* Hints added
* Solutions added * Bugfixes * Introduction added (including how to start with webgoat and useful tools) * New lesson: Password strength * New lessons: Multi Level Login * Not yet working new lesson: Session fixation (inital release) git-svn-id: http://webgoat.googlecode.com/svn/trunk@301 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
@ -673,8 +673,8 @@ field-end'></span><![endif]--> Intercepted request</p>
|
||||
|
||||
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>The HTTP
|
||||
header that contains the Basic Authentication information is called
|
||||
<EFBFBD>Authorization<EFBFBD>. This value Z3Vlc3Q6Z3Vlc3Q= is Base64 encoded. You can decode
|
||||
this by using WebScarab <EFBFBD> Tools <EFBFBD> Transcoder.<o:p></o:p></span></p>
|
||||
"Authorization". This value Z3Vlc3Q6Z3Vlc3Q= is Base64 encoded. You can decode
|
||||
this by using WebScarab > Tools > Transcoder.<o:p></o:p></span></p>
|
||||
|
||||
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
|
||||
|
||||
@ -827,7 +827,7 @@ field-end'></span><![endif]--> Basic Authentication<span style='font-family:
|
||||
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>You clearly
|
||||
see that the JSESSIONID is the same like in the previous request, but the
|
||||
Authorization header now contains the Base 64 encoded value of basic:basic (you
|
||||
can decode this value in WebScarab <EFBFBD> Tools <EFBFBD> Transcoder).<o:p></o:p></span></p>
|
||||
can decode this value in WebScarab > Tools > Transcoder).<o:p></o:p></span></p>
|
||||
|
||||
<p class=MsoNormal style='page-break-after:avoid'><span style='font-family:
|
||||
"Arial","sans-serif";mso-no-proof:yes'><!--[if gte vml 1]><v:shape id="Picture_x0020_1023"
|
||||
@ -894,7 +894,7 @@ style='font-family:"Arial","sans-serif"'><o:p></o:p></span></p>
|
||||
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>Now you are
|
||||
redirected to the WebGoat start page. The JSESSIONID is changed and you lost all
|
||||
your green stars because the basic user hasn<73>t completed any lesson. Go to the
|
||||
lesson <EFBFBD>Basic Authentication<EFBFBD> to complete this lesson.<o:p></o:p></span></p>
|
||||
lesson "Basic Authentication" to complete this lesson.<o:p></o:p></span></p>
|
||||
|
||||
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
|
||||
|
||||
|
Reference in New Issue
Block a user