dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Hints added

Browse Source 
* Solutions added
* Bugfixes
* Introduction added (including how to start with webgoat and useful tools)
* New lesson: Password strength
* New lessons: Multi Level Login
* Not yet working new lesson: Session fixation (inital release)

git-svn-id: http://webgoat.googlecode.com/svn/trunk@301 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel
2008-04-07 14:28:38 +00:00
parent ce703bc67d
commit 82e32acb77
137 changed files with 4230 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
webgoat/main/project/WebContent/lesson_solutions/BasicAuthentication.html
View File

@ -673,8 +673,8 @@ field-end'></span><![endif]--> Intercepted request</p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>The HTTP
header that contains the Basic Authentication information is called
<EFBFBD>Authorization<EFBFBD>. This value Z3Vlc3Q6Z3Vlc3Q= is Base64 encoded. You can decode
this by using WebScarab <EFBFBD> Tools <EFBFBD> Transcoder.<o:p></o:p></span></p>
"Authorization". This value Z3Vlc3Q6Z3Vlc3Q= is Base64 encoded. You can decode
this by using WebScarab > Tools > Transcoder.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>
@ -827,7 +827,7 @@ field-end'></span><![endif]--> Basic Authentication<span style='font-family:
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>You clearly
see that the JSESSIONID is the same like in the previous request, but the
Authorization header now contains the Base 64 encoded value of basic:basic (you
can decode this value in WebScarab <EFBFBD> Tools <EFBFBD> Transcoder).<o:p></o:p></span></p>
can decode this value in WebScarab > Tools > Transcoder).<o:p></o:p></span></p>
<p class=MsoNormal style='page-break-after:avoid'><span style='font-family:
"Arial","sans-serif";mso-no-proof:yes'><!--[if gte vml 1]><v:shape id="Picture_x0020_1023"
@ -894,7 +894,7 @@ style='font-family:"Arial","sans-serif"'><o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>Now you are
redirected to the WebGoat start page. The JSESSIONID is changed and you lost all
your green stars because the basic user hasn<73>t completed any lesson. Go to the
lesson <EFBFBD>Basic Authentication<EFBFBD> to complete this lesson.<o:p></o:p></span></p>
lesson "Basic Authentication" to complete this lesson.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>