dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Moved remotely

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@8 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64
2006-09-30 13:25:59 +00:00
parent 58c4d16530
commit a8ce18c72e
103 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
webgoat/main/project/JavaSource/org/owasp/webgoat/session/Authorization.java Normal file
View File

@ -0,0 +1,24 @@
package org.owasp.webgoat.session;
import java.util.Hashtable;
import java.util.Map;
public class Authorization
{
Map permissions = new Hashtable();
public Authorization()
{
}
public void setPermission(int userId, int functionId)
{
permissions.put(new Integer(userId), new Integer(functionId));
}
public boolean isAllowed(int userId, int functionId)
{
return (permissions.get(new Integer(userId)) != null);
}
}

448
webgoat/main/project/JavaSource/org/owasp/webgoat/session/Course.java Normal file
View File

@ -0,0 +1,448 @@
package org.owasp.webgoat.session;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import javax.servlet.ServletContext;
import org.owasp.webgoat.HammerHead;
import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.lessons.Category;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of the Open Web
* Application Security Project (http://www.owasp.org) This software package org.owasp.webgoat.is published by OWASP
* under the GPL. You should read and accept the LICENSE before you use, modify and/or redistribute
* this software.
*
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
* @created October 28, 2003
*/
public class Course
{
private List lessons = new ArrayList();
private final static String PROPERTIES_FILENAME = HammerHead.propertiesPath;
private WebgoatProperties properties = null;
public Course()
{
try
{
properties = new WebgoatProperties(PROPERTIES_FILENAME);
}
catch (IOException e)
{
System.out.println("Error loading WebGoat properties");
e.printStackTrace();
}
}
/**
* Description of the Method
*
* @param fileName Description of the Parameter
* @param path Description of the Parameter
* @param ext Description of the Parameter
* @return Description of the Return Value
*/
private String clean( String fileName, String path, String ext )
{
fileName = fileName.trim();
// check if file is a directory
if ( fileName.endsWith( "/" ) )
{
return fileName;
}
// check if file is a class or java file
if ( !fileName.endsWith( ext ) )
{
return null;
}
// if the file is in /WEB-INF/classes strip the dir info off
int index = fileName.indexOf( "/WEB-INF/classes/" );
if ( index != -1 )
{
fileName = fileName.substring( index + "/WEB-INF/classes/".length(), fileName.length() - ext.length() );
fileName = fileName.replace( '/', '.' );
fileName = fileName.replace( '\\', '.' );
}
else
{
// Strip off the leading path info
fileName = fileName.substring( path.length(), fileName.length() - ext.length() );
}
return fileName;
}
/**
* Description of the Method
* @param lesson Description of the Parameter
* @param context Description of the Parameter
* @param path Description of the Parameter
* @param courseName Description of the Parameter
* @param extension TODO
*/
private void findSourceResource( AbstractLesson lesson, ServletContext context, String path, String className, String extension )
{
//System.out.println("findSourceResource() looking for source files in: " + path);
//System.out.println("findSourceResource() looking for source files for class: " + className);
Set files = context.getResourcePaths( path );
Iterator fileIter = files.iterator();
String resource = null;
while ( fileIter.hasNext() )
{
resource = (String) fileIter.next();
//System.out.println("findSourceResource() inspecting resource: " + resource);
String lessonName = clean( resource, path, extension );
//System.out.println("findSourceResource() cleaned resource name: " + lessonName);
//if ( className != null )
//{
// System.out.println("Resource to check: " + resource);
// System.out.println("Lesson name: " + lessonName);
//}
// Not a match
if ( lessonName == null )
{
continue;
}
// A subdirectory
else if ( ( lessonName.length() != 1 ) && lessonName.endsWith( "/" ) )
{
findSourceResource( lesson, context, lessonName, className, extension );
}
// A source file
else
{
// Course name will be the fully qualified name:
// like lesson.admin.lessonName
if ( className.endsWith( lessonName ) )
{
int length = 0;
int index = className.indexOf("admin.");
if ( index == -1 )
{
index = className.indexOf("lessons.");
length = "lessons.".length();
}
else
{
length = "admin.".length();
}
className = className.substring(index + length);
//System.out.println("Resource to check: " + resource);
//System.out.println("Lesson name: " + lessonName);
//store the web path of the source file in the lesson
lesson.setSourceFileName(resource);
}
}
}
}
/**
* Description of the Method
* @param lesson Description of the Parameter
* @param context Description of the Parameter
* @param path Description of the Parameter
* @param courseName Description of the Parameter
* @param extension TODO
*/
private void findLessonPlanResource( AbstractLesson lesson, ServletContext context, String path, String courseName, String extension )
{
Set files = context.getResourcePaths( path );
Iterator fileIter = files.iterator();
String resource = null;
while ( fileIter.hasNext() )
{
resource = (String) fileIter.next();
String className = clean( resource, path, extension );
//if ( className != null )
//{
// System.out.println("ClassName: " + className);
// System.out.println("ResourceToCheck: " + resourceToCheck);
//}
if ( className == null )
{
continue;
}
else if ( ( className.length() != 1 ) && className.endsWith( "/" ) )
{
findLessonPlanResource( lesson, context, className, courseName, extension );
}
else
{
// Course name will be the fully qualified name:
// like lesson.admin.lessonName
if ( courseName.endsWith( className ) )
{
int length = 0;
int index = courseName.indexOf("admin.");
if ( index == -1 )
{
index = courseName.indexOf("lessons.");
length = "lessons.".length();
}
else
{
length = "admin.".length();
}
courseName = courseName.substring(index + length);
//System.out.println("ClassName: " + className);
//System.out.println("ResourceToCheck: " + resource);
//store the web path of the source file in the lesson
lesson.setLessonPlanFileName(resource);
}
}
}
}
/**
* Gets the categories attribute of the Course object
*
* @return The categories value
*/
public List getCategories()
{
List categories = new ArrayList();
Iterator iter = lessons.iterator();
while ( iter.hasNext() )
{
AbstractLesson lesson = (AbstractLesson) iter.next();
if ( !categories.contains( lesson.getCategory() ) )
{
categories.add( lesson.getCategory() );
}
}
Collections.sort( categories );
return categories;
}
/**
* Gets the firstLesson attribute of the Course object
*
* @return The firstLesson value
*/
public AbstractLesson getFirstLesson()
{
List roles = new ArrayList();
roles.add( AbstractLesson.USER_ROLE );
// Category 0 is the admin function. We want the first real category
// to be returned. This is noramally the General category and the Http Basics lesson
return ((AbstractLesson)getLessons( (Category)getCategories().get(1), roles).get(0));
}
/**
* Gets the lesson attribute of the Course object
*
* @param lessonId Description of the Parameter
* @param role Description of the Parameter
* @return The lesson value
*/
public AbstractLesson getLesson( WebSession s, int lessonId, List roles )
{
if (s.isHackedAdmin())
{
roles.add(AbstractLesson.HACKED_ADMIN_ROLE);
}
//System.out.println("getLesson() with roles: " + roles);
Iterator iter = lessons.iterator();
while ( iter.hasNext() )
{
AbstractLesson lesson = (AbstractLesson) iter.next();
//System.out.println("getLesson() at role: " + lesson.getRole());
if ( lesson.getScreenId() == lessonId && roles.contains(lesson.getRole()) )
{
return lesson;
}
}
return null;
}
public AbstractLesson getLesson( WebSession s, int lessonId, String role )
{
List roles = new Vector();
roles.add(role);
return getLesson(s, lessonId, roles);
}
public List getLessons( WebSession s, String role )
{
List roles = new Vector();
roles.add(role);
return getLessons(s, roles);
}
/**
* Gets the lessons attribute of the Course object
*
* @param role Description of the Parameter
* @return The lessons value
*/
public List getLessons( WebSession s, List roles )
{
if (s.isHackedAdmin())
{
roles.add(AbstractLesson.HACKED_ADMIN_ROLE);
}
List lessonList = new ArrayList();
Iterator categoryIter = getCategories().iterator();
while ( categoryIter.hasNext() )
{
lessonList.addAll( getLessons( s, (Category) categoryIter.next(), roles ) );
}
return lessonList;
}
/**
* Gets the lessons attribute of the Course object
*
* @param category Description of the Parameter
* @param role Description of the Parameter
* @return The lessons value
*/
private List getLessons( Category category, List roles )
{
List lessonList = new ArrayList();
Iterator iter = lessons.iterator();
while ( iter.hasNext() )
{
AbstractLesson lesson = (AbstractLesson) iter.next();
if ( lesson.getCategory().equals( category ) && roles.contains(lesson.getRole()) )
{
lessonList.add( lesson );
}
}
Collections.sort( lessonList );
// System.out.println(java.util.Arrays.asList(lessonList));
return lessonList;
}
public List getLessons( WebSession s, Category category, String role )
{
List roles = new Vector();
roles.add(role);
return getLessons(s, category, roles);
}
public List getLessons(WebSession s, Category category, List roles)
{
if (s.isHackedAdmin())
{
roles.add(AbstractLesson.HACKED_ADMIN_ROLE);
}
return getLessons(category, roles);
}
/**
* Description of the Method
*
* @param path Description of the Parameter
* @param context Description of the Parameter
*/
public void loadCourses( boolean enterprise, ServletContext context, String path )
{
Set files = context.getResourcePaths( path );
Iterator fileIter = files.iterator();
while ( fileIter.hasNext() )
{
String file = (String) fileIter.next();
String className = clean( file, path, ".class" );
//if ( className != null )
//{
// System.out.println( "Checking file: " + file );
// System.out.println( " class: " + className );
//}
if ( className == null )
{
continue;
}
else if ( ( className.length() != 1 ) && className.endsWith( "/" ) )
{
loadCourses( enterprise, context, className );
}
else
{
Class lessonClass = null;
try
{
lessonClass = Class.forName( className );
Object possibleLesson = lessonClass.newInstance();
if ( possibleLesson instanceof AbstractLesson )
{
AbstractLesson lesson = (AbstractLesson) possibleLesson;
// Determine if the screen is to be loaded. Look
// to see if the session parameter has been initialized.
// Look to see if the screen is an enterprise edition screen.
if ( !enterprise )
{
if ( lesson.isEnterprise() )
{
continue;
}
}
// Do not load instructor screens. Currently, they must be manually deployed.
if (lesson.getClass().getName().indexOf("instructor") > -1)
continue;
// There are two methods instead of one because the developer was not
// smart enough to figure out the recursive return value
findSourceResource( lesson, context, "/", className, ".java" );
findLessonPlanResource( lesson, context, "/", className, ".html" );
// Override lesson attributes based on properties.
lesson.update(properties);
if(lesson.getHidden() == false)
lessons.add( lesson );
//System.out.println( "Found lesson: " + lesson );
}
}
catch ( Exception e )
{
//System.out.println("Could not load lesson: " + className);
//e.printStackTrace();
}
}
}
}
}

852
webgoat/main/project/JavaSource/org/owasp/webgoat/session/CreateDB.java Normal file
View File

@ -0,0 +1,852 @@
package org.owasp.webgoat.session;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import org.owasp.webgoat.lessons.AbstractLesson;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of
* the Open Web Application Security Project (http://www.owasp.org) This
* software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and
* accept the LICENSE before you use, modify and/or redistribute this
* software.
*
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
*/
public class CreateDB
{
/**
* The main program for the AccessSqlInjection class
*
* @param args The command line arguments
*/
public static void main(String[] args)
{
CreateDB db = new CreateDB();
Connection connection = null;
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver").newInstance();
}
catch ( Exception e )
{
System.out.println("Failed to load DB driver");
e.printStackTrace();
}
try
{
connection = DriverManager.getConnection("jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat", "webgoat", "webgoat");
db.makeDB(connection);
}
catch ( Exception e )
{
System.out.println("Driver Manager failed!");
e.printStackTrace();
}
/**
* getAllEmployees
*/
String query = "SELECT userid,first_name,last_name FROM employee WHERE userid in (SELECT employee_id FROM ownership WHERE employer_id = 101)";
try
{
Statement answer_statement = connection.createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );
ResultSet answer_results = answer_statement.executeQuery( query );
answer_results.first();
int employeeId = answer_results.getInt("userid");
String firstName = answer_results.getString("first_name");
String lastName = answer_results.getString("last_name");
System.out.println("Query 1 Results: " + firstName + " " + lastName + " " + employeeId);
}
catch ( SQLException sqle )
{
sqle.printStackTrace();
}
/**
* isAllowed
*/
query = "SELECT * FROM auth WHERE role in (SELECT role FROM roles WHERE userid = 101) and functionid = 113";
try
{
Statement answer_statement = connection.createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );
ResultSet answer_results = answer_statement.executeQuery( query );
boolean allowed = answer_results.first();
//boolean allowed = answer_results.next();
if(allowed)
System.out.println("User is allowed");
else
System.out.println("User is NOT allowed");
}
catch ( SQLException sqle )
{
sqle.printStackTrace();
}
}
/**
* Description of the Method
*
* @param connection Description of the Parameter
*
* @exception SQLException Description of the Exception
*/
private void createMessageTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
// Drop admin user table
try
{
String dropTable = "DROP TABLE messages";
statement.executeUpdate(dropTable);
}
catch (SQLException e)
{
System.out.println("Error dropping message database");
}
// Create the new table
try
{
String createTableStatement = "CREATE TABLE messages ("
+ "num int not null,"
+ "title varchar(50),"
+ "message varchar(200),"
+ "user_name varchar(50) not null "
+ ")";
statement.executeUpdate(createTableStatement);
}
catch (SQLException e)
{
System.out.println("Error creating message database");
e.printStackTrace();
}
}
/**
* Description of the Method
*
* @param connection Description of the Parameter
*
* @exception SQLException Description of the Exception
*/
private void createProductTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
// Drop admin user table
try
{
String dropTable = "DROP TABLE product_system_data";
statement.executeUpdate(dropTable);
}
catch (SQLException e)
{
System.out.println("Error dropping product database");
}
// Create the new table
try
{
String createTableStatement = "CREATE TABLE product_system_data ("
+ "productid varchar(6) not null primary key,"
+ "product_name varchar(20),"
+ "price varchar(10)" + ")";
statement.executeUpdate(createTableStatement);
}
catch (SQLException e)
{
System.out.println("Error creating product database");
e.printStackTrace();
}
// Populate
String insertData1 = "INSERT INTO product_system_data VALUES ('32226','Dog Bone','$1.99')";
String insertData2 = "INSERT INTO product_system_data VALUES ('35632','DVD Player','$214.99')";
String insertData3 = "INSERT INTO product_system_data VALUES ('24569','60 GB Hard Drive','$149.99')";
String insertData4 = "INSERT INTO product_system_data VALUES ('56970','80 GB Hard Drive','$179.99')";
String insertData5 = "INSERT INTO product_system_data VALUES ('14365','56 inch HDTV','$6999.99')";
statement.executeUpdate(insertData1);
statement.executeUpdate(insertData2);
statement.executeUpdate(insertData3);
statement.executeUpdate(insertData4);
statement.executeUpdate(insertData5);
}
/**
* Description of the Method
*
* @param connection Description of the Parameter
*
* @exception SQLException Description of the Exception
*/
private void createUserAdminTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
// Drop admin user table
try
{
String dropTable = "DROP TABLE user_system_data";
statement.executeUpdate(dropTable);
}
catch (SQLException e)
{
System.out.println("Error dropping user admin database");
}
// Create the new table
try
{
String createTableStatement = "CREATE TABLE user_system_data ("
+ "userid varchar(5) not null primary key,"
+ "user_name varchar(12),"
+ "password varchar(10),"
+ "cookie varchar(30)"
+ ")";
statement.executeUpdate(createTableStatement);
}
catch (SQLException e)
{
System.out.println("Error creating user admin database");
e.printStackTrace();
}
// Populate
String insertData1 = "INSERT INTO user_system_data VALUES ('101','jsnow','passwd1', '')";
String insertData2 = "INSERT INTO user_system_data VALUES ('102','jdoe','passwd2', '')";
String insertData3 = "INSERT INTO user_system_data VALUES ('103','jplane','passwd3', '')";
String insertData4 = "INSERT INTO user_system_data VALUES ('104','jeff','jeff', '')";
String insertData5 = "INSERT INTO user_system_data VALUES ('105','dave','dave', '')";
statement.executeUpdate(insertData1);
statement.executeUpdate(insertData2);
statement.executeUpdate(insertData3);
statement.executeUpdate(insertData4);
statement.executeUpdate(insertData5);
}
/**
* Description of the Method
*
* @param connection Description of the Parameter
*
* @exception SQLException Description of the Exception
*/
private void createUserDataTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
// Delete table if there is one
try
{
String dropTable = "DROP TABLE user_data";
statement.executeUpdate(dropTable);
}
catch (SQLException e)
{
System.out.println("Error dropping user database");
}
// Create the new table
try
{
String createTableStatement = "CREATE TABLE user_data ("
+ "userid int not null,"
+ "first_name varchar(20),"
+ "last_name varchar(20),"
+ "cc_number varchar(30),"
+ "cc_type varchar(10),"
+ "cookie varchar(20),"
+ "login_count int"
+ ")";
statement.executeUpdate(createTableStatement);
}
catch (SQLException e)
{
System.out.println("Error creating user database");
e.printStackTrace();
}
// Populate it
String insertData1 = "INSERT INTO user_data VALUES (101,'Joe','Snow','987654321','VISA',' ',0)";
String insertData2 = "INSERT INTO user_data VALUES (101,'Joe','Snow','2234200065411','MC',' ',0)";
String insertData3 = "INSERT INTO user_data VALUES (102,'John','Smith','2435600002222','MC',' ',0)";
String insertData4 = "INSERT INTO user_data VALUES (102,'John','Smith','4352209902222','AMEX',' ',0)";
String insertData5 = "INSERT INTO user_data VALUES (103,'Jane','Plane','123456789','MC',' ',0)";
String insertData6 = "INSERT INTO user_data VALUES (103,'Jane','Plane','333498703333','AMEX',' ',0)";
String insertData7 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','176896789','MC',' ',0)";
String insertData8 = "INSERT INTO user_data VALUES (10312,'Jolly','Hershey','333300003333','AMEX',' ',0)";
String insertData9 = "INSERT INTO user_data VALUES (10323,'Grumpy','White','673834489','MC',' ',0)";
String insertData10 = "INSERT INTO user_data VALUES (10323,'Grumpy','White','33413003333','AMEX',' ',0)";
String insertData11 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','123609789','MC',' ',0)";
String insertData12 = "INSERT INTO user_data VALUES (15603,'Peter','Sand','338893453333','AMEX',' ',0)";
String insertData13 = "INSERT INTO user_data VALUES (15613,'Joesph','Something','33843453533','AMEX',' ',0)";
statement.executeUpdate(insertData1);
statement.executeUpdate(insertData2);
statement.executeUpdate(insertData3);
statement.executeUpdate(insertData4);
statement.executeUpdate(insertData5);
statement.executeUpdate(insertData6);
statement.executeUpdate(insertData7);
statement.executeUpdate(insertData8);
statement.executeUpdate(insertData9);
statement.executeUpdate(insertData10);
statement.executeUpdate(insertData11);
statement.executeUpdate(insertData12);
statement.executeUpdate(insertData13);
}
private void createLoginTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
// Delete table if there is one
try
{
String dropTable = "DROP TABLE user_login";
statement.executeUpdate(dropTable);
}
catch (SQLException e)
{
System.out.println("Error dropping user_login table");
}
// Create the new table
try
{
String createTableStatement = "CREATE TABLE user_login ("
+ "userid varchar(5),"
+ "webgoat_user varchar(20)"
+ ")";
statement.executeUpdate(createTableStatement);
}
catch (SQLException e)
{
System.out.println("Error creating user database");
e.printStackTrace();
}
}
/**
* Description of the Method
*
* @param connection Description of the Parameter
*
* @exception SQLException Description of the Exception
*/
private void createWeatherDataTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
// Delete table if there is one
try
{
String dropTable = "DROP TABLE weather_data";
statement.executeUpdate(dropTable);
}
catch (SQLException e)
{
System.out.println("Error dropping weather database");
}
// Create the new table
try
{
String createTableStatement = "CREATE TABLE weather_data ("
+ "station int not null,"
+ "name varchar(20) not null,"
+ "state char(2) not null,"
+ "min_temp int not null,"
+ "max_temp int not null"
+ ")";
statement.executeUpdate(createTableStatement);
}
catch (SQLException e)
{
System.out.println("Error creating weather database");
e.printStackTrace();
}
// Populate it
String insertData1 = "INSERT INTO weather_data VALUES (101,'Columbia','MD',-10,102)";
String insertData2 = "INSERT INTO weather_data VALUES (102,'Seattle','WA',-15,90)";
String insertData3 = "INSERT INTO weather_data VALUES (103,'New York','NY',-10,110)";
String insertData4 = "INSERT INTO weather_data VALUES (104,'Houston','TX',20,120)";
String insertData5 = "INSERT INTO weather_data VALUES (10001,'Camp David','MD',-10,100)";
String insertData6 = "INSERT INTO weather_data VALUES (11001,'Ice Station Zebra','NA',-60,30)";
statement.executeUpdate(insertData1);
statement.executeUpdate(insertData2);
statement.executeUpdate(insertData3);
statement.executeUpdate(insertData4);
statement.executeUpdate(insertData5);
statement.executeUpdate(insertData6);
}
//--------------------------------------------------------------------------
//--------------------------------------------------------------------------
//
// The tables below are for WebGoat Financials
//
// DO NOT MODIFY THESE TABLES - unless you change the org chart
// and access control matrix documents
//
//--------------------------------------------------------------------------
//--------------------------------------------------------------------------
private void createEmployeeTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
try
{
String dropTable = "DROP TABLE employee";
statement.executeUpdate(dropTable);
}
catch ( SQLException e )
{
System.out.println("Error: unable to drop employee table");
}
// Create Table
try
{
String createTable = "CREATE TABLE employee ("
//+ "userid INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,"
+ "userid INT NOT NULL PRIMARY KEY,"
+ "first_name VARCHAR(20),"
+ "last_name VARCHAR(20),"
+ "ssn VARCHAR(12),"
+ "password VARCHAR(10),"
+ "title VARCHAR(20),"
+ "phone VARCHAR(13),"
+ "address1 VARCHAR(80),"
+ "address2 VARCHAR(80),"
+ "manager INT,"
+ "start_date CHAR(8),"
+ "salary INT,"
+ "ccn VARCHAR(30),"
+ "ccn_limit INT,"
+ "disciplined_date CHAR(8)," // date of write up, NA otherwise
+ "disciplined_notes VARCHAR(60)," // reason for the recent write-up
+ "personal_description VARCHAR(60)" // We can be rude here
//+ ",CONSTRAINT fl UNIQUE NONCLUSTERED (first_name, last_name)"
+ ")";
statement.executeUpdate(createTable);
}
catch ( SQLException e )
{
System.out.println("Error: unable to create employee table");
}
String insertData1 = "INSERT INTO employee VALUES (101, 'Larry', 'Stooge', '386-09-5451', 'larry'," +
"'Technician','443-689-0192','9175 Guilford Rd','New York, NY', 102, 01012000,55000,'2578546969853547'," +
"5000,010106,'Constantly harrassing coworkers','Does not work well with others')";
String insertData2 = "INSERT INTO employee VALUES (102, 'Moe', 'Stooge', '936-18-4524','moe'," +
"'CSO','443-938-5301', '3013 AMD Ave', 'New York, NY', 112, 03082003, 140000, 'NA', 0, 0101013, " +
"'Hit Curly over head', 'Very dominating over Larry and Curly')";
String insertData3 = "INSERT INTO employee VALUES (103, 'Curly', 'Stooge', '961-08-0047','curly'," +
"'Technician','410-667-6654', '1112 Crusoe Lane', 'New York, NY', 102, 02122001, 50000, 'NA', 0, 0101014, " +
"'Hit Moe back', 'Owes three-thousand to company for fradulent purchases')";
String insertData4 = "INSERT INTO employee VALUES (104, 'Eric', 'Walker', '445-66-5565','eric'," +
"'Engineer','410-887-1193', '1160 Prescott Rd', 'New York, NY', 107, 12152005, 13000, 'NA', 0, 0101013, " +
"'Bothering Larry about webgoat problems', 'Late. Always needs help. Too intern-ish.')";
String insertData5 = "INSERT INTO employee VALUES (105, 'Tom', 'Cat', '792-14-6364','tom'," +
"'Engineer','443-599-0762', '2211 HyperThread Rd.', 'New York, NY', 106, 01011999, 80000, '5481360857968521', 30000, 0, " +
"'NA', 'Co-Owner.')";
String insertData6 = "INSERT INTO employee VALUES (106, 'Jerry', 'Mouse', '858-55-4452','jerry'," +
"'Human Resources','443-699-3366', '3011 Unix Drive', 'New York, NY', 102, 01011999, 70000, '6981754825013564', 20000, 0, " +
"'NA', 'Co-Owner.')";
String insertData7 = "INSERT INTO employee VALUES (107, 'David', 'Giambi', '439-20-9405','david'," +
"'Human Resources','610-521-8413', '5132 DIMM Avenue', 'New York, NY', 102, 05011999, 100000, '6981754825018101', 10000, 061402, " +
"'Hacked into accounting server. Modified personal pay.', 'Strong work habbit. Questionable ethics.')";
String insertData8 = "INSERT INTO employee VALUES (108, 'Bruce', 'McGuirre', '707-95-9482','bruce'," +
"'Engineer','610-282-1103', '8899 FreeBSD Drive<script>alert(document.cookie)</script> ', 'New York, NY', 107, 03012000, 110000, '6981754825854136', 30000, 061502, " +
"'Tortuous Boot Camp workout at 5am. Employees felt sick.', 'Enjoys watching others struggle in exercises.')";
String insertData9 = "INSERT INTO employee VALUES (109, 'Sean', 'Livingston', '136-55-1046','sean'," +
"'Engineer','610-878-9549', '6422 dFlyBSD Road', 'New York, NY', 107, 06012003, 130000, '6981754825014510', 5000, 072804, " +
"'Late to work 30 days in row due to excessive Halo 2', 'Has some fascination with Steelers. Go Ravens.')";
String insertData10 = "INSERT INTO employee VALUES (110, 'Joanne', 'McDougal', '789-54-2413','joanne'," +
"'Human Resources','610-213-6341', '5567 Broadband Lane', 'New York, NY', 106, 01012001, 90000, '6981754825081054', 300, 112005, " +
"'Used company cc to purchase new car. Limit adjusted.', 'Finds it necessary to leave early every day.')";
String insertData11 = "INSERT INTO employee VALUES (111, 'John', 'Wayne', '129-69-4572', 'john'," +
"'CTO','610-213-1134', '129 Third St', 'New York, NY', 112, 01012001, 200000, '4437334565679921', 300, 112005, " +
"'', '')";
String insertData12 = "INSERT INTO employee VALUES (112, 'Neville', 'Bartholomew', '111-111-1111', 'socks'," +
"'CEO','408-587-0024', '1 Corporate Headquarters', 'San Jose, CA', 112, 03012000, 450000, '4803389267684109', 300, 112005, " +
"'', '')";
statement.executeUpdate(insertData1);
statement.executeUpdate(insertData2);
statement.executeUpdate(insertData3);
statement.executeUpdate(insertData4);
statement.executeUpdate(insertData5);
statement.executeUpdate(insertData6);
statement.executeUpdate(insertData7);
statement.executeUpdate(insertData8);
statement.executeUpdate(insertData9);
statement.executeUpdate(insertData10);
statement.executeUpdate(insertData11);
statement.executeUpdate(insertData12);
}
private void createRolesTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
try
{
String dropTable = "DROP TABLE roles";
statement.executeUpdate(dropTable);
}
catch ( SQLException e )
{
System.out.println("Error: unable to drop roles");
}
try
{
String createTable = "CREATE TABLE roles ("
+ "userid INT NOT NULL,"
+ "role VARCHAR(10) NOT NULL,"
+ "PRIMARY KEY (userid, role)"
+ ")";
statement.executeUpdate(createTable);
}
catch ( SQLException e )
{
System.out.println ("Error: Unable to create role table");
}
String insertData1 = "INSERT INTO roles VALUES (101, 'employee')";
String insertData2 = "INSERT INTO roles VALUES (102, 'manager')";
String insertData3 = "INSERT INTO roles VALUES (103, 'employee')";
String insertData4 = "INSERT INTO roles VALUES (104, 'employee')";
String insertData5 = "INSERT INTO roles VALUES (105, 'employee')";
String insertData6 = "INSERT INTO roles VALUES (106, 'hr')";
String insertData7 = "INSERT INTO roles VALUES (107, 'manager')";
String insertData8 = "INSERT INTO roles VALUES (108, 'employee')";
String insertData9 = "INSERT INTO roles VALUES (109, 'employee')";
String insertData10 = "INSERT INTO roles VALUES (110, 'hr')";
String insertData11 = "INSERT INTO roles VALUES (111, 'admin')";
String insertData12 = "INSERT INTO roles VALUES (112, 'admin')";
statement.executeUpdate(insertData1);
statement.executeUpdate(insertData2);
statement.executeUpdate(insertData3);
statement.executeUpdate(insertData4);
statement.executeUpdate(insertData5);
statement.executeUpdate(insertData6);
statement.executeUpdate(insertData7);
statement.executeUpdate(insertData8);
statement.executeUpdate(insertData9);
statement.executeUpdate(insertData10);
statement.executeUpdate(insertData11);
statement.executeUpdate(insertData12);
}
private void createAuthTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
try
{
String dropTable = "DROP TABLE auth";
statement.executeUpdate(dropTable);
}
catch ( SQLException e )
{
System.out.println("Error: unable to drop auth");
}
try
{
String createTable = "CREATE TABLE auth ("
+ "role VARCHAR(10) NOT NULL,"
+ "functionid VARCHAR(20) NOT NULL,"
+ "PRIMARY KEY (role, functionid)"
+ ")";
statement.executeUpdate(createTable);
}
catch ( SQLException e )
{
System.out.println("Error: unable to create auth table");
}
String insertData1 = "INSERT INTO auth VALUES('employee', 'Logout')";
String insertData2 = "INSERT INTO auth VALUES('employee', 'ListStaff')";
String insertData3 = "INSERT INTO auth VALUES('employee', 'ViewProfile')";
String insertData4 = "INSERT INTO auth VALUES('employee', 'EditProfile')";
String insertData4_1 = "INSERT INTO auth VALUES('employee', 'SearchStaff')";
String insertData4_2 = "INSERT INTO auth VALUES('employee', 'FindProfile')";
String insertData5 = "INSERT INTO auth VALUES('manager', 'Logout')";
String insertData6 = "INSERT INTO auth VALUES('manager', 'ListStaff')";
String insertData7 = "INSERT INTO auth VALUES('manager', 'ViewProfile')";
String insertData7_1 = "INSERT INTO auth VALUES('manager', 'SearchStaff')";
String insertData7_2 = "INSERT INTO auth VALUES('manager', 'FindProfile')";
// String insertData8 = "INSERT INTO auth VALUES('manager', 'EditProfile')";
// String insertData9 = "INSERT INTO auth VALUES('manager', 'CreateProfile')";
// String insertData10 = "INSERT INTO auth VALUES('manager', 'DeleteProfile')";
// String insertData11 = "INSERT INTO auth VALUES('manager', 'UpdateProfile')";
String insertData12 = "INSERT INTO auth VALUES('hr', 'Logout')";
String insertData13 = "INSERT INTO auth VALUES('hr', 'ListStaff')";
String insertData14 = "INSERT INTO auth VALUES('hr', 'ViewProfile')";
String insertData15 = "INSERT INTO auth VALUES('hr', 'EditProfile')";
String insertData16 = "INSERT INTO auth VALUES('hr', 'CreateProfile')";
String insertData17 = "INSERT INTO auth VALUES('hr', 'DeleteProfile')";
String insertData18 = "INSERT INTO auth VALUES('hr', 'UpdateProfile')";
String insertData18_1 = "INSERT INTO auth VALUES('hr', 'SearchStaff')";
String insertData18_2 = "INSERT INTO auth VALUES('hr', 'FindProfile')";
String insertData19 = "INSERT INTO auth VALUES('admin', 'Logout')";
String insertData20 = "INSERT INTO auth VALUES('admin', 'ListStaff')";
String insertData21 = "INSERT INTO auth VALUES('admin', 'ViewProfile')";
String insertData22 = "INSERT INTO auth VALUES('admin', 'EditProfile')";
String insertData23 = "INSERT INTO auth VALUES('admin', 'CreateProfile')";
String insertData24 = "INSERT INTO auth VALUES('admin', 'DeleteProfile')";
String insertData25 = "INSERT INTO auth VALUES('admin', 'UpdateProfile')";
String insertData25_1 = "INSERT INTO auth VALUES('admin', 'SearchStaff')";
String insertData25_2 = "INSERT INTO auth VALUES('admin', 'FindProfile')";
// Add a permission for the webgoat role to see the source.
// The challenge(s) will change the default role to "challenge"
String insertData26 = "INSERT INTO auth VALUES('" + AbstractLesson.USER_ROLE + "','" + WebSession.SHOWSOURCE +"')";
String insertData27 = "INSERT INTO auth VALUES('" + AbstractLesson.USER_ROLE + "','" + WebSession.SHOWHINTS + "')";
statement.executeUpdate(insertData1);
statement.executeUpdate(insertData2);
statement.executeUpdate(insertData3);
statement.executeUpdate(insertData4);
statement.executeUpdate(insertData4_1);
statement.executeUpdate(insertData4_2);
statement.executeUpdate(insertData5);
statement.executeUpdate(insertData6);
statement.executeUpdate(insertData7);
statement.executeUpdate(insertData7_1);
statement.executeUpdate(insertData7_2);
// statement.executeUpdate(insertData8);
// statement.executeUpdate(insertData9);
// statement.executeUpdate(insertData10);
// statement.executeUpdate(insertData11);
statement.executeUpdate(insertData12);
statement.executeUpdate(insertData13);
statement.executeUpdate(insertData14);
statement.executeUpdate(insertData15);
statement.executeUpdate(insertData16);
statement.executeUpdate(insertData17);
statement.executeUpdate(insertData18);
statement.executeUpdate(insertData18_1);
statement.executeUpdate(insertData18_2);
statement.executeUpdate(insertData19);
statement.executeUpdate(insertData20);
statement.executeUpdate(insertData21);
statement.executeUpdate(insertData22);
statement.executeUpdate(insertData23);
statement.executeUpdate(insertData24);
statement.executeUpdate(insertData25);
statement.executeUpdate(insertData25_1);
statement.executeUpdate(insertData25_2);
statement.executeUpdate(insertData26);
statement.executeUpdate(insertData27);
}
private void createOwnershipTable(Connection connection) throws SQLException
{
Statement statement = connection.createStatement();
try
{
String dropTable = "DROP TABLE ownership";
statement.executeUpdate(dropTable);
}
catch ( SQLException e )
{
System.out.println("Error: unable to drop ownership");
}
try
{
String createTable = "CREATE TABLE ownership ("
+ "employer_id INT NOT NULL,"
+ "employee_id INT NOT NULL,"
+ "PRIMARY KEY (employee_id, employer_id)"
+ ")";
statement.executeUpdate(createTable);
}
catch ( SQLException e )
{
System.out.println("Error: unable to create ownership table");
}
String inputData = "INSERT INTO ownership VALUES (112, 101)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 102)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 103)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 104)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 105)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 106)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 107)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 108)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 109)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 110)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 111)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (112, 112)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 101)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 102)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 103)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 104)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 105)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 106)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 107)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 108)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 109)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 110)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (102, 111)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 101)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 102)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 103)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 104)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 105)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 106)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 107)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 108)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 109)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 110)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (111, 111)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (106, 105)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (106, 106)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (106, 110)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (101, 101)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (103, 103)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (107, 104)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (107, 108)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (107, 109)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (107, 107)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (105, 105)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (110, 110)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (104, 104)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (108, 108)";
statement.executeUpdate(inputData);
inputData = "INSERT INTO ownership VALUES (109, 109)";
statement.executeUpdate(inputData);
}
//--------------------------------------------------------------------------
//
// End of WebGoat Financials
//
//--------------------------------------------------------------------------
/**
* Description of the Method
*
* @param connection Description of the Parameter
*
* @exception SQLException Description of the Exception
*/
public void makeDB(Connection connection) throws SQLException
{
System.out.println("Successful connection to database");
createUserDataTable(connection);
createLoginTable(connection);
createUserAdminTable(connection);
createProductTable(connection);
createMessageTable(connection);
createEmployeeTable(connection);
createRolesTable(connection);
createAuthTable(connection);
createOwnershipTable(connection);
createWeatherDataTable(connection);
System.out.println("Success: creating tables.");
}
}

135
webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java Normal file
View File

@ -0,0 +1,135 @@
package org.owasp.webgoat.session;
import java.io.File;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.SQLException;
import org.apache.ecs.MultiPartElement;
import org.apache.ecs.html.B;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of
* the Open Web Application Security Project (http://www.owasp.org) This
* software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and
* accept the LICENSE before you use, modify and/or redistribute this
* software.
*
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
*/
public class DatabaseUtilities
{
public static String servletContextRealPath = null;
/**
* Description of the Method
*
* @param s Description of the Parameter
*
* @return Description of the Return Value
*
* @exception ClassNotFoundException Description of the Exception
* @exception SQLException Description of the Exception
*/
public static Connection makeConnection(WebSession s) throws ClassNotFoundException, SQLException
{
Class.forName(s.getDatabaseDriver());
return (DriverManager.getConnection(s.getDatabaseConnectionString()));
}
public static Connection makeConnection(String driverName, String connectionString)
throws ClassNotFoundException, SQLException
{
Class.forName(driverName);
return (DriverManager.getConnection(connectionString));
}
public static Connection makeConnection() {
try
{
// FIXME: Work around for not having a session object with the web service lessons
// This is the same "logic" in the web.xml file
// Get the path to webgoat database
String dbName = (servletContextRealPath + "database" + File.separator);
String os = System.getProperty("os.name","Windows");
if ( os.toLowerCase().indexOf("window") != -1 )
{
dbName = dbName.concat("webgoat.mdb");
System.out.println("DBName: " + dbName);
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
return DriverManager.getConnection("jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=" + dbName + ";PWD=webgoat");
}
else
{
dbName = dbName.concat("database.prp");
Class.forName("org.enhydra.instantdb.jdbc.idbDriver");
return DriverManager.getConnection("jdbc:idb:" + dbName);
}
}
catch (Exception e)
{
e.printStackTrace();
return null;
}
}
/**
* Description of the Method
*
* @param results Description of the Parameter
* @param resultsMetaData Description of the Parameter
*
* @return Description of the Return Value
*
* @exception IOException Description of the Exception
* @exception SQLException Description of the Exception
*/
public static MultiPartElement writeTable(ResultSet results, ResultSetMetaData resultsMetaData) throws IOException, SQLException
{
int numColumns = resultsMetaData.getColumnCount();
results.beforeFirst();
if (results.next())
{
Table t = new Table(1); // 1 = with border
t.setCellPadding(1);
TR tr = new TR();
for (int i = 1; i < (numColumns + 1); i++)
{
tr.addElement(new TD(new B(resultsMetaData.getColumnName(i))));
}
t.addElement(tr);
results.beforeFirst();
while (results.next())
{
TR row = new TR();
for (int i = 1; i < (numColumns + 1); i++)
{
row.addElement(new TD(results.getString(i).replaceAll(" ", "&nbsp;")));
}
t.addElement(row);
}
return (t);
}
else
{
return (new B("Query Successful; however no data was returned from this query."));
}
}
}

688
webgoat/main/project/JavaSource/org/owasp/webgoat/session/ECSFactory.java Normal file
View File

@ -0,0 +1,688 @@
package org.owasp.webgoat.session;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import java.util.Vector;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.H3;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.Label;
import org.apache.ecs.html.Option;
import org.apache.ecs.html.P;
import org.apache.ecs.html.Select;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TH;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.U;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of the Open Web
* Application Security Project (http://www.owasp.org) This software package org.owasp.webgoat.is published by OWASP
* under the GPL. You should read and accept the LICENSE before you use, modify and/or redistribute
* this software.
*
* @author Jeff Williams (jeff.williams@aspectsecurity.com)
* @created October 29, 2003
*/
public class ECSFactory
{
/**
* Description of the Field
*/
public final static String ON = "On";
/**
* Description of the Field
*/
public final static String PASSWORD = "Password";
/**
* Don't let anyone instantiate this class
*/
private ECSFactory() { }
/**
* Description of the Method
*
* @param name Description of the Parameter
* @param value Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeBox( String name, String value )
{
Input i = new Input( Input.CHECKBOX, name, ON );
i.setChecked( value.equals( ON ) );
return ( i );
}
/**
* Description of the Method
*
* @param text Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeButton( String text )
{
Input b = new Input();
b.setType( Input.SUBMIT );
b.setValue( text );
b.setName(Input.SUBMIT);
return ( b );
}
/**
* Description of the Method
*
* @param labeltext Description of the Parameter
* @param value Description of the Parameter
* @param e Description of the Parameter
* @return Description of the Return Value
*/
public static TR makeField( String labeltext, String value, Element e )
{
TD left = new TD().setAlign( "right" );
Label label = new Label().addElement( labeltext );
left.addElement( label );
TD right = new TD().setAlign( "left" );
right.addElement( e );
TR row = new TR();
row.addElement( left );
row.addElement( right );
return ( row );
}
/**
* Description of the Method
*
* @param labeltext Description of the Parameter
* @param name Description of the Parameter
* @param value Description of the Parameter
* @param size Description of the Parameter
* @return Description of the Return Value
*/
public static TR makeField( String labeltext, String name, String value, int size )
{
Input field = new Input().setName( name ).setValue( value ).setSize( size ).setMaxlength( size );
// double check in case someone means to make a * starred out password field
if ( name.equals( PASSWORD ) )
{
field.setType( Input.PASSWORD );
}
return ( makeField( labeltext, value, field ) );
}
/**
* Description of the Method
*
* @param label Description of the Parameter
* @param type Description of the Parameter
* @param name Description of the Parameter
* @param value Description of the Parameter
* @param alignment Description of the Parameter
* @param selected Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeInput( String label, String type, String name, boolean value, boolean selected, String alignment )
{
return makeInput( label, type, name, new Boolean( value ).toString(), selected, alignment );
}
/**
* Description of the Method
*
* @param label Description of the Parameter
* @param type Description of the Parameter
* @param name Description of the Parameter
* @param value Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeInput( String label, String type, String name, String value )
{
return makeInput( label, type, name, value, new Boolean( value ).booleanValue(), "RIGHT" );
}
/**
* Description of the Method
*
* @param label Description of the Parameter
* @param type Description of the Parameter
* @param name Description of the Parameter
* @param value Description of the Parameter
* @param alignment Description of the Parameter
* @param selected Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeInput( String label, String type, String name, String value, boolean selected, String alignment )
{
ElementContainer ec = new ElementContainer();
if ( !alignment.equalsIgnoreCase( "LEFT" ) )
{
ec.addElement( new StringElement( label ) );
}
Input input = new Input( type, name, value );
ec.addElement( input );
if ( alignment.equalsIgnoreCase( "LEFT" ) )
{
ec.addElement( new StringElement( label ) );
}
if ( type.equalsIgnoreCase( "CHECKBOX" ) )
{
input.setChecked( selected );
}
return ( ec );
}
/**
* Description of the Method
*
* @param text Description of the Parameter
* @param name Description of the Parameter
* @param value Description of the Parameter
* @return Description of the Return Value
*/
public static A makeLink( String text, String name, String value )
{
String href = "attack?" + name;
if ( value.length() > 0 )
{
href = href + "=" + value;
}
A a = new A( href );
a.addElement( new U().addElement( text ) );
a.addAttribute( "style", "cursor:hand" );
return ( a );
}
/**
* Description of the Method
*
* @param text Description of the Parameter
* @param name Description of the Parameter
* @param value Description of the Parameter
* @return Description of the Return Value
*/
public static A makeLink( String text, String name, int value )
{
return ( makeLink( text, name, Integer.toString( value ) ) );
}
/**
* Description of the Method
*
* @param text Description of the Parameter
* @param name Description of the Parameter
* @param value Description of the Parameter
* @return Description of the Return Value
*/
public static A makeLink( String text, String name, boolean value )
{
return ( makeLink( text, name, new Boolean( value ).toString() ) );
}
/**
* Description of the Method
*
* @param text Description of the Parameter
* @param clickAction Description of the Parameter
* @param type Description of the Parameter
* @return Description of the Return Value
*/
public static Input makeOnClickInput( String text, String clickAction, String type )
{
Input b = new Input();
b.setType( type );
b.setValue( text );
b.setOnClick( clickAction );
return ( b );
}
/**
* Description of the Method
*
* @param labeltext Description of the Parameter
* @param value Description of the Parameter
* @param e Description of the Parameter
* @return Description of the Return Value
*/
public static TR makeOption( String labeltext, String value, Element e )
{
TD left = new TD().setAlign( "left" ).setWidth( "10%" );
left.addElement( e );
TD right = new TD().setAlign( "right" );
Label label = new Label().addElement( labeltext );
right.addElement( label );
TR row = new TR();
row.addElement( right );
row.addElement( left );
return ( row );
}
/**
* Description of the Method
*
* @param label Description of the Parameter
* @param value Description of the Parameter
* @return Description of the Return Value
*/
public static Option makeOption( String label, boolean value )
{
Option option = new Option( label, new Boolean( value ).toString() );
option.setSelected( value );
return option;
}
/**
* Description of the Method
*
* @param line Description of the Parameter
* @return Description of the Return Value
*/
private static org.apache.ecs.html.Option makeOption( String line )
{
StringTokenizer st = new StringTokenizer( line, "|" );
org.apache.ecs.html.Option o = new org.apache.ecs.html.Option();
String token = "";
if ( st.hasMoreTokens() )
{
token = st.nextToken();
}
o.addElement( token );
return ( o );
}
/**
* Description of the Method
*
* @param name Description of the Parameter
* @param options Description of the Parameter
* @return Description of the Return Value
*/
public static Element makePulldown( String name, List options )
{
Select s = new Select( name );
s.addElement( (String[]) options.toArray( new String[options.size()] ) );
return ( s );
}
/**
* Description of the Method
*
* @param results Description of the Parameter
* @return Description of the Return Value
*/
public static Element makePulldown( String name, String results )
{
Select select = new Select(name);
StringTokenizer st = new StringTokenizer( results, "\n" );
if ( !st.hasMoreTokens() )
{
return ( new StringElement( "" ) );
}
while ( st.hasMoreTokens() )
{
String line = st.nextToken();
select.addElement( makeOption( line ) );
}
select.addElement( "-------------------------" );
return ( select );
}
/**
* Description of the Method
*
* @param name Description of the Parameter
* @param list Description of the Parameter
* @param selected Description of the Parameter
* @param rowsShowing Description of the Parameter
* @return Description of the Return Value
*/
public static Select makePulldown( String name, Object[] list, String selected, int rowsShowing )
{
Select select = new Select( name );
for ( int loop = 0; loop < list.length; loop++ )
{
String value = list[loop].toString();
org.apache.ecs.html.Option o = new org.apache.ecs.html.Option( value, value, value );
if ( value.equals( selected ) )
{
o.setSelected( true );
}
select.addElement( o );
}
select.setSize( rowsShowing );
return select;
}
/**
* Default size of 1 for rows showing in select box.
*
* @param diffNames Description of the Parameter
* @param select Description of the Parameter
* @param name Description of the Parameter
* @param options Description of the Parameter
* @param list Description of the Parameter
* @param selected Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeSelect( boolean diffNames, Select select, String name, Vector options, String[] list, String selected )
{
return makeSelect( diffNames, select, name, options, list, selected, 1 );
}
/**
* Description of the Method
*
* @param diffNames Description of the Parameter
* @param select Description of the Parameter
* @param name Description of the Parameter
* @param options Description of the Parameter
* @param list Description of the Parameter
* @param selected Description of the Parameter
* @param rowsShowing Description of the Parameter
* @return Description of the Return Value
*/
public static Select makeSelect( boolean diffNames, Select select, String name, Vector options, String[] list, String selected, int rowsShowing )
{
if ( select == null )
{
select = new Select( name );
if ( diffNames )
{
for ( int loop = 0; loop < list.length; loop += 2 )
{
String value = list[loop];
String label = list[loop + 1];
org.apache.ecs.html.Option o = new org.apache.ecs.html.Option( value );
if ( loop == 0 )
{
o.setSelected( true );
}
options.addElement( o );// add to Vector containing all options
select.addElement( o );
select.addElement( label );
}
}
else
{
for ( int loop = 0; loop < list.length; loop++ )
{
String value = list[loop];
org.apache.ecs.html.Option o = new org.apache.ecs.html.Option( value );
if ( loop == 0 )
{
o.setSelected( true );
}
options.addElement( o );// add to Vector containing all options
select.addElement( o );
select.addElement( value );
}
}
}
// find selected option and set selected
Iterator i = options.iterator();
while ( i.hasNext() )
{
org.apache.ecs.html.Option o = (org.apache.ecs.html.Option) i.next();
if ( selected.equalsIgnoreCase( o.getAttribute( "value" ) ) )
{
o.setSelected( true );
}
}
select.setSize( rowsShowing );
return ( select );
}
/**
* Description of the Method
*
* @param title Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeTallHeader( String title )
{
StringBuffer buff = new StringBuffer();
for ( int i = 0; i < title.length(); i++ )
{
buff.append( title.charAt( i ) );
buff.append( "<BR>" );
}
return new TH( buff.toString() );
}
/**
* Description of the Method
*
* @param title Description of the Parameter
* @param text Description of the Parameter
* @return Description of the Return Value
*/
public static Element makeTextArea( String title, String text )
{
ElementContainer ec = new ElementContainer();
ec.addElement( new BR() );
ec.addElement( new H3().addElement( title ) );
ec.addElement( new P() );
ec.addElement( "<CENTER><TEXTAREA ROWS=10 COLS=90 READONLY>" + text + "</TEXTAREA></CENTER>" );
ec.addElement( new BR() );
ec.addElement( new BR() );
return ( ec );
}
}

218
webgoat/main/project/JavaSource/org/owasp/webgoat/session/Employee.java Normal file
View File

@ -0,0 +1,218 @@
package org.owasp.webgoat.session;
import java.io.Serializable;
public class Employee implements Serializable
{
public final static String EMPLOYEE_ROLE = "employee";
public final static String MANAGER_ROLE = "manager";
public final static String HR_ROLE = "hr";
private int id;
private String firstName;
private String lastName;
private String title;
private String ssn;
private String phone;
private String address1;
private String address2;
private int manager;
private String startDate;
private int salary;
private String ccn;
private int ccnLimit;
private String disciplinaryActionDate;
private String disciplinaryActionNotes;
private String personalDescription;
// FIXME: To be deleted
public Employee()
{
}
public Employee(
int id,
String firstName,
String lastName,
String ssn,
String title,
String phone,
String address1,
String address2,
int manager,
String startDate,
int salary,
String ccn,
int ccnLimit,
String disciplinaryActionDate,
String disciplinaryActionNotes,
String personalDescription)
{
this.id = id;
this.firstName = firstName;
this.lastName = lastName;
this.ssn = ssn;
this.title = title;
this.phone = phone;
this.address1 = address1;
this.address2 = address2;
this.manager = manager;
this.startDate = startDate;
this.salary = salary;
this.ccn = ccn;
this.ccnLimit = ccnLimit;
this.disciplinaryActionDate = disciplinaryActionDate;
this.disciplinaryActionNotes = disciplinaryActionNotes;
this.personalDescription = personalDescription;
}
public String getAddress1()
{
return address1;
}
public void setAddress1(String address1)
{
this.address1 = address1;
}
public String getAddress2()
{
return address2;
}
public void setAddress2(String address2)
{
this.address2 = address2;
}
public String getCcn()
{
return ccn;
}
public void setCcn(String ccn)
{
this.ccn = ccn;
}
public int getCcnLimit()
{
return ccnLimit;
}
public void setCcnLimit(int ccnLimit)
{
this.ccnLimit = ccnLimit;
}
public String getFirstName()
{
return firstName;
}
public void setFirstName(String firstName)
{
this.firstName = firstName;
}
public String getLastName()
{
return lastName;
}
public void setLastName(String lastName)
{
this.lastName = lastName;
}
public String getPhoneNumber()
{
return phone;
}
public void setPhoneNumber(String phone)
{
this.phone = phone;
}
public int getSalary()
{
return salary;
}
public void setSalary(int salary)
{
this.salary = salary;
}
public String getSsn()
{
return ssn;
}
public void setSsn(String ssn)
{
this.ssn = ssn;
}
public String getStartDate()
{
return startDate;
}
public void setStartDate(String startDate)
{
this.startDate = startDate;
}
public int getId()
{
return id;
}
public void setId(int id)
{
this.id = id;
}
public String getTitle()
{
return this.title;
}
public int getManager()
{
return this.manager;
}
public String getDisciplinaryActionDate()
{
return this.disciplinaryActionDate;
}
public String getDisciplinaryActionNotes()
{
return this.disciplinaryActionNotes;
}
public String getPersonalDescription()
{
return this.personalDescription;
}
}

44
webgoat/main/project/JavaSource/org/owasp/webgoat/session/EmployeeStub.java Normal file
View File

@ -0,0 +1,44 @@
package org.owasp.webgoat.session;
import java.io.Serializable;
public class EmployeeStub implements Serializable
{
private int id;
private String firstName;
private String lastName;
private String role;
public EmployeeStub(int id, String firstName, String lastName)
{
this(id, firstName, lastName, Employee.EMPLOYEE_ROLE);
}
public EmployeeStub(int id, String firstName, String lastName, String role)
{
this.id = id;
this.firstName = firstName;
this.lastName = lastName;
this.role = role;
}
public String getFirstName()
{
return firstName;
}
public int getId()
{
return id;
}
public String getLastName()
{
return lastName;
}
public String getRole()
{
return role;
}
}

255
webgoat/main/project/JavaSource/org/owasp/webgoat/session/ErrorScreen.java Normal file
View File

@ -0,0 +1,255 @@
package org.owasp.webgoat.session;
import java.io.ByteArrayOutputStream;
import java.io.PrintWriter;
import java.util.StringTokenizer;
import javax.servlet.ServletException;
import org.owasp.webgoat.lessons.AbstractLesson;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.HtmlColor;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.H2;
import org.apache.ecs.html.Small;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of the Open Web
* Application Security Project (http://www.owasp.org) This software package org.owasp.webgoat.is published by OWASP
* under the GPL. You should read and accept the LICENSE before you use, modify and/or redistribute
* this software.
*
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
* @created November 4, 2003
*/
public class ErrorScreen extends Screen
{
/**
* Description of the Field
*/
protected Throwable error;
/**
* Description of the Field
*/
protected String message;
/**
* Constructor for the ErrorScreen object
*
* @param s Description of the Parameter
* @param t Description of the Parameter
*/
public ErrorScreen( WebSession s, Throwable t )
{
this.error = t;
fixCurrentScreen( s );
setup( s );
}
/**
* Constructor for the ErrorScreen object
*
* @param s Description of the Parameter
* @param msg Description of the Parameter
*/
public ErrorScreen( WebSession s, String msg )
{
this.message = msg;
fixCurrentScreen( s );
setup( s );
}
public void fixCurrentScreen( WebSession s )
{
// So the user can't get stuck on the error screen, reset the
// current screen to something known
if ( s!= null )
{
try
{
s.setCurrentScreen( s.getCourse().getFirstLesson().getScreenId() );
}
catch ( Throwable t )
{
s.setCurrentScreen( WebSession.WELCOME );
}
}
}
public void setup( WebSession s )
{
// call createContent first so messages will go somewhere
Form form = new Form( "attack", Form.POST ).setName( "form" ).setEncType( "" );
form.addElement( wrapForm( s ) );
TD lowerright = new TD().setHeight( "100%" ).setVAlign( "top" ).setAlign( "left" ).addElement( form );
TR row = new TR().addElement( lowerright );
Table layout = new Table().setBgColor( HtmlColor.WHITE ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );
layout.addElement( row );
setContent(layout);
}
protected Element wrapForm( WebSession s )
{
if ( s == null )
{
return new StringElement( "Invalid Session" );
}
Table container = new Table().setWidth( "100%" ).setCellSpacing( 10 ).setCellPadding( 0 ).setBorder( 0 );
// CreateContent can generate error messages so you MUST call it before makeMessages()
Element content = createContent( s );
container.addElement( new TR().addElement( new TD().setColSpan( 2 ).setVAlign( "TOP" ).addElement(
makeMessages( s ) ) ) );
container.addElement( new TR().addElement( new TD().setColSpan( 2 ).addElement( content ) ) );
container.addElement( new TR() );
return ( container );
}
/**
* Description of the Method
*
* @param s Description of the Parameter
* @return Description of the Return Value
*/
protected Element createContent( WebSession s )
{
System.out.println( "errorscreen createContent Error:" + this.error + " message:" + this.message );
Element content;
if ( this.error != null )
{
content = createContent( this.error );
}
else if ( this.message != null )
{
content = createContent( this.message );
}
else
{
content = new StringElement( "An unknown error occurred." );
}
return content;
}
/**
* Description of the Method
*
* @param s Description of the Parameter
* @return Description of the Return Value
*/
protected Element createContent( String s )
{
StringElement list = new StringElement( s );
return ( list );
}
/**
* Description of the Method
*
* @param t Description of the Parameter
* @return Description of the Return Value
*/
protected Element createContent( Throwable t )
{
StringElement list = new StringElement();
list.addElement( new H2().addElement( new StringElement( "Error Message: " + t.getMessage() ) ) );
list.addElement( formatStackTrace( t ) );
if ( t instanceof ServletException )
{
Throwable root = ( (ServletException) t ).getRootCause();
if ( root != null )
{
list.addElement( new H2().addElement( new StringElement( "Root Message: " + root.getMessage() ) ) );
list.addElement( formatStackTrace( root ) );
}
}
return ( new Small().addElement( list ) );
}
public Element getCredits()
{
return new ElementContainer();
}
/**
* Description of the Method
*
* @param t Description of the Parameter
* @return Description of the Return Value
*/
public static Element formatStackTrace( Throwable t )
{
String trace = getStackTrace( t );
StringElement list = new StringElement();
StringTokenizer st = new StringTokenizer( trace, "\r\n\t" );
while ( st.hasMoreTokens() )
{
String line = st.nextToken();
list.addElement( new Div( line ) );
}
return ( list );
}
/**
* Gets the stackTrace attribute of the ErrorScreen class
*
* @param t Description of the Parameter
* @return The stackTrace value
*/
public static String getStackTrace( Throwable t )
{
ByteArrayOutputStream bytes = new ByteArrayOutputStream();
PrintWriter writer = new PrintWriter( bytes, true );
t.printStackTrace( writer );
return ( bytes.toString() );
}
/**
* Gets the title attribute of the ErrorScreen object
*
* @return The title value
*/
public String getTitle()
{
return ( "Error" );
}
public String getRole() {
return AbstractLesson.USER_ROLE;
}
}

36
webgoat/main/project/JavaSource/org/owasp/webgoat/session/LessonSession.java Normal file
View File

@ -0,0 +1,36 @@
package org.owasp.webgoat.session;
/**
* Represents a virtual session for a lesson. Lesson-specific session data may
* be stored here.
*
* @author David Anderson <a href="http://www.aspectsecurity.com">Aspect Security</a>
* @created January 19, 2006
*/
public class LessonSession
{
private boolean isAuthenticated = false;
private String currentLessonScreen;
public void setAuthenticated(boolean isAuthenticated)
{
this.isAuthenticated = isAuthenticated;
}
public boolean isAuthenticated()
{
return this.isAuthenticated;
}
public void setCurrentLessonScreen(String currentLessonScreen)
{
this.currentLessonScreen = currentLessonScreen;
}
public String getCurrentLessonScreen()
{
return this.currentLessonScreen;
}
}

384
webgoat/main/project/JavaSource/org/owasp/webgoat/session/LessonTracker.java Normal file
View File

@ -0,0 +1,384 @@
package org.owasp.webgoat.session;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.Properties;
/**
* Description of the Class
*
* @author Bruce Mayhew
* @created October 29, 2003
*/
public class LessonTracker
{
private boolean completed = false;
private int currentStage = 1;
private int maxHintLevel = 0;
private int numVisits = 0;
private boolean viewedCookies = false;
private boolean viewedHtml = false;
private boolean viewedLessonPlan = false;
private boolean viewedParameters = false;
private boolean viewedSource = false;
Properties lessonProperties = new Properties();
/**
* Gets the completed attribute of the LessonTracker object
*
* @return The completed value
*/
public boolean getCompleted()
{
return completed;
}
public int getStage()
{
return currentStage;
}
public void setStage(int stage)
{
currentStage = stage;
}
/**
* Gets the maxHintLevel attribute of the LessonTracker object
*
* @return The maxHintLevel value
*/
public int getMaxHintLevel()
{
return maxHintLevel;
}
/**
* Gets the numVisits attribute of the LessonTracker object
*
* @return The numVisits value
*/
public int getNumVisits()
{
return numVisits;
}
/**
* Gets the viewedCookies attribute of the LessonTracker object
*
* @return The viewedCookies value
*/
public boolean getViewedCookies()
{
return viewedCookies;
}
/**
* Gets the viewedHtml attribute of the LessonTracker object
*
* @return The viewedHtml value
*/
public boolean getViewedHtml()
{
return viewedHtml;
}
/**
* Gets the viewedLessonPlan attribute of the LessonTracker object
*
* @return The viewedLessonPlan value
*/
public boolean getViewedLessonPlan()
{
return viewedLessonPlan;
}
/**
* Gets the viewedParameters attribute of the LessonTracker object
*
* @return The viewedParameters value
*/
public boolean getViewedParameters()
{
return viewedParameters;
}
/**
* Gets the viewedSource attribute of the LessonTracker object
*
* @return The viewedSource value
*/
public boolean getViewedSource()
{
return viewedSource;
}
/**
* Description of the Method
*/
public void incrementNumVisits()
{
numVisits++;
}
/**
* Sets the properties attribute of the LessonTracker object
*
* @param props The new properties value
*/
private void setProperties( Properties props, Screen screen )
{
completed = Boolean.valueOf( props.getProperty( screen.getTitle() + ".completed" ) ).booleanValue();
maxHintLevel = Integer.parseInt( props.getProperty( screen.getTitle() + ".maxHintLevel" ) );
currentStage = Integer.parseInt( props.getProperty( screen.getTitle() + ".currentStage" ) );
numVisits = Integer.parseInt( props.getProperty( screen.getTitle() + ".numVisits" ) );
viewedCookies = Boolean.valueOf( props.getProperty( screen.getTitle() + ".viewedCookies" ) ).booleanValue();
viewedHtml = Boolean.valueOf( props.getProperty( screen.getTitle() + ".viewedHtml" ) ).booleanValue();
viewedLessonPlan = Boolean.valueOf( props.getProperty( screen.getTitle() + ".viewedLessonPlan" ) ).booleanValue();
viewedParameters = Boolean.valueOf( props.getProperty( screen.getTitle() + ".viewedParameters" ) ).booleanValue();
viewedSource = Boolean.valueOf( props.getProperty( screen.getTitle() + ".viewedSource" ) ).booleanValue();
}
public static String getUserDir( WebSession s )
{
return s.getContext().getRealPath( "users" ) +"/";
}
private static String getTrackerFile( WebSession s, String user, Screen screen )
{
return getUserDir( s ) + user + "." + screen.getClass().getName() + ".props";
}
/**
* Description of the Method
*
* @param screen Description of the Parameter
* @param s Description of the Parameter
* @return Description of the Return Value
*/
public static LessonTracker load( WebSession s, String user, Screen screen )
{
FileInputStream in = null;
try
{
String fileName = getTrackerFile(s, user, screen);
if ( fileName != null )
{
Properties tempProps = new Properties();
//System.out.println("Loading lesson state from: " + fileName);
in = new FileInputStream( fileName );
tempProps.load( in );
// allow the screen to use any custom properties it may have set
LessonTracker tempLessonTracker = screen.createLessonTracker( tempProps );
tempLessonTracker.setProperties( tempProps, screen );
return tempLessonTracker;
}
}
catch ( FileNotFoundException e )
{
// Normal if the lesson has not been accessed yet.
}
catch ( Exception e )
{
System.out.println("Failed to load lesson state for " + screen);
e.printStackTrace();
}
finally
{
try
{
in.close();
}
catch (Exception e) {}
}
return screen.createLessonTracker();
}
/**
* Sets the completed attribute of the LessonTracker object
*
* @param completed The new completed value
*/
public void setCompleted( boolean completed )
{
this.completed = completed;
}
/**
* Sets the maxHintLevel attribute of the LessonTracker object
*
* @param maxHintLevel The new maxHintLevel value
*/
public void setMaxHintLevel( int maxHintLevel )
{
this.maxHintLevel = Math.max( this.maxHintLevel, maxHintLevel );
}
/**
* Sets the viewedCookies attribute of the LessonTracker object
*
* @param viewedCookies The new viewedCookies value
*/
public void setViewedCookies( boolean viewedCookies )
{
this.viewedCookies = viewedCookies;
}
/**
* Sets the viewedHtml attribute of the LessonTracker object
*
* @param viewedHtml The new viewedHtml value
*/
public void setViewedHtml( boolean viewedHtml )
{
this.viewedHtml = viewedHtml;
}
/**
* Sets the viewedLessonPlan attribute of the LessonTracker object
*
* @param viewedLessonPlan The new viewedLessonPlan value
*/
public void setViewedLessonPlan( boolean viewedLessonPlan )
{
this.viewedLessonPlan = viewedLessonPlan;
}
/**
* Sets the viewedParameters attribute of the LessonTracker object
*
* @param viewedParameters The new viewedParameters value
*/
public void setViewedParameters( boolean viewedParameters )
{
this.viewedParameters = viewedParameters;
}
/**
* Sets the viewedSource attribute of the LessonTracker object
*
* @param viewedSource The new viewedSource value
*/
public void setViewedSource( boolean viewedSource )
{
this.viewedSource = viewedSource;
}
/**
* Allows the storing of properties for the logged in and a screen.
*
* @param s Description of the Parameter
*/
public void store( WebSession s, Screen screen )
{
store( s, screen, s.getUserName() );
}
/**
* Allows the storing of properties for a user and a screen.
*
* @param s Description of the Parameter
*/
public void store( WebSession s, Screen screen, String user )
{
FileOutputStream out = null;
String fileName = getTrackerFile(s, user, screen);
//System.out.println( "Storing data to" + fileName );
lessonProperties.setProperty( screen.getTitle() + ".completed", Boolean.toString( completed ) );
lessonProperties.setProperty( screen.getTitle() + ".currentStage", Integer.toString( currentStage ) );
lessonProperties.setProperty( screen.getTitle() + ".maxHintLevel", Integer.toString( maxHintLevel ) );
lessonProperties.setProperty( screen.getTitle() + ".numVisits", Integer.toString( numVisits ) );
lessonProperties.setProperty( screen.getTitle() + ".viewedCookies", Boolean.toString( viewedCookies ) );
lessonProperties.setProperty( screen.getTitle() + ".viewedHtml", Boolean.toString( viewedHtml ) );
lessonProperties.setProperty( screen.getTitle() + ".viewedLessonPlan", Boolean.toString( viewedLessonPlan ) );
lessonProperties.setProperty( screen.getTitle() + ".viewedParameters", Boolean.toString( viewedParameters ) );
lessonProperties.setProperty( screen.getTitle() + ".viewedSource", Boolean.toString( viewedSource ) );
try
{
out = new FileOutputStream( fileName );
lessonProperties.store( out, s.getUserName() );
}
catch ( Exception e )
{
// what do we want to do, I think nothing.
System.out.println( "Warning User data for " + s.getUserName() + " will not persist" );
}
finally
{
try
{
out.close();
}
catch (Exception e) {}
}
}
/**
* Description of the Method
*
* @return Description of the Return Value
*/
public String toString()
{
StringBuffer buff = new StringBuffer();
buff.append( "LessonTracker:" + "\n" );
buff.append( " - completed:.......... " + completed + "\n" );
buff.append( " - currentStage:....... " + currentStage + "\n" );
buff.append( " - maxHintLevel:....... " + maxHintLevel + "\n" );
buff.append( " - numVisits:.......... " + numVisits + "\n" );
buff.append( " - viewedCookies:...... " + viewedCookies + "\n" );
buff.append( " - viewedHtml:......... " + viewedHtml + "\n" );
buff.append( " - viewedLessonPlan:... " + viewedLessonPlan + "\n" );
buff.append( " - viewedParameters:... " + viewedParameters + "\n" );
buff.append( " - viewedSource:....... " + viewedSource + "\n" + "\n" );
return buff.toString();
}
/**
* @return Returns the lessonProperties.
*/
public Properties getLessonProperties()
{
return lessonProperties;
}
/**
* @param lessonProperties The lessonProperties to set.
*/
public void setLessonProperties(Properties lessonProperties)
{
this.lessonProperties = lessonProperties;
}
}

46
webgoat/main/project/JavaSource/org/owasp/webgoat/session/Parameter.java Normal file
View File

@ -0,0 +1,46 @@
package org.owasp.webgoat.session;
public class Parameter implements Comparable {
String name;
String value;
public Parameter(String name, String value) {
this.name=name;
this.value=value;
}
public String getName()
{
return name;
}
public String getValue()
{
return value;
}
//@Override
public boolean equals(Object obj) {
if ( obj instanceof Parameter )
{
Parameter other = (Parameter)obj;
return ( name.equals( other.getName() ) && value.equals( other.getValue() ) );
}
return false;
}
//@Override
public int hashCode() {
return toString().hashCode();
}
//@Override
public String toString() {
return( name + "=" + value );
}
public int compareTo(Object o) {
return toString().compareTo( o.toString() );
}
}

32
webgoat/main/project/JavaSource/org/owasp/webgoat/session/ParameterNotFoundException.java Normal file
View File

@ -0,0 +1,32 @@
package org.owasp.webgoat.session;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of
* the Open Web Application Security Project (http://www.owasp.org) This
* software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and
* accept the LICENSE before you use, modify and/or redistribute this software.
*
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
*/
public class ParameterNotFoundException extends Exception
{
/**
* Constructs a new ParameterNotFoundException with no detail message.
*/
public ParameterNotFoundException()
{
super();
}
/**
* Constructs a new ParameterNotFoundException with the specified detail
* message.
*
*@param s the detail message
*/
public ParameterNotFoundException(String s)
{
super(s);
}
}

1032
webgoat/main/project/JavaSource/org/owasp/webgoat/session/ParameterParser.java Normal file
View File

File diff suppressed because it is too large Load Diff

328
webgoat/main/project/JavaSource/org/owasp/webgoat/session/Screen.java Normal file
View File

@ -0,0 +1,328 @@
package org.owasp.webgoat.session;
import java.io.PrintWriter;
import java.util.Properties;
import org.apache.ecs.Element;
import org.apache.ecs.HtmlColor;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.B;
import org.apache.ecs.html.Font;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.TD;
import org.owasp.webgoat.lessons.AbstractLesson;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of the Open Web
* Application Security Project (http://www.owasp.org) This software package org.owasp.webgoat.is published by OWASP
* under the GPL. You should read and accept the LICENSE before you use, modify and/or redistribute
* this software.
*
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
* @created October 28, 2003
*/
public abstract class Screen
{
/**
* Description of the Field
*/
public static int MAIN_SIZE = 375;
//private Head head;
private Element content;
private LessonTracker lessonTracker;
final static IMG logo = new IMG( "images/aspectlogo-horizontal-small.jpg" ).setAlt( "Aspect Security" ).setBorder( 0 ).setHspace( 0 ).setVspace( 0 );
/**
* Constructor for the Screen object
*/
public Screen() { }
// FIXME: Each lesson should have a role assigned to it. Each user/student
// should also have a role(s) assigned. The user would only be allowed
// to see lessons that correspond to their role. Eventually these roles
// will be stored in the internal database. The user will be able to hack
// into the database and change their role. This will allow the user to
// see the admin screens, once they figure out how to turn the admin switch on.
public abstract String getRole();
/**
* Description of the Method
*
* @param s Description of the Parameter
* @return Description of the Return Value
*/
protected abstract Element createContent( WebSession s );
/**
* Gets the credits attribute of the Screen object
*
* @return The credits value
*/
public abstract Element getCredits();
/**
* Creates a new lessonTracker object.
*
* @param props The properties file that was used to persist the user data.
* @return Description of the Return Value
*/
public LessonTracker createLessonTracker( Properties props )
{
// If the lesson had any specialized properties in the user persisted properties,
// now would be the time to pull them out.
lessonTracker = createLessonTracker();
return lessonTracker;
}
/**
* This allows the screens to provide a custom LessonTracker object if needed.
*
* @return Description of the Return Value
*/
public LessonTracker createLessonTracker()
{
lessonTracker = new LessonTracker();
return lessonTracker;
}
/**
* Gets the lessonTracker attribute of the AbstractLesson object
*
* @param userName Description of the Parameter
* @return The lessonTracker value
*/
public LessonTracker getLessonTracker( WebSession s )
{
UserTracker userTracker = UserTracker.instance();
return userTracker.getLessonTracker( s, this );
}
public LessonTracker getLessonTracker( WebSession s, String userNameOverride )
{
UserTracker userTracker = UserTracker.instance();
return userTracker.getLessonTracker( s, userNameOverride, this );
}
public LessonTracker getLessonTracker( WebSession s, AbstractLesson lesson )
{
UserTracker userTracker = UserTracker.instance();
return userTracker.getLessonTracker( s, lesson );
}
/**
* Fill in a descriptive title for this lesson
*
* @return The title value
*/
public abstract String getTitle();
protected void setContent(Element content)
{
this.content = content;
}
/**
* Description of the Method
*
* @return Description of the Return Value
*/
protected Element makeLogo()
{
return new A("http://www.aspectsecurity.com/webgoat.html", logo);
}
public String getSponsor()
{
return "Aspect Security";
}
public String getSponsorLogoResource()
{
return "images/aspectlogo-horizontal-small.jpg";
}
/**
* Description of the Method
*
* @param text Description of the Parameter
* @return Description of the Return Value
*/
protected TD makeMenuCategory_DELETE_ME( String text )
{
return ( new TD().setWidth( "100%" ).addElement( new Font().setColor( HtmlColor.WHITE ).addElement( new B().addElement( text ) ) ) );
}
/**
* Description of the Method
*
* @param s Description of the Parameter
* @return Description of the Return Value
*/
protected Element makeMessages( WebSession s )
{
if ( s == null )
{
return ( new StringElement( "" ) );
}
Font f = new Font().setColor( HtmlColor.RED );
String message = s.getMessage();
f.addElement( message );
return ( f );
}
/**
* Returns the content length of the the html.
*
*/
public int getContentLength()
{
return content.toString().length();
}
/**
* Description of the Method
*
* @param out Description of the Parameter
*/
public void output( PrintWriter out )
{
// format output -- then send to printwriter
// otherwise we're doing way too much SSL encryption work
out.print( content.toString() );
}
public String getContent()
{
return (content == null) ? "" : content.toString();
}
/**
* Description of the Method
*
* @param x Description of the Parameter
* @return Description of the Return Value
*/
protected static String pad( int x )
{
StringBuffer sb = new StringBuffer();
if ( x < 10 )
{
sb.append( " " );
}
if ( x < 100 )
{
sb.append( " " );
}
sb.append( x );
return ( sb.toString() );
}
/**
* Description of the Method
*
* @param token Description of the Parameter
* @return Description of the Return Value
*/
protected static String convertMetachars( String token )
{
int mci = 0;
/*
* meta char array
*
* FIXME: Removed the conversion of whitespace " " to "&nbsp" in order for the
* html to be automatically wrapped in client browser. It is better to add line
* length checking and only do "&nbsp" conversion in lines that won't exceed
* screen size, say less than 80 characters.
*/
String[] metaChar = {"&", "<", ">", "\"", "\t", System.getProperty("line.separator")};
String[] htmlCode = {"&amp;", "&lt;", "&gt;", "&quot;", " ", "<br>"};
String replacedString = token;
for ( ; mci < metaChar.length; mci += 1 )
{
replacedString = replacedString.replaceAll( metaChar[mci], htmlCode[mci] );
}
return ( replacedString );
}
/**
* Description of the Method
*
* @param token Description of the Parameter
* @return Description of the Return Value
*/
protected static String convertMetacharsJavaCode( String token )
{
return( convertMetachars(token).replaceAll(" ", "&nbsp;") );
}
/**
* Description of the Method
*
* @param s Description of the Parameter
* @return Description of the Return Value
*/
//protected abstract Element wrapForm( WebSession s );
}

6
webgoat/main/project/JavaSource/org/owasp/webgoat/session/UnauthenticatedException.java Normal file
View File

@ -0,0 +1,6 @@
package org.owasp.webgoat.session;
public class UnauthenticatedException extends Exception
{
}

6
webgoat/main/project/JavaSource/org/owasp/webgoat/session/UnauthorizedException.java Normal file
View File

@ -0,0 +1,6 @@
package org.owasp.webgoat.session;
public class UnauthorizedException extends Exception
{
}

243
webgoat/main/project/JavaSource/org/owasp/webgoat/session/UserTracker.java Normal file
View File

@ -0,0 +1,243 @@
package org.owasp.webgoat.session;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.catalina.Role;
import org.apache.catalina.User;
import org.apache.catalina.users.MemoryUserDatabase;
/**
* Copyright (c) 2002 Free Software Foundation developed under the custody of the Open Web
* Application Security Project (http://www.owasp.org) This software package org.owasp.webgoat.is published by OWASP
* under the GPL. You should read and accept the LICENSE before you use, modify and/or redistribute
* this software.
*
* @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
* @created October 29, 2003
*/
public class UserTracker
{
private static UserTracker instance;
// FIXME: persist this somehow!
private static HashMap storage = new HashMap();
private static MemoryUserDatabase usersDB = new MemoryUserDatabase();
/**
* Constructor for the UserTracker object
*/
private UserTracker() { }
/**
* Gets the completed attribute of the UserTracker object
*
* @param userName Description of the Parameter
* @return The completed value
*/
public int getCompleted( String userName )
{
HashMap usermap = getUserMap( userName );
Iterator i = usermap.entrySet().iterator();
int count = 0;
while ( i.hasNext() )
{
Map.Entry entry = (Map.Entry) i.next();
int value = ( (Integer) entry.getValue() ).intValue();
if ( value > 5 )
{
count++;
}
}
return count;
}
/**
* Gets the users attribute of the UserTracker object
*
* @return The users value
*/
public Collection getUsers()
{
return storage.keySet();
}
public Collection getAllUsers(String roleName)
{
synchronized ( usersDB ) {
Collection allUsers = new ArrayList();
try {
usersDB.open();
Iterator users = usersDB.getUsers();
while (users.hasNext())
{
User user = (User) users.next();
Iterator roles = user.getRoles();
while( roles.hasNext() )
{
Role role = (Role)roles.next();
if ( role.getRolename().trim().equals(roleName))
{
allUsers.add( user.getUsername() );
}
}
}
usersDB.close();
}
catch ( Exception e )
{}
return allUsers;
}
}
public void deleteUser( String user )
{
synchronized ( usersDB ) {
try
{
usersDB.open();
Iterator users = usersDB.getUsers();
while (users.hasNext())
{
User tomcatUser = (User) users.next();
if ( tomcatUser.getUsername().equals( user ) )
{
usersDB.removeUser(tomcatUser);
// FIXME: delete all the lesson tracking property files
break;
}
}
usersDB.close();
}
catch ( Exception e )
{}
}
}
/**
* Gets the lessonTracker attribute of the UserTracker object
*
* @param screen Description of the Parameter
* @param userName Description of the Parameter
* @return The lessonTracker value
*/
public LessonTracker getLessonTracker( WebSession s, Screen screen )
{
return getLessonTracker(s, s.getUserName(), screen );
}
public LessonTracker getLessonTracker( WebSession s, String user, Screen screen )
{
HashMap usermap = getUserMap( user );
LessonTracker tracker = (LessonTracker) usermap.get( screen.getTitle() );
if ( tracker == null )
{
// Creates a new lesson tracker, if one does not exist on disk.
tracker = LessonTracker.load( s, user, screen );
usermap.put( screen.getTitle(), tracker );
}
//System.out.println( "User: [" + userName + "] UserTracker:getLessonTracker() LTH " + tracker.hashCode() + " for " + screen );
return tracker;
}
/**
* Gets the status attribute of the UserTracker object
*
* @param screen Description of the Parameter
* @param userName Description of the Parameter
* @return The status value
*/
public String getStatus( WebSession s, Screen screen )
{
return ( "User [" + s.getUserName() + "] has accessed " + screen + " UserTracker:getStatus()LTH = " + getLessonTracker( s, screen ).hashCode() );
}
/**
* Gets the userMap attribute of the UserTracker object
*
* @param userName Description of the Parameter
* @return The userMap value
*/
private HashMap getUserMap( String userName )
{
HashMap usermap = (HashMap) storage.get( userName );
if ( usermap == null )
{
usermap = new HashMap();
storage.put( userName, usermap );
}
return ( usermap );
}
/**
* Description of the Method
*
* @return Description of the Return Value
*/
public static synchronized UserTracker instance()
{
if ( instance == null )
{
instance = new UserTracker();
}
return instance;
}
/**
* Description of the Method
*
* @param screen Description of the Parameter
* @param s Description of the Parameter
*/
public void update( WebSession s, Screen screen )
{
LessonTracker tracker = getLessonTracker( s, screen );
//System.out.println( "User [" + s.getUserName() + "] TRACKER: updating " + screen + " LTH " + tracker.hashCode() );
tracker.store( s, screen );
HashMap usermap = getUserMap( s.getUserName() );
usermap.put( screen.getTitle(), tracker );
}
}

14
webgoat/main/project/JavaSource/org/owasp/webgoat/session/ValidationException.java Normal file
View File

@ -0,0 +1,14 @@
package org.owasp.webgoat.session;
public class ValidationException extends Exception
{
public ValidationException()
{
super();
}
public ValidationException(String message)
{
super(message);
}
}

1185
webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java Normal file
View File

File diff suppressed because it is too large Load Diff

91
webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatProperties.java Normal file
View File

@ -0,0 +1,91 @@
package org.owasp.webgoat.session;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.Properties;
public class WebgoatProperties extends Properties
{
public WebgoatProperties(String propertiesFileName) throws IOException
{
try
{
FileInputStream in = new FileInputStream(propertiesFileName);
load(in);
}
catch ( IOException e )
{
System.out.println("Warning: Unable to open webgoat.properties file");
}
}
public int getIntProperty(String key, int defaultValue)
{
int value = defaultValue;
String s = getProperty(key);
if (s != null)
{
value = Integer.parseInt(s);
}
return value;
}
public boolean getBooleanProperty(String key, boolean defaultValue)
{
boolean value = defaultValue;
key = this.trimLesson(key);
String s = getProperty(key);
if (s != null)
{
if (s.equalsIgnoreCase("true"))
value = true;
else if (s.equalsIgnoreCase("yes"))
value = true;
else if (s.equalsIgnoreCase("on"))
value = true;
else if (s.equalsIgnoreCase("false"))
value = false;
else if (s.equalsIgnoreCase("no"))
value = false;
else if (s.equalsIgnoreCase("off"))
value = false;
}
return value;
}
private String trimLesson(String lesson)
{
String result = "";
if(lesson.startsWith("org.owasp.webgoat.lessons."))
{
result = lesson.substring("org.owasp.webgoat.lessons.".length(), lesson.length());
}
else
{
result = lesson;
}
return result;
}
public static void main(String[] args)
{
WebgoatProperties properties = null;
try
{
properties = new WebgoatProperties("C:\\webgoat.properties");
}
catch (IOException e)
{
System.out.println("Error loading properties");
e.printStackTrace();
}
System.out.println(properties.getProperty("CommandInjection.category"));
}
}