From 976671949e9a408c51b47dd8ad12dba2d0e5f087 Mon Sep 17 00:00:00 2001 From: mayhew64 Date: Tue, 3 Feb 2009 18:16:51 +0000 Subject: [PATCH] Changed the credit card user to be the user that was logged in as. Also base64 encoded the user cookie to make finding sql injection slightly harder. git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@376 4033779f-a91e-0410-96ef-6bf7bf53c507 --- .../org/owasp/webgoat/lessons/Challenge2Screen.java | 12 ++++++------ .../org/owasp/webgoat/session/CreateDB.java | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java b/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java index 04a43c4d6..28cded18b 100644 --- a/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java +++ b/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java @@ -110,7 +110,7 @@ public class Challenge2Screen extends SequentialLessonAdapter /** * Description of the Field */ - protected final static String USER = "s"; + protected final static String USER = "user"; /** * Description of the Field @@ -165,10 +165,10 @@ public class Challenge2Screen extends SequentialLessonAdapter // // these are red herrings for the first stage - Input input = new Input(Input.HIDDEN, USER, "White"); + Input input = new Input(Input.HIDDEN, USER, user); ec.addElement(input); - Cookie newCookie = new Cookie(USER_COOKIE, "White"); + Cookie newCookie = new Cookie(USER_COOKIE, Encoding.base64Encode(user)); s.getResponse().addCookie(newCookie); // @@ -190,7 +190,7 @@ public class Challenge2Screen extends SequentialLessonAdapter { // - Cookie newCookie = new Cookie(USER_COOKIE, "White"); + Cookie newCookie = new Cookie(USER_COOKIE, Encoding.base64Encode(user)); s.getResponse().addCookie(newCookie); ElementContainer ec = new ElementContainer(); @@ -209,7 +209,7 @@ public class Challenge2Screen extends SequentialLessonAdapter .createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); // pull the USER_COOKIE from the cookies - String user = getCookie(s); + String user = Encoding.base64Decode(getCookie(s)); String query = "SELECT * FROM user_data WHERE last_name = '" + user + "'"; Vector v = new Vector(); @@ -246,7 +246,7 @@ public class Challenge2Screen extends SequentialLessonAdapter ec.addElement(t); ec.addElement(new BR()); - Input input = new Input(Input.HIDDEN, USER, "White"); + Input input = new Input(Input.HIDDEN, USER, user); ec.addElement(input); // STAGE 3 BUTTON diff --git a/main/project/JavaSource/org/owasp/webgoat/session/CreateDB.java b/main/project/JavaSource/org/owasp/webgoat/session/CreateDB.java index 27d9d4be6..349829970 100644 --- a/main/project/JavaSource/org/owasp/webgoat/session/CreateDB.java +++ b/main/project/JavaSource/org/owasp/webgoat/session/CreateDB.java @@ -218,8 +218,8 @@ public class CreateDB String insertData6 = "INSERT INTO user_data VALUES (103,'Jane','Plane','333498703333','AMEX',' ',0)"; String insertData7 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','176896789','MC',' ',0)"; String insertData8 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','333300003333','AMEX',' ',0)"; - String insertData9 = "INSERT INTO user_data VALUES (10323,'Grumpy','White','673834489','MC',' ',0)"; - String insertData10 = "INSERT INTO user_data VALUES (10323,'Grumpy','White','33413003333','AMEX',' ',0)"; + String insertData9 = "INSERT INTO user_data VALUES (10323,'Grumpy','youaretheweakestlink','673834489','MC',' ',0)"; + String insertData10 = "INSERT INTO user_data VALUES (10323,'Grumpy','youaretheweakestlink','33413003333','AMEX',' ',0)"; String insertData11 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','123609789','MC',' ',0)"; String insertData12 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','338893453333','AMEX',' ',0)"; String insertData13 = "INSERT INTO user_data VALUES (15613,'Joesph','Something','33843453533','AMEX',' ',0)";