From 9576c6b9da66f627882b24034d973eae4e851fed Mon Sep 17 00:00:00 2001 From: Elie De Brauwer Date: Sun, 24 May 2020 13:00:00 +0200 Subject: [PATCH] Function AC Lesson 1: Spelling and grammar fixes. --- .../en/missing-function-ac-02-client-controls.adoc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/webgoat-lessons/missing-function-ac/src/main/resources/lessonPlans/en/missing-function-ac-02-client-controls.adoc b/webgoat-lessons/missing-function-ac/src/main/resources/lessonPlans/en/missing-function-ac-02-client-controls.adoc index 0ea8c2b79..114ca7825 100644 --- a/webgoat-lessons/missing-function-ac/src/main/resources/lessonPlans/en/missing-function-ac-02-client-controls.adoc +++ b/webgoat-lessons/missing-function-ac/src/main/resources/lessonPlans/en/missing-function-ac-02-client-controls.adoc @@ -1,7 +1,7 @@ == Relying on Obscurity -If you are relying on HTML, CSS or javascript to hide links that users don't normally access. -It's a little older, but there was a case of a network router trying to protect (hide) admin functions with javascript in the UI https://www.wired.com/2009/10/routers-still-vulnerable +One could rely on HTML, CSS or javascript to hide links that users don't normally access. +In the past there has been a case where a network router tried to protect (hide) admin functionality with javascript in the UI: https://www.wired.com/2009/10/routers-still-vulnerable. === Finding Hidden Items @@ -9,8 +9,8 @@ There are usually hints to finding functionality the UI does not openly expose i * HTML or javascript comments * Commented out elements -* Items hidden via css controls/classes +* Items hidden via CSS controls/classes === Your Mission -Find two menu items not visible in menu below that are or would be of interest to an attacker/malicious user and put the labels for those menu items (there are no links right now in the menus). \ No newline at end of file +Find two invisible menu items in the menu below that are, or would be, of interest to an attacker/malicious user and submit the labels for those menu items (there are no links right now in the menus).