dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[fix] SQLi Lessons 6a-b: lesson passed's boolean

Browse Source
This commit is contained in:
hillstonenet-interns-bj 2017-02-27 16:24:15 +08:00 committed by Nanne Baars
parent f5c3610aba
commit ad3e9439ec
4 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/SqlInjectionLesson6a.java
View File

@ -78,9 +78,9 @@ public class SqlInjectionLesson6a extends AssignmentEndpoint {
results.last(); results.last();
// If they get back more than one user they succeeded // If they get back more than one user they succeeded
if (results.getRow() >= 6) if (results.getRow() >= 5)
{ {
return trackProgress(success().feedback("sql-injection.6b.success").feedbackArgs(output.toString()).build()); return trackProgress(success().feedback("sql-injection.6a.success").feedbackArgs(output.toString()).build());
} else { } else {
return trackProgress(failed().output(output.toString()).build()); return trackProgress(failed().output(output.toString()).build());
} }
@ -88,7 +88,7 @@ public class SqlInjectionLesson6a extends AssignmentEndpoint {
} }
else else
{ {
return trackProgress(failed().feedback("sql-injection.6b.no.results").build()); return trackProgress(failed().feedback("sql-injection.6a.no.results").build());
} }
} catch (SQLException sqle) } catch (SQLException sqle)

2
webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/html/SqlInjection.html
View File

@ -210,4 +210,4 @@
<div class="adoc-content" th:replace="doc:SqlInjection_content13.adoc"></div> <div class="adoc-content" th:replace="doc:SqlInjection_content13.adoc"></div>
</div> </div>
</html> </html>

3
webgoat-lessons/sql-injection/src/main/resources/plugin/SqlInjection/lessonPlans/en/SqlInjection_content6a.adoc
View File

@ -9,6 +9,7 @@ CREATE TABLE user_system_data (userid varchar(5) not null primary key,
cookie varchar(30)); cookie varchar(30));
------------------------------------------------------- -------------------------------------------------------
Execute a query to union or join these tables. When you have figured it out.... What is Dave's password? *6.a)* Execute a query to union or join these tables. +
*6.b)* When you have figured it out.... What is Dave's password?

5
webgoat-lessons/sql-injection/src/main/resources/plugin/i18n/WebGoatLabels.properties
View File

@ -14,5 +14,8 @@ sql-injection.5a.no.results=No results matched. Try Again.
sql-injection.5b.success=You have succeed: {0} sql-injection.5b.success=You have succeed: {0}
sql-injection.5b.no.results=No results matched. Try Again. sql-injection.5b.no.results=No results matched. Try Again.
sql-injection.6a.success=You have succeed: {0}
sql-injection.6a.no.results=No results matched. Try Again.
sql-injection.6b.success=You have succeed: {0} sql-injection.6b.success=You have succeed: {0}
sql-injection.6b.no.results=No results matched. Try Again. sql-injection.6b.no.results=No results matched. Try Again.