From 90da672be277458cee3c887fc7d71977c48b57b1 Mon Sep 17 00:00:00 2001 From: philippesteinbach Date: Mon, 12 Nov 2018 11:19:55 +0100 Subject: [PATCH] added hints to sql injection assignment 4 & 5, minor text changes to be consistent to other assignments --- .../webgoat/plugin/introduction/SqlInjectionLesson4.java | 2 +- .../webgoat/plugin/introduction/SqlInjectionLesson5.java | 2 +- .../src/main/resources/i18n/WebGoatLabels.properties | 4 ++++ .../en/SqlInjection_introduction_content2.adoc | 8 ++++---- .../en/SqlInjection_introduction_content3.adoc | 2 +- 5 files changed, 11 insertions(+), 7 deletions(-) diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java index 4d54a0630..bdcf9a864 100644 --- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson4.java @@ -46,7 +46,7 @@ import java.sql.*; * @created October 28, 2003 */ @AssignmentPath("/SqlInjection/attack4") -@AssignmentHints(value = {"SqlStringInjectionHint4a1", "SqlStringInjectionHint4a2"}) +@AssignmentHints(value = {"SqlStringInjectionHint4a1", "SqlStringInjectionHint4a2", "SqlStringInjectionHint4a3"}) public class SqlInjectionLesson4 extends AssignmentEndpoint { @RequestMapping(method = RequestMethod.POST) diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java index 633e79378..5934a854d 100644 --- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5.java @@ -46,7 +46,7 @@ import java.sql.*; * @created October 28, 2003 */ @AssignmentPath("/SqlInjection/attack5") -@AssignmentHints(value = {"SqlStringInjectionHint5a1", "SqlStringInjectionHint5a2"}) +@AssignmentHints(value = {"SqlStringInjectionHint5a1"}) public class SqlInjectionLesson5 extends AssignmentEndpoint { @RequestMapping(method = RequestMethod.POST) diff --git a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties index 47063a525..de917dc3a 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties +++ b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties @@ -33,6 +33,10 @@ SqlStringInjectionHint2a1=You want the data from the column with the name depart SqlStringInjectionHint2a2=SELECT column FROM tablename WHERE condition; SqlStringInjectionHint3a1=Try the UPDATE statement SqlStringInjectionHint3a2=UPDATE tablename SET columnname=value WHERE condition; +SqlStringInjectionHint4a1=ALTER TABLE alters the structure of an existing database +SqlStringInjectionHint4a2=Don't forget the data type of the new column (e.g. varchar(size) or int(size)) +SqlStringInjectionHint4a3=ALTER TABLE tablename ADD columnname data type(size); +SqlStringInjectionHint5a1=Look at the example. There's everything you'll need. SqlStringInjectionHint6=Try Appending a new SQL Statement to the Query. SqlStringInjectionHint7=The new SQL Statement can be really simple like: SELECT ... FROM ... SqlStringInjectionHint8=Your new SQL Query should start, with a " ; " and end with " -- " diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc index 9ded8dfb1..eda55737d 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content2.adoc @@ -12,10 +12,10 @@ If an attacker uses a SQL injection of the DML type to manipulate your database, * DELETE - Delete all records from a database table * Example: ** Retrieve data: -** SELECT Phone + - FROM Employees + - WHERE IdNum = 1354; -** This statement delivers the phone number of the employee with the number 1354. +** SELECT phone + + FROM employees + + WHERE userid = 96134; +** This statement delivers the phone number of the employee with the userid 96134. === It's your turn! Try to change the department of Tobi Barnett to 'Sales'. diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc index 797aa76b9..9dc80c975 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content3.adoc @@ -10,7 +10,7 @@ If an attacker uses a SQL injection of the DDL type to manipulate your database, * ALTER - alters the structure of the existing database * DROP - delete objects from the database * Example: -** CREATE TABLE Employees( + +** CREATE TABLE employees( +     userid varchar(6) not null primary key, +     first_name varchar(20), +     last_name varchar(20), +