dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

display query string to user after success, added hints

Browse Source
This commit is contained in:
PhilippeSteinbach
2019-02-04 14:09:40 +01:00
committed by Nanne Baars
parent 2be2de8ce1
commit 7c32232faa
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
View File

@ -14,6 +14,8 @@ sql-injection.2.success=<span class='feedback-positive'>You have succeeded!</spa
sql-injection.2.failed=<span class='feedback-negative'>Something went wrong! You got no results, check your SQL Statement and the table above.</span>
SqlStringInjectionHint2-1=You want the data from the column with the name department. You know the database name (employees) and you know the first- and lastname of the employee (first_name, last_name).
SqlStringInjectionHint2-2=SELECT column FROM tablename WHERE condition;
SqlStringInjectionHint2-3=Use ' instead of " when comparing two strings.
SqlStringInjectionHint2-4=Pay attention to case sensitivity when comparing two strings.
SqlStringInjectionHint3-1=Try the UPDATE statement
SqlStringInjectionHint3-2=UPDATE tablename SET columnname=value WHERE condition;