dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

XSS Lesson Modifications (#367)

Browse Source 
* initial cut on XSS, need to add some tests still

* initial unit tests for assignment endpoints

* updating header comment license thingy

* comment, clean up

* Stubs for security unit test

* Additional Unit Testing

* isEncoded and isNotEncoded Unit Tests added

* http-proxies updates

* update for XXE solutions

* Work-around to handle special chars in action ... currently to be able to match {userId} in hint creation/assignment for IDOR

* IDOR hints updated

* mitigation content update

* mitigation content update ... 2

* Lesson Overview updates

* including restart lesson fix for lesson overview
This commit is contained in:
misfir3
2017-07-10 08:33:10 -04:00
committed by GitHub
parent 3ec5b8708e
commit 82ef171a50
59 changed files with 1349 additions and 628 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
webgoat-lessons/sol.txt
View File

@ -3,6 +3,9 @@ Basic
Smith - to show it returns smith's records
Smith' or '1'='1 - to show exploit; 1=1 can be any true clause
**Bender Login
bender@juice-sh.op' --
[2:19 PM]
101
101 or 1=1