/>
|
||||
<property name="manager.username" value="admin"/> <!-- UPDATE THIS! -->
|
||||
<property name="manager.password" value="admin"/> <!-- UPDATE THIS! -->
|
||||
<property name="src.home" value="${basedir}/JavaSource"/>
|
||||
<property name="web.home" value="${basedir}/WebContent"/>
|
||||
<property name="src.home" value="${basedir}/java"/>
|
||||
<property name="web.home" value="${basedir}/webapp"/>
|
||||
<property name="zip_distributions.home" value="${basedir}/zip_distributions"/>
|
||||
|
||||
<!-- ==================== External Dependencies =========================== -->
|
||||
@ -103,7 +103,7 @@
|
||||
files that you are going to include inside your "/WEB-INF/lib" directory.
|
||||
-->
|
||||
|
||||
<property name="jars" value="${basedir}/WebContent/WEB-INF/lib"/>
|
||||
<property name="jars" value="${basedir}/webapp/WEB-INF/lib"/>
|
||||
|
||||
<!-- ==================== Compilation Classpath =========================== -->
|
||||
|
||||
@ -123,10 +123,10 @@
|
||||
<include name="*.jar"/>
|
||||
</fileset>
|
||||
<pathelement location="${catalina.home}/common/classes"/>
|
||||
<fileset dir="${catalina.home}/common/lib">
|
||||
<fileset dir="${catalina.home}/lib">
|
||||
<include name="*.jar"/>
|
||||
</fileset>
|
||||
<fileset dir="${catalina.home}/server/lib">
|
||||
<fileset dir="${catalina.home}/lib">
|
||||
<include name="*.jar"/>
|
||||
</fileset>
|
||||
</path>
|
||||
@ -224,17 +224,17 @@
|
||||
<!-- =================== Internal Tasks to prepare war file ============ -->
|
||||
|
||||
<!-- Copying the Java source code into the build directory -->
|
||||
<!-- We must also copy the source into WebContent, since WTP will overwrite the
|
||||
<!-- We must also copy the source into webapp, since WTP will overwrite the
|
||||
app as it was deployed from the WAR. -->
|
||||
<!-- We must also copy the doc dir into WebContent, for the "how to create a new lesson" lesson -->
|
||||
<!-- We must also copy the doc dir into webapp, for the "how to create a new lesson" lesson -->
|
||||
<target name="-CopySourceToBuild" depends="prepare" >
|
||||
<delete dir="${build.home}/JavaSource"/>
|
||||
<copy todir="${build.home}/JavaSource">
|
||||
<fileset dir="${basedir}/JavaSource"/>
|
||||
<delete dir="${build.home}/java"/>
|
||||
<copy todir="${build.home}/java">
|
||||
<fileset dir="${basedir}/java"/>
|
||||
</copy>
|
||||
<delete dir="${web.home}/JavaSource"/>
|
||||
<copy todir="${web.home}/JavaSource">
|
||||
<fileset dir="${basedir}/JavaSource"/>
|
||||
<delete dir="${web.home}/java"/>
|
||||
<copy todir="${web.home}/java">
|
||||
<fileset dir="${basedir}/java"/>
|
||||
</copy>
|
||||
<delete dir="${web.home}/doc"/>
|
||||
<copy todir="${web.home}/doc">
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user