diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java index 4d54a0630..bdcf9a864 100644 --- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java @@ -46,7 +46,7 @@ import java.sql.*; * @created October 28, 2003 */ @AssignmentPath("/SqlInjection/attack4") -@AssignmentHints(value = {"SqlStringInjectionHint4a1", "SqlStringInjectionHint4a2"}) +@AssignmentHints(value = {"SqlStringInjectionHint4a1", "SqlStringInjectionHint4a2", "SqlStringInjectionHint4a3"}) public class SqlInjectionLesson4 extends AssignmentEndpoint { @RequestMapping(method = RequestMethod.POST) diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java index 633e79378..5934a854d 100644 --- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java @@ -46,7 +46,7 @@ import java.sql.*; * @created October 28, 2003 */ @AssignmentPath("/SqlInjection/attack5") -@AssignmentHints(value = {"SqlStringInjectionHint5a1", "SqlStringInjectionHint5a2"}) +@AssignmentHints(value = {"SqlStringInjectionHint5a1"}) public class SqlInjectionLesson5 extends AssignmentEndpoint { @RequestMapping(method = RequestMethod.POST) diff --git a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties index 47063a525..de917dc3a 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties +++ b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties @@ -33,6 +33,10 @@ SqlStringInjectionHint2a1=You want the data from the column with the name depart SqlStringInjectionHint2a2=SELECT column FROM tablename WHERE condition; SqlStringInjectionHint3a1=Try the UPDATE statement SqlStringInjectionHint3a2=UPDATE tablename SET columnname=value WHERE condition; +SqlStringInjectionHint4a1=ALTER TABLE alters the structure of an existing database +SqlStringInjectionHint4a2=Don't forget the data type of the new column (e.g. varchar(size) or int(size)) +SqlStringInjectionHint4a3=ALTER TABLE tablename ADD columnname data type(size); +SqlStringInjectionHint5a1=Look at the example. There's everything you'll need. SqlStringInjectionHint6=Try Appending a new SQL Statement to the Query. SqlStringInjectionHint7=The new SQL Statement can be really simple like: SELECT ... FROM ... SqlStringInjectionHint8=Your new SQL Query should start, with a " ; " and end with " -- " diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc index 9ded8dfb1..eda55737d 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc @@ -12,10 +12,10 @@ If an attacker uses a SQL injection of the DML type to manipulate your database, * DELETE - Delete all records from a database table * Example: ** Retrieve data: -** SELECT Phone + - FROM Employees + - WHERE IdNum = 1354; -** This statement delivers the phone number of the employee with the number 1354. +** SELECT phone + + FROM employees + + WHERE userid = 96134; +** This statement delivers the phone number of the employee with the userid 96134. === It's your turn! Try to change the department of Tobi Barnett to 'Sales'. diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc index 797aa76b9..9dc80c975 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc @@ -10,7 +10,7 @@ If an attacker uses a SQL injection of the DDL type to manipulate your database, * ALTER - alters the structure of the existing database * DROP - delete objects from the database * Example: -** CREATE TABLE Employees( + +** CREATE TABLE employees( +     userid varchar(6) not null primary key, +     first_name varchar(20), +     last_name varchar(20), +