diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ClientSideFiltering/ClientSideFiltering.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ClientSideFiltering/ClientSideFiltering.java index c36e33d20..6a0f37b3a 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ClientSideFiltering/ClientSideFiltering.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ClientSideFiltering/ClientSideFiltering.java @@ -11,14 +11,18 @@ import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.html.A; import org.apache.ecs.html.BR; +import org.apache.ecs.html.Div; import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.P; import org.apache.ecs.html.Script; import org.apache.ecs.html.Select; +import org.apache.ecs.html.Style; import org.apache.ecs.html.TD; import org.apache.ecs.html.TR; import org.apache.ecs.html.Table; +import org.apache.ecs.jsp.jsp_include; +import org.apache.ecs.xhtml.style; import org.owasp.webgoat.lessons.Category; import org.owasp.webgoat.lessons.SequentialLessonAdapter; import org.owasp.webgoat.session.ECSFactory; @@ -27,9 +31,12 @@ import org.owasp.webgoat.session.WebSession; public class ClientSideFiltering extends SequentialLessonAdapter { private final static String ANSWER = "answer"; - - public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); - + + public final static A ASPECT_LOGO = new A().setHref( + "http://www.aspectsecurity.com").addElement( + new IMG("images/logos/aspect.jpg").setAlt("Aspect Security") + .setBorder(0).setHspace(0).setVspace(0)); + protected Element createContent(WebSession s) { return super.createStagedContent(s); } @@ -40,22 +47,47 @@ public class ClientSideFiltering extends SequentialLessonAdapter { try { ec.addElement(new Script() - .setSrc("javascript/clientSideFiltering.js")); - + .setSrc("javascript/clientSideFiltering.js")); Input input = new Input(Input.HIDDEN, "userID", 102); - + input.setID("userID"); - + ec.addElement(input); - - - - ec.addElement(new P().addElement("Select user:")); - ec.addElement(createDropDown()); + style sty = new style(); + sty + .addElement("#lesson_wrapper {height: 435px;width: 500px;}" + + "#lesson_header {background-image: url(lessons/Ajax/images/lesson1_header.jpg);" + + "width: 490px;padding-right: 10px;padding-top: 60px;background-repeat: no-repeat;}" + + ".lesson_workspace {background-image: url(lessons/Ajax/images/lesson1_workspace.jpg);" + + "width: 489px;height: 325px;padding-left: 10px;padding-top: 10px;background-repeat: no-repeat;}"); - ec.addElement(new P()); + ec.addElement(sty); + + Div wrapperDiv = new Div(); + wrapperDiv.setID("lesson_wrapper"); + + Div headerDiv = new Div(); + headerDiv.setID("lesson_header"); + + Div workspaceDiv = new Div(); + workspaceDiv.setClass("lesson_workspace"); + + wrapperDiv.addElement(headerDiv); + wrapperDiv.addElement(workspaceDiv); + + ec.addElement(wrapperDiv); + + workspaceDiv.addElement(new BR()); + workspaceDiv.addElement(new BR()); + + workspaceDiv.addElement(new P() + .addElement("     Select user:")); + + workspaceDiv.addElement(createDropDown()); + + workspaceDiv.addElement(new P()); Table t = new Table().setCellSpacing(0).setCellPadding(2) .setBorder(1).setWidth("90%").setAlign("center"); @@ -63,7 +95,7 @@ public class ClientSideFiltering extends SequentialLessonAdapter { t.setID("hiddenEmployeeRecords"); t.setStyle("display: none"); - ec.addElement(t); + workspaceDiv.addElement(t); t = new Table().setCellSpacing(0).setCellPadding(2).setBorder(1) .setWidth("90%").setAlign("center"); @@ -79,8 +111,8 @@ public class ClientSideFiltering extends SequentialLessonAdapter { tr.setID("employeeRecord"); t.addElement(tr); - ec.addElement(t); - + workspaceDiv.addElement(t); + } catch (Exception e) { s.setMessage("Error generating " + this.getClass().getName()); e.printStackTrace(); @@ -111,7 +143,6 @@ public class ClientSideFiltering extends SequentialLessonAdapter { } if (answer == 450000) { - getLessonTracker(s).setStage(2); s.setMessage("Stage 1 completed."); @@ -125,12 +156,10 @@ public class ClientSideFiltering extends SequentialLessonAdapter { return ec; } - - protected Element doStage2(WebSession s){ + + protected Element doStage2(WebSession s) { ElementContainer ec = new ElementContainer(); - - - + /** * They pass iff: * @@ -138,16 +167,14 @@ public class ClientSideFiltering extends SequentialLessonAdapter { */ String file = s.getWebResource("lessons/Ajax/clientSideFiltering.jsp"); String content = getFileContent(file); - - if(content.indexOf("[Managers/Manager/text()") != -1) - { + + if (content.indexOf("[Managers/Manager/text()") != -1) { makeSuccess(s); ec.addElement(stage2Content(s)); - } - else{ + } else { ec.addElement(stage2Content(s)); } - + return ec; } @@ -157,9 +184,6 @@ public class ClientSideFiltering extends SequentialLessonAdapter { ec.addElement(createMainContent(s)); - ec.addElement(new BR()); - ec.addElement(new BR()); - Table t1 = new Table().setCellSpacing(0).setCellPadding(2); if (s.isColor()) { @@ -183,8 +207,7 @@ public class ClientSideFiltering extends SequentialLessonAdapter { return ec; } - - + protected ElementContainer stage2Content(WebSession s) { ElementContainer ec = new ElementContainer(); try { @@ -202,9 +225,10 @@ public class ClientSideFiltering extends SequentialLessonAdapter { TR tr = new TR(); /*tr.addElement(new TD() - .addElement("Press 'Submit' when you believe you have completed the lesson.")); - */ - Element b = ECSFactory.makeButton("Click here when you believe you have completed the lesson."); + .addElement("Press 'Submit' when you believe you have completed the lesson.")); + */ + Element b = ECSFactory + .makeButton("Click here when you believe you have completed the lesson."); tr.addElement(new TD(b).setAlign("CENTER")); t1.addElement(tr); @@ -217,9 +241,8 @@ public class ClientSideFiltering extends SequentialLessonAdapter { return ec; } - - - protected Select createDropDown(){ + + protected Select createDropDown() { Select select = new Select("UserSelect"); select.setID("UserSelect"); @@ -234,11 +257,6 @@ public class ClientSideFiltering extends SequentialLessonAdapter { select.addElement(option); - option = new org.apache.ecs.html.Option("Moe Stooge", "102", - "Moe Stooge"); - - select.addElement(option); - option = new org.apache.ecs.html.Option("Curly Stooge", "103", "Curly Stooge"); @@ -278,17 +296,12 @@ public class ClientSideFiltering extends SequentialLessonAdapter { select.addElement(option); - option = new org.apache.ecs.html.Option("John Wayne", "111", - "John Wayne"); - - select.addElement(option); - select.setOnChange("selectUser()"); select.setOnFocus("fetchUserData()"); - + return select; - + } protected Category getDefaultCategory() { @@ -300,55 +313,53 @@ public class ClientSideFiltering extends SequentialLessonAdapter { * * @return The hints value */ - public List getHints(WebSession s) - { - List hints = new ArrayList(); - - - - - - hints.add("The information displayed when an employee is choosen from the drop down menu is stored on the client side."); - - hints.add("Use Firebug to find where the information is stored on the client side."); - - hints.add("Examine the hidden table to see if there is anyone listed who is not in the drop down menu."); - - hints.add("Look in the last row of the hidden table."); - + public List getHints(WebSession s) { + List hints = new ArrayList(); - hints.add("You can access the server directly here " + - "to see what results are being returned"); - - hints.add("The server uses an XPath query agasinst an XML database."); + hints + .add("The information displayed when an employee is choosen from the drop down menu is stored on the client side."); - hints.add("The query currently returns all of the contents of the database."); + hints + .add("Use Firebug to find where the information is stored on the client side."); - hints.add("The query should only return the information of employees who are managed by Moe Stooge, who's userID is 102"); - - + hints + .add("Examine the hidden table to see if there is anyone listed who is not in the drop down menu."); - hints.add("Try using a filter operator."); - - hints.add("your filter operator shoiuld look something like: [Managers/Manager/text()="); - - - return hints; - -} + hints.add("Look in the last row of the hidden table."); + + hints + .add("You can access the server directly here " + + "to see what results are being returned"); + + hints.add("The server uses an XPath query agasinst an XML database."); + + hints + .add("The query currently returns all of the contents of the database."); + + hints + .add("The query should only return the information of employees who are managed by Moe Stooge, who's userID is 102"); + + hints.add("Try using a filter operator."); + + hints + .add("your filter operator shoiuld look something like: [Managers/Manager/text()="); + + return hints; + + } public String getInstructions(WebSession s) { String instructions = ""; if (getLessonTracker(s).getStage() == 1) { - instructions = "STAGE 1:\tYou are Moe Stooge, CSO of Goat Hills Bank. " + instructions = "STAGE 1:\tYou are Moe Stooge, CSO of Goat Hills Financial. " + "You have access to everyone in the company's information, except the CEO, " + "Neville Bartholomew. Or at least you shouldn't have access to the CEO's information." + " For this exercise, " + "examine the contents of the page to see what extra information you can find."; } else if (getLessonTracker(s).getStage() == 2) { - instructions = "STAGE 2:\tNow, fix the problem. Modify the server to only return " + - "results that Moe Stooge is allowed to see."; + instructions = "STAGE 2:\tNow, fix the problem. Modify the server to only return " + + "results that Moe Stooge is allowed to see."; } return (instructions); } @@ -384,47 +395,35 @@ public class ClientSideFiltering extends SequentialLessonAdapter { public String getTitle() { return ("LAB: Client Side Filtering"); } - - private String getFileContent(String content) - { - BufferedReader is = null; - StringBuffer sb = new StringBuffer(); - - try - { - is = new BufferedReader(new FileReader(new File(content))); - String s = null; - - while((s = is.readLine()) != null) - { - sb.append(s); - } - } - catch (Exception e) - { - e.printStackTrace(); - } - finally - { - if(is != null) - { - try - { - is.close(); - } - catch (IOException ioe) - { - - } - } - } - - return sb.toString(); - } - - public Element getCredits() - { - return super.getCustomCredits("", ASPECT_LOGO); - } + + private String getFileContent(String content) { + BufferedReader is = null; + StringBuffer sb = new StringBuffer(); + + try { + is = new BufferedReader(new FileReader(new File(content))); + String s = null; + + while ((s = is.readLine()) != null) { + sb.append(s); + } + } catch (Exception e) { + e.printStackTrace(); + } finally { + if (is != null) { + try { + is.close(); + } catch (IOException ioe) { + + } + } + } + + return sb.toString(); + } + + public Element getCredits() { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/WebContent/WEB-INF/webgoat_sqlserver.sql b/ webgoat/main/project/WebContent/WEB-INF/webgoat_sqlserver.sql index aad31f442..2e99a82ea 100644 --- a/ webgoat/main/project/WebContent/WEB-INF/webgoat_sqlserver.sql +++ b/ webgoat/main/project/WebContent/WEB-INF/webgoat_sqlserver.sql @@ -1,226 +1,226 @@ -EXEC sp_configure 'clr enabled', 1 -GO - -RECONFIGURE -GO - -USE master; - -go - -DROP LOGIN webgoat_guest; - -go - -DROP database webgoat; - -go - - -CREATE database webgoat; - -go - -USE webgoat; - -go - -CREATE SCHEMA webgoat_guest; - -go - -CREATE LOGIN webgoat_guest with password = '_webgoat'; - -go - -CREATE USER webgoat_guest with default_schema = webgoat_guest; - -go - -GRANT CONTROL TO webgoat_guest; - -go - - -CREATE TABLE WEBGOAT_guest.EMPLOYEE ( - userid INT NOT NULL PRIMARY KEY, - first_name VARCHAR(20), - last_name VARCHAR(20), - ssn VARCHAR(12), - password VARCHAR(10), - title VARCHAR(20), - phone VARCHAR(13), - address1 VARCHAR(80), - address2 VARCHAR(80), - manager INT, - start_date CHAR(8), - salary INT, - ccn VARCHAR(30), - ccn_limit INT, - disciplined_date CHAR(8), - disciplined_notes VARCHAR(60), - personal_description VARCHAR(60) -); - -go - -IF EXISTS -( - SELECT 1 - FROM INFORMATION_SCHEMA.ROUTINES - WHERE ROUTINE_NAME = 'UPDATE_EMPLOYEE' - AND ROUTINE_SCHEMA = 'webgoat_guest' - AND ROUTINE_TYPE = 'PROCEDURE' -) -BEGIN - DROP PROCEDURE webgoat_guest.UPDATE_EMPLOYEE - DROP PROCEDURE webgoat_guest.UPDATE_EMPLOYEE_BACKUP -END -GO - -CREATE PROCEDURE webgoat_guest.UPDATE_EMPLOYEE - @v_userid INT, - @v_first_name VARCHAR(20), - @v_last_name VARCHAR(20), - @v_ssn VARCHAR(12), - @v_title VARCHAR(20), - @v_phone VARCHAR(13), - @v_address1 VARCHAR(80), - @v_address2 VARCHAR(80), - @v_manager INT, - @v_start_date CHAR(8), - @v_salary INT, - @v_ccn VARCHAR(30), - @v_ccn_limit INT, - @v_disciplined_date CHAR(8), - @v_disciplined_notes VARCHAR(60), - @v_personal_description VARCHAR(60) -AS - UPDATE EMPLOYEE - SET - first_name = @v_first_name, - last_name = @v_last_name, - ssn = @v_ssn, - title = @v_title, - phone = @v_phone, - address1 = @v_address1, - address2 = @v_address2, - manager = @v_manager, - start_date = @v_Start_date, - salary = @v_salary, - ccn = @v_ccn, - ccn_limit = @v_ccn_limit, - disciplined_date = @v_disciplined_date, - disciplined_notes = @v_disciplined_notes, - personal_description = @v_personal_description - WHERE - userid = @v_userid; - -go - -CREATE PROCEDURE webgoat_guest.UPDATE_EMPLOYEE_BACKUP - @v_userid INT, - @v_first_name VARCHAR(20), - @v_last_name VARCHAR(20), - @v_ssn VARCHAR(12), - @v_title VARCHAR(20), - @v_phone VARCHAR(13), - @v_address1 VARCHAR(80), - @v_address2 VARCHAR(80), - @v_manager INT, - @v_start_date CHAR(8), - @v_salary INT, - @v_ccn VARCHAR(30), - @v_ccn_limit INT, - @v_disciplined_date CHAR(8), - @v_disciplined_notes VARCHAR(60), - @v_personal_description VARCHAR(60) -AS - UPDATE EMPLOYEE - SET - first_name = @v_first_name, - last_name = @v_last_name, - ssn = @v_ssn, - title = @v_title, - phone = @v_phone, - address1 = @v_address1, - address2 = @v_address2, - manager = @v_manager, - start_date = @v_Start_date, - salary = @v_salary, - ccn = @v_ccn, - ccn_limit = @v_ccn_limit, - disciplined_date = @v_disciplined_date, - disciplined_notes = @v_disciplined_notes, - personal_description = @v_personal_description - WHERE - userid = @v_userid; - -go - -IF EXISTS -( - SELECT 1 - FROM INFORMATION_SCHEMA.ROUTINES - WHERE ROUTINE_NAME = 'EMPLOYEE_LOGIN' - AND ROUTINE_SCHEMA = 'webgoat_guest' - AND ROUTINE_TYPE = 'FUNCTION' -) -BEGIN - DROP FUNCTION webgoat_guest.EMPLOYEE_LOGIN - DROP FUNCTION webgoat_guest.EMPLOYEE_LOGIN_BACKUP -END -GO - -CREATE FUNCTION webgoat_guest.EMPLOYEE_LOGIN ( - @v_id INT, - @v_password VARCHAR(100) -) RETURNS INTEGER -AS - BEGIN - DECLARE @sql nvarchar(4000), @count int - SELECT @sql = N'SELECT @cnt = COUNT(*) FROM EMPLOYEE WHERE USERID = ' + convert(varchar(10),@v_id) + N' AND PASSWORD = ''' + @v_password + N''''; - EXEC sp_executesql @sql, N'@cnt int OUTPUT', @cnt = @count OUTPUT - return @count - END -GO - -CREATE FUNCTION webgoat_guest.EMPLOYEE_LOGIN_BACKUP ( - @v_id INT, - @v_password VARCHAR(100) -) RETURNS INTEGER -AS - BEGIN - DECLARE @sql nvarchar(4000), @count int - SELECT @sql = N'SELECT @cnt = COUNT(*) FROM EMPLOYEE WHERE USERID = ' + convert(varchar(10),@v_id) + N' AND PASSWORD = ''' + @v_password + N''''; - EXEC sp_executesql @sql, N'@cnt int OUTPUT', @cnt = @count OUTPUT - return @count - END -GO - -IF EXISTS -( - SELECT 1 - FROM INFORMATION_SCHEMA.ROUTINES - WHERE ROUTINE_NAME = 'RegexMatch' - AND ROUTINE_SCHEMA = 'webgoat_guest' - AND ROUTINE_TYPE = 'FUNCTION' -) -BEGIN - DROP FUNCTION webgoat_guest.RegexMatch -END -GO - -IF EXISTS (SELECT name FROM sys.assemblies WHERE name = N'RegexMatch') - DROP ASSEMBLY RegexMatch; -GO - -CREATE ASSEMBLY RegexMatch FROM 'c:\AspectClassCD\WebGoat\RegexMatch.dll' WITH PERMISSION_SET = SAFE; -GO - -CREATE FUNCTION webgoat_guest.RegexMatch ( -@input NVARCHAR(MAX), -@pattern NVARCHAR(MAX) -) RETURNS BIT -AS EXTERNAL NAME RegexMatch.[UserDefinedFunctions].RegexMatch; -GO +EXEC sp_configure 'clr enabled', 1 +GO + +RECONFIGURE +GO + +USE master; + +go + +DROP LOGIN webgoat_guest; + +go + +DROP database webgoat; + +go + + +CREATE database webgoat; + +go + +USE webgoat; + +go + +CREATE SCHEMA webgoat_guest; + +go + +CREATE LOGIN webgoat_guest with password = '_webgoat'; + +go + +CREATE USER webgoat_guest with default_schema = webgoat_guest; + +go + +GRANT CONTROL TO webgoat_guest; + +go + + +CREATE TABLE WEBGOAT_guest.EMPLOYEE ( + userid INT NOT NULL PRIMARY KEY, + first_name VARCHAR(20), + last_name VARCHAR(20), + ssn VARCHAR(12), + password VARCHAR(10), + title VARCHAR(20), + phone VARCHAR(13), + address1 VARCHAR(80), + address2 VARCHAR(80), + manager INT, + start_date CHAR(8), + salary INT, + ccn VARCHAR(30), + ccn_limit INT, + disciplined_date CHAR(8), + disciplined_notes VARCHAR(60), + personal_description VARCHAR(60) +); + +go + +IF EXISTS +( + SELECT 1 + FROM INFORMATION_SCHEMA.ROUTINES + WHERE ROUTINE_NAME = 'UPDATE_EMPLOYEE' + AND ROUTINE_SCHEMA = 'webgoat_guest' + AND ROUTINE_TYPE = 'PROCEDURE' +) +BEGIN + DROP PROCEDURE webgoat_guest.UPDATE_EMPLOYEE + DROP PROCEDURE webgoat_guest.UPDATE_EMPLOYEE_BACKUP +END +GO + +CREATE PROCEDURE webgoat_guest.UPDATE_EMPLOYEE + @v_userid INT, + @v_first_name VARCHAR(20), + @v_last_name VARCHAR(20), + @v_ssn VARCHAR(12), + @v_title VARCHAR(20), + @v_phone VARCHAR(13), + @v_address1 VARCHAR(80), + @v_address2 VARCHAR(80), + @v_manager INT, + @v_start_date CHAR(8), + @v_salary INT, + @v_ccn VARCHAR(30), + @v_ccn_limit INT, + @v_disciplined_date CHAR(8), + @v_disciplined_notes VARCHAR(60), + @v_personal_description VARCHAR(60) +AS + UPDATE EMPLOYEE + SET + first_name = @v_first_name, + last_name = @v_last_name, + ssn = @v_ssn, + title = @v_title, + phone = @v_phone, + address1 = @v_address1, + address2 = @v_address2, + manager = @v_manager, + start_date = @v_Start_date, + salary = @v_salary, + ccn = @v_ccn, + ccn_limit = @v_ccn_limit, + disciplined_date = @v_disciplined_date, + disciplined_notes = @v_disciplined_notes, + personal_description = @v_personal_description + WHERE + userid = @v_userid; + +go + +CREATE PROCEDURE webgoat_guest.UPDATE_EMPLOYEE_BACKUP + @v_userid INT, + @v_first_name VARCHAR(20), + @v_last_name VARCHAR(20), + @v_ssn VARCHAR(12), + @v_title VARCHAR(20), + @v_phone VARCHAR(13), + @v_address1 VARCHAR(80), + @v_address2 VARCHAR(80), + @v_manager INT, + @v_start_date CHAR(8), + @v_salary INT, + @v_ccn VARCHAR(30), + @v_ccn_limit INT, + @v_disciplined_date CHAR(8), + @v_disciplined_notes VARCHAR(60), + @v_personal_description VARCHAR(60) +AS + UPDATE EMPLOYEE + SET + first_name = @v_first_name, + last_name = @v_last_name, + ssn = @v_ssn, + title = @v_title, + phone = @v_phone, + address1 = @v_address1, + address2 = @v_address2, + manager = @v_manager, + start_date = @v_Start_date, + salary = @v_salary, + ccn = @v_ccn, + ccn_limit = @v_ccn_limit, + disciplined_date = @v_disciplined_date, + disciplined_notes = @v_disciplined_notes, + personal_description = @v_personal_description + WHERE + userid = @v_userid; + +go + +IF EXISTS +( + SELECT 1 + FROM INFORMATION_SCHEMA.ROUTINES + WHERE ROUTINE_NAME = 'EMPLOYEE_LOGIN' + AND ROUTINE_SCHEMA = 'webgoat_guest' + AND ROUTINE_TYPE = 'FUNCTION' +) +BEGIN + DROP FUNCTION webgoat_guest.EMPLOYEE_LOGIN + DROP FUNCTION webgoat_guest.EMPLOYEE_LOGIN_BACKUP +END +GO + +CREATE FUNCTION webgoat_guest.EMPLOYEE_LOGIN ( + @v_id INT, + @v_password VARCHAR(100) +) RETURNS INTEGER +AS + BEGIN + DECLARE @sql nvarchar(4000), @count int + SELECT @sql = N'SELECT @cnt = COUNT(*) FROM EMPLOYEE WHERE USERID = ' + convert(varchar(10),@v_id) + N' AND PASSWORD = ''' + @v_password + N''''; + EXEC sp_executesql @sql, N'@cnt int OUTPUT', @cnt = @count OUTPUT + return @count + END +GO + +CREATE FUNCTION webgoat_guest.EMPLOYEE_LOGIN_BACKUP ( + @v_id INT, + @v_password VARCHAR(100) +) RETURNS INTEGER +AS + BEGIN + DECLARE @sql nvarchar(4000), @count int + SELECT @sql = N'SELECT @cnt = COUNT(*) FROM EMPLOYEE WHERE USERID = ' + convert(varchar(10),@v_id) + N' AND PASSWORD = ''' + @v_password + N''''; + EXEC sp_executesql @sql, N'@cnt int OUTPUT', @cnt = @count OUTPUT + return @count + END +GO + +IF EXISTS +( + SELECT 1 + FROM INFORMATION_SCHEMA.ROUTINES + WHERE ROUTINE_NAME = 'RegexMatch' + AND ROUTINE_SCHEMA = 'webgoat_guest' + AND ROUTINE_TYPE = 'FUNCTION' +) +BEGIN + DROP FUNCTION webgoat_guest.RegexMatch +END +GO + +IF EXISTS (SELECT name FROM sys.assemblies WHERE name = N'RegexMatch') + DROP ASSEMBLY RegexMatch; +GO + +CREATE ASSEMBLY RegexMatch FROM 'c:\AspectClassCD\WebGoat\RegexMatch.dll' WITH PERMISSION_SET = SAFE; +GO + +CREATE FUNCTION webgoat_guest.RegexMatch ( +@input NVARCHAR(MAX), +@pattern NVARCHAR(MAX) +) RETURNS BIT +AS EXTERNAL NAME RegexMatch.[UserDefinedFunctions].RegexMatch; +GO diff --git a/ webgoat/main/project/WebContent/lessons/Ajax/employees.xml b/ webgoat/main/project/WebContent/lessons/Ajax/employees.xml index ce301627f..c15e654b4 100644 --- a/ webgoat/main/project/WebContent/lessons/Ajax/employees.xml +++ b/ webgoat/main/project/WebContent/lessons/Ajax/employees.xml @@ -17,6 +17,8 @@ 10106 102 + 111 + 112 @@ -35,8 +37,8 @@ Hit Curly over head 101013 - 102 - + 112 + 103 @@ -54,8 +56,10 @@ Hit Moe back 101014 - 102 - + 102 + 111 + 112 + 104 @@ -73,7 +77,10 @@ Bothering Larry about webgoat problems 101013 - 102 + 107 + 102 + 111 + 112 @@ -92,7 +99,10 @@ NA 0 - 102 + 106 + 102 + 111 + 112 @@ -111,8 +121,10 @@ NA 0 - 102 - + 102 + 111 + 112 + 107 @@ -130,7 +142,9 @@ Hacked into accounting server. Modified personal pay. 61402 - 102 + 102 + 111 + 112 @@ -149,8 +163,11 @@ Tortuous Boot Camp workout at 5am. Employees felt sick. 61502 - 102 - + 107 + 102 + 111 + 112 + 109 @@ -168,8 +185,11 @@ Late to work 30 days in row due to excessive Halo 2 72804 - 102 - + 107 + 102 + 111 + 112 + 110 @@ -187,7 +207,10 @@ Used company cc to purchase new car. Limit adjusted. 112005 - 102 + 106 + 102 + 111 + 112 @@ -206,8 +229,8 @@ 112005 - 102 - + 112 + 112