From abcc6c4dcb580ac66708a54efe938ee20df47d7a Mon Sep 17 00:00:00 2001 From: mayhew64 Date: Tue, 15 Nov 2016 07:11:24 -0500 Subject: [PATCH] SQL Injection - it's broken --- webgoat-lessons/pom.xml | 1 + webgoat-lessons/sql-injection/.sonatype | 3 + webgoat-lessons/sql-injection/pom.xml | 11 + .../owasp/webgoat/plugin/SqlInjection.java | 72 ++++++ .../webgoat/plugin/SqlInjectionLesson.java | 234 ++++++++++++++++++ .../SqlInjection/html/SqlInjection.html | 86 +++++++ .../lessonPlans/en/SqlInjection_content1.adoc | 17 ++ .../lessonPlans/en/SqlInjection_content2.adoc | 32 +++ .../lessonPlans/en/SqlInjection_content3.adoc | 17 ++ .../lessonPlans/en/SqlInjection_content4.adoc | 19 ++ .../lessonPlans/en/SqlInjection_plan.adoc | 16 ++ .../en/SqlInjection_solution.adoc | 5 + .../lessonSolutions/html/SqlInjection.html | 14 ++ .../plugin/i18n/WebGoatLabels.properties | 8 + .../plugin/i18n/WebGoatLabels_de.properties | 8 + .../plugin/i18n/WebGoatLabels_fr.properties | 8 + .../plugin/i18n/WebGoatLabels_ru.properties | 8 + 17 files changed, 559 insertions(+) create mode 100644 webgoat-lessons/sql-injection/.sonatype create mode 100644 webgoat-lessons/sql-injection/pom.xml create mode 100644 webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjection.java create mode 100644 webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjectionLesson.java create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/html/SqlInjection.html create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content1.adoc create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content2.adoc create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content3.adoc create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content4.adoc create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_plan.adoc create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/en/SqlInjection_solution.adoc create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/html/SqlInjection.html create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels.properties create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_de.properties create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_fr.properties create mode 100644 webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_ru.properties diff --git a/webgoat-lessons/pom.xml b/webgoat-lessons/pom.xml index 26e72a406..d2bbb3484 100644 --- a/webgoat-lessons/pom.xml +++ b/webgoat-lessons/pom.xml @@ -16,6 +16,7 @@ client-side-filtering http-basics + sql-injection diff --git a/webgoat-lessons/sql-injection/.sonatype b/webgoat-lessons/sql-injection/.sonatype new file mode 100644 index 000000000..12d612a2b --- /dev/null +++ b/webgoat-lessons/sql-injection/.sonatype @@ -0,0 +1,3 @@ +#Sonatype CLM +#Tue Oct 11 14:10:26 EDT 2016 +application.id=webgoat diff --git a/webgoat-lessons/sql-injection/pom.xml b/webgoat-lessons/sql-injection/pom.xml new file mode 100644 index 000000000..62811540d --- /dev/null +++ b/webgoat-lessons/sql-injection/pom.xml @@ -0,0 +1,11 @@ + + 4.0.0 + sql-injection + jar + + org.owasp.webgoat.lesson + webgoat-lessons-parent + 8.0-SNAPSHOT + + \ No newline at end of file diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjection.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjection.java new file mode 100644 index 000000000..6fed63a99 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjection.java @@ -0,0 +1,72 @@ +package org.owasp.webgoat.plugin; + +import com.beust.jcommander.internal.Lists; +import org.owasp.webgoat.lessons.Category; +import org.owasp.webgoat.lessons.NewLesson; + +import java.util.List; +import java.util.ArrayList; +import org.owasp.webgoat.i18n.LabelManager; + +/** + * ************************************************************************************************ + * This file is part of WebGoat, an Open Web Application Security Project utility. For details, + * please see http://www.owasp.org/ + *

+ * Copyright (c) 2002 - 20014 Bruce Mayhew + *

+ * This program is free software; you can redistribute it and/or modify it under the terms of the + * GNU General Public License as published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + *

+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without + * even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + *

+ * You should have received a copy of the GNU General Public License along with this program; if + * not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + * 02111-1307, USA. + *

+ * Getting Source ============== + *

+ * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software + * projects. + *

+ * + * @author WebGoat + * @version $Id: $Id + * @since October 12, 2016 + */ +public class SqlInjection extends NewLesson { + @Override + public Category getDefaultCategory() { + return Category.INJECTION; + } + + @Override + public List getHints() { + List hints = new ArrayList(); + +// hints.add(getLabelManager().get("SqlStringInjectionHint1")); +// hints.add(getLabelManager().get("SqlStringInjectionHint2")); +// hints.add(getLabelManager().get("SqlStringInjectionHint3")); +// hints.add(getLabelManager().get("SqlStringInjectionHint4")); + + return hints; + } + + @Override + public Integer getDefaultRanking() { + return 1; + } + + @Override + public String getTitle() { + return "SQL Injection"; + } + + @Override + public String getId() { + return "SqlInjection"; + } +} diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjectionLesson.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjectionLesson.java new file mode 100644 index 000000000..469308c94 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjectionLesson.java @@ -0,0 +1,234 @@ + +package org.owasp.webgoat.plugin; + +import org.owasp.webgoat.lessons.AssignmentEndpoint; +import org.owasp.webgoat.lessons.LessonEndpointMapping; +import org.owasp.webgoat.lessons.model.AttackResult; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; + +import javax.servlet.http.HttpServletRequest; + +import java.io.IOException; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.ResultSetMetaData; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import java.util.List; + + + +/*************************************************************************************************** + * + * + * This file is part of WebGoat, an Open Web Application Security Project utility. For details, + * please see http://www.owasp.org/ + * + * Copyright (c) 2002 - 20014 Bruce Mayhew + * + * This program is free software; you can redistribute it and/or modify it under the terms of the + * GNU General Public License as published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without + * even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License along with this program; if + * not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + * 02111-1307, USA. + * + * Getting Source ============== + * + * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software + * projects. + * + * For details, please see http://webgoat.github.io + * + * @author Bruce Mayhew WebGoat + * @created October 28, 2003 + */ +@LessonEndpointMapping +public class SqlInjectionLesson extends AssignmentEndpoint { + + @RequestMapping(method = RequestMethod.POST) + public @ResponseBody AttackResult completed(@RequestParam String person, HttpServletRequest request) throws IOException { + if (!person.toString().equals("")) { + return trackProgress(AttackResult.success("The server has reversed your name: " + new StringBuffer(person).reverse().toString())); + } else { + return trackProgress(AttackResult.failed("You are close, try again")); + } + } + + @Override + public String getPath() { + return "/SqlInjection/attack1"; + } + + +// private final static String ACCT_NAME = "account_name"; +// +// private static String STAGE = "stage"; +// +// private String accountName; +// +// /** +// * Description of the Method +// * +// * @param s +// * Description of the Parameter +// * @return Description of the Return Value +// */ +// protected Element createContent(WebSession s) +// { +// return super.createStagedContent(s); +// } +// +// protected Element doStage1(WebSession s) throws Exception +// { +// return injectableQuery(s); +// } +// +// protected Element doStage2(WebSession s) throws Exception +// { +// return parameterizedQuery(s); +// } +// +// protected Element injectableQuery(WebSession s) +// { +// ElementContainer ec = new ElementContainer(); +// +// try +// { +// Connection connection = DatabaseUtilities.getConnection(s); +// +// ec.addElement(makeAccountLine(s)); +// +// String query = "SELECT * FROM user_data WHERE last_name = '" + accountName + "'"; +// ec.addElement(new PRE(query)); +// +// try +// { +// Statement statement = connection.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, +// ResultSet.CONCUR_READ_ONLY); +// ResultSet results = statement.executeQuery(query); +// +// if ((results != null) && (results.first() == true)) +// { +// ResultSetMetaData resultsMetaData = results.getMetaData(); +// ec.addElement(DatabaseUtilities.writeTable(results, resultsMetaData)); +// results.last(); +// +// // If they get back more than one user they succeeded +// if (results.getRow() >= 6) +// { +// makeSuccess(s); +// getLessonTracker(s).setStage(2); +// +// StringBuffer msg = new StringBuffer(); +// +// msg.append(getLabelManager().get("StringSqlInjectionSecondStage")); +// +// s.setMessage(msg.toString()); +// } +// } +// else +// { +// ec.addElement(getLabelManager().get("NoResultsMatched")); +// } +// } catch (SQLException sqle) +// { +// ec.addElement(new P().addElement(sqle.getMessage())); +// sqle.printStackTrace(); +// } +// } catch (Exception e) +// { +// s.setMessage(getLabelManager().get("ErrorGenerating") + this.getClass().getName()); +// e.printStackTrace(); +// } +// +// return (ec); +// } +// +// protected Element parameterizedQuery(WebSession s) +// { +// ElementContainer ec = new ElementContainer(); +// +// ec.addElement(getLabelManager().get("StringSqlInjectionSecondStage")); +// if (s.getParser().getRawParameter(ACCT_NAME, "YOUR_NAME").equals("restart")) +// { +// getLessonTracker(s).getLessonProperties().setProperty(STAGE, "1"); +// return (injectableQuery(s)); +// } +// +// ec.addElement(new BR()); +// +// try +// { +// Connection connection = DatabaseUtilities.getConnection(s); +// +// ec.addElement(makeAccountLine(s)); +// +// String query = "SELECT * FROM user_data WHERE last_name = ?"; +// ec.addElement(new PRE(query)); +// +// try +// { +// PreparedStatement statement = connection.prepareStatement(query, ResultSet.TYPE_SCROLL_INSENSITIVE, +// ResultSet.CONCUR_READ_ONLY); +// statement.setString(1, accountName); +// ResultSet results = statement.executeQuery(); +// +// if ((results != null) && (results.first() == true)) +// { +// ResultSetMetaData resultsMetaData = results.getMetaData(); +// ec.addElement(DatabaseUtilities.writeTable(results, resultsMetaData)); +// results.last(); +// +// // If they get back more than one user they succeeded +// if (results.getRow() >= 6) +// { +// makeSuccess(s); +// } +// } +// else +// { +// ec.addElement(getLabelManager().get("NoResultsMatched")); +// } +// } catch (SQLException sqle) +// { +// ec.addElement(new P().addElement(sqle.getMessage())); +// } +// } catch (Exception e) +// { +// s.setMessage(getLabelManager().get("ErrorGenerating") + this.getClass().getName()); +// e.printStackTrace(); +// } +// +// return (ec); +// } +// +// protected Element makeAccountLine(WebSession s) +// { +// ElementContainer ec = new ElementContainer(); +// ec.addElement(new P().addElement(getLabelManager().get("EnterLastName"))); +// +// accountName = s.getParser().getRawParameter(ACCT_NAME, "Your Name"); +// Input input = new Input(Input.TEXT, ACCT_NAME, accountName.toString()); +// ec.addElement(input); +// +// Element b = ECSFactory.makeButton(getLabelManager().get("Go!")); +// ec.addElement(b); +// +// return ec; +// +// } + + + +} diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/html/SqlInjection.html b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/html/SqlInjection.html new file mode 100644 index 000000000..2796365c9 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/html/SqlInjection.html @@ -0,0 +1,86 @@ + + + + +

+ + +
+
+ +
+ + +
+
+
+ + +
+
+
+ + +
+
+
+ + +
+
+ +
+ + + +
+ +
+ + + +
+ + + + + + + + + + + + + +
Was the HTTP command a POST or a GET:
What is the magic number:
+
+
+ +
+
+ +
+
+ + \ No newline at end of file diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content1.adoc b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content1.adoc new file mode 100644 index 000000000..f1471330c --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content1.adoc @@ -0,0 +1,17 @@ +== What is SQL + +SQL is a way to interact with databases. + += SQL = Structured Query Language +* Not “Standard Query Language” +* Multiple versions of SQL. Most databases have some custom functions +* Most vendors have a proprietary extension + += Data Manipulation Language (DML) +* SELECT, INSERT, UPDATE, DELETE, … + += Data Definition Language (DDL) +* CREATE, ALTER, DROP,TRUNCATE,… + += Data Control Language (DCL) +* GRANT, REVOKE, … diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content2.adoc b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content2.adoc new file mode 100644 index 000000000..7fd8d62e0 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content2.adoc @@ -0,0 +1,32 @@ +== Consequences of SQL Injection + += SQL injection attacks allow attackers to +* Spoof identity +* Tamper with existing data +* Cause repudiation issues such as voiding transactions or changing balances +* Allow the complete disclosure of all data on the system +* Destroy the data or make it otherwise unavailable +* Become administrator of the database server + += SQL Injection is more common in PHP, Classic ASP, Cold Fusion and older languages +* Languages do not provide parameterized query support +* Parameterized queries have been added to newer versions +* Early adopters of web technology + +== Severity of SQL Injection + += The severity of SQL Injection attacks is limited by +* Attacker’s skill and imagination +* Defense in depth countermeasures +Input validation +Least privilege +* Database technology + += Not all databases support command chaining +* Microsoft Access +* MySQL Connector/J and C +* Oracle + += Not all databases are equal (SQL Server) +* Command shell: master.dbo.xp_cmdshell 'cmd.exe dir c:' +* Reqistry commands: xp_regread, xp_regdeletekey, … diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content3.adoc b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content3.adoc new file mode 100644 index 000000000..9080b7f19 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content3.adoc @@ -0,0 +1,17 @@ +== Example of SQL Injection + += Dynamic query in application +* select * from users where name = ‘” + userName + “’”; +* select * from users where employee_id = ” + userID; + += Attacker supplies unexpected text +* userName = [red]Smith’ or ‘1’=‘1[red] +* userName =[red]‘ or 1=1 --[red] +* userID = [red]1234567 or 1=1[red] +* UserName = [red]Smith’;drop table users; truncate audit_log;--[red] + += Application executes query +* select * from users where name = [red]‘Smith’ or ‘1’ = ‘1’[red] +** select * from users where name = [red]‘Smith’ or TRUE[red] +* select * from users where employee_id = 1234567 or 1=1 +** *All records are returned from database* diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content4.adoc b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content4.adoc new file mode 100644 index 000000000..51013c0ce --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content4.adoc @@ -0,0 +1,19 @@ +== Special Characters & Statements + +/* */ are inline comments +-- , # are line comments +'Select * from users where name = ‘admin’--and pass = ‘pass’' + +; allows query chaining +'Select * from users; drop table users;' + +’,+,|| allows string concatenation +Char() strings without quotes +'Select * from users where name = ‘+char(27) or 1=1' + + +Unions allows overlapping of database tables +'Select id, text from news +union all select name, pass from users' + +Joins allows connecting to other tables diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_plan.adoc b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_plan.adoc new file mode 100644 index 000000000..81d30ad2f --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_plan.adoc @@ -0,0 +1,16 @@ += SQL Injection + +== Concept + +This lesson describes what is Structured Query Language (SQL) and how it can be manipulated to perform tasks that were not the original intent of the developer. + +== Goals + +* The user should have a basic understand how SQL works and what it is used for. +* The user will understand the best practices for defending against SQL injection attacks +* The user will demonstrate knowledge on: +** String SQL Injection +** Numeric SQL Injection +** Blind SQL Injection + + diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/en/SqlInjection_solution.adoc b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/en/SqlInjection_solution.adoc new file mode 100644 index 000000000..a6293919c --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/en/SqlInjection_solution.adoc @@ -0,0 +1,5 @@ += HTTP Basics + +== Solution + +Solution goes here \ No newline at end of file diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/html/SqlInjection.html b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/html/SqlInjection.html new file mode 100644 index 000000000..42219764e --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonSolutions/html/SqlInjection.html @@ -0,0 +1,14 @@ + + + + + + +
+ + +
+
+ + + \ No newline at end of file diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels.properties b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels.properties new file mode 100644 index 000000000..6ad457235 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels.properties @@ -0,0 +1,8 @@ +#StringSqlInjection.java +StringSqlInjectionSecondStage=Now that you have successfully performed an SQL injection, try the same type of attack on a parameterized query. Restart the lesson if you wish to return to the injectable query. +EnterLastName=Enter your last name: +NoResultsMatched=No results matched. Try Again. +SqlStringInjectionHint1=The application is taking your input and inserting it at the end of a pre-formed SQL command. +SqlStringInjectionHint2=This is the code for the query being built and issued by WebGoat:

"SELECT * FROM user_data WHERE last_name = "accountName" +SqlStringInjectionHint3=Compound SQL statements can be made by joining multiple tests with keywords like AND and OR. Try appending a SQL statement that always resolves to true +SqlStringInjectionHint4=Try entering [ smith' OR '1' = '1 ]. diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_de.properties b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_de.properties new file mode 100644 index 000000000..7ec3f4462 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_de.properties @@ -0,0 +1,8 @@ +#StringSqlInjection.java +StringSqlInjectionSecondStage=Da sie nun erfolgreich eine SQL Injection durchgef\u00fchrt haben, versuchen Sie denselben Typ von Angriff auf eine parametrisierte Anfrage. Starten Sie Diese Lektion neu, wenn Sie zur verwundbaren SQL Anfrage gelangen m\u00f6chten. + EnterLastName=Geben Sie Ihren Nachnamen ein: +NoResultsMatched=Keine Resultate gefunden, versuchen Sie es erneut +SqlStringInjectionHint1=The application is taking your input and inserting it at the end of a pre-formed SQL command. +SqlStringInjectionHint2=This is the code for the query being built and issued by WebGoat:

"SELECT * FROM user_data WHERE last_name = "accountName" +SqlStringInjectionHint3=Compound SQL statements can be made by joining multiple tests with keywords like AND and OR. Try appending a SQL statement that always resolves to true +SqlStringInjectionHint4=Try entering [ smith' OR '1' = '1 ]. diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_fr.properties b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_fr.properties new file mode 100644 index 000000000..e25a104f7 --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_fr.properties @@ -0,0 +1,8 @@ +#StringSqlInjection.java +StringSqlInjectionSecondStage=Maintenant que vous avez r\u00e9alis\u00e9 une injection SQL avec succ\u00e8s, essayer le m\u00eame type d'attaque sur une requ\u00eate param\u00e9tr\u00e9e. Red\u00e9marrez la le\u00e7on si vous souhaitez revenir \u00e0 la requ\u00eate injectable. +EnterLastName=Entrez votre nom : +NoResultsMatched=Aucun r\u00e9sultat correspondant. Essayez encore. +SqlStringInjectionHint1=L'application r\u00e9cup\u00e8re votre saisie et l'ins\u00e8re \u00e0 la fin d'une commande SQL pr\u00e9-form\u00e9e. +SqlStringInjectionHint2=Voici le code de la requ\u00eate assembl\u00e9e et ex\u00e9cut\u00e9e par WebGoat :

"SELECT * FROM user_data WHERE last_name = "accountName" +SqlStringInjectionHint3=Les commandes SQL compos\u00e9es peuvent \u00eatre assembl\u00e9es en associant de multiples conditions au moyen de mots-cl\u00e9 tels que AND et OR. Essayez d'assembler une condition qui sera toujours r\u00e9solue \u00e0 vrai. +SqlStringInjectionHint4=Essayez de saisir [ smith' OR '1' = '1 ]. \ No newline at end of file diff --git a/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_ru.properties b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_ru.properties new file mode 100644 index 000000000..073d4a78b --- /dev/null +++ b/webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels_ru.properties @@ -0,0 +1,8 @@ +#StringSqlInjection.java +StringSqlInjectionSecondStage=\u0422\u0435\u043f\u0435\u0440\u044c, \u043a\u043e\u0433\u0434\u0430 \u0432\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0434\u0430\u0447\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e, \u043f\u043e\u043f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u044d\u0442\u043e \u0441 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u043c. \u041d\u0430\u0447\u043d\u0438\u0442\u0435 \u0443\u0440\u043e\u043a \u0437\u0430\u043d\u043e\u0432\u043e \u0435\u0441\u043b\u0438 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043d\u043e\u0432\u044c \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u043f\u043e\u043b\u0435. +EnterLastName=\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u0432\u0430\u0448\u0443 \u0444\u0430\u043c\u0438\u043b\u0438\u044e: +NoResultsMatched=\u041d\u0435\u0442 \u0441\u043e\u0432\u043f\u0430\u0434\u0435\u043d\u0438\u0439. \u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u0441\u043d\u043e\u0432\u0430. +SqlStringInjectionHint1=\u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0431\u0435\u0440\u0451\u0442 \u0442\u043e \u0447\u0442\u043e \u0432\u044b \u0432\u0432\u043e\u0434\u0438\u0442\u0435 \u0438 \u0432\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0432 \u043a\u043e\u043d\u0435\u0446 \u0437\u0430\u0440\u0430\u043d\u0435\u0435 \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430. +SqlStringInjectionHint2=\u0412\u043e\u0442 \u043a\u043e\u0434 \u0437\u0430\u043f\u0440\u043e\u0441\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f WebGoat`\u043e\u043c:

"SELECT * FROM user_data WHERE last_name = "accountName" +SqlStringInjectionHint3=\u0426\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0434\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0442\u0430\u043a\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0441\u043b\u043e\u0432 \u043a\u0430\u043a AND \u0438 OR. \u041f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0442\u0430\u043a\u043e\u0435 SQL-\u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u0431\u0443\u0434\u0435\u0442 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0442\u044c \u0438\u0441\u0442\u0438\u043d\u0443. +SqlStringInjectionHint4=\u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u0432\u0432\u0435\u0441\u0442\u0438 [ smith' OR '1' = '1 ]. \ No newline at end of file