dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

WIP

Browse Source
This commit is contained in:
Nanne Baars
2018-05-16 12:39:23 +02:00
parent ea9c1a453d
commit 7a0820bf89
6 changed files with 86 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
webgoat-lessons/jwt/src/main/resources/i18n/WebGoatLabels.properties
View File

@ -8,4 +8,8 @@ jwt-change-token-hint1=Select a different user and look at the token you receive
jwt-change-token-hint2=Decode the token and look at the contents
jwt-change-token-hint3=Change the contents of the token and replace the cookie before sending the request for getting the votes
jwt-change-token-hint4=Change the admin field to true in the token
jwt-change-token-hint5=Submit the token by changing the algorithm to None and remove the signature
jwt-change-token-hint5=Submit the token by changing the algorithm to None and remove the signature
jwt-secret-hint1=Save the token and try to verify the token locally
jwt-secret-hint2=Download a word list dictionary (https://github.com/first20hours/google-10000-english)
jwt-secret-hint3=Write a small program or use HashCat for brute forcing the token according the word list