From ad7f4aec686c1ef97ca62e1ed90598e0a7896134 Mon Sep 17 00:00:00 2001 From: "rogan.dawes" Date: Wed, 18 Jul 2007 13:28:02 +0000 Subject: [PATCH] Re-add Aspect credits for various lessons git-svn-id: http://webgoat.googlecode.com/svn/trunk@178 4033779f-a91e-0410-96ef-6bf7bf53c507 --- .../owasp/webgoat/lessons/BasicAuthentication.java | 8 ++++++++ .../org/owasp/webgoat/lessons/Challenge2Screen.java | 7 +++++++ .../org/owasp/webgoat/lessons/CommandInjection.java | 8 ++++++++ .../org/owasp/webgoat/lessons/HttpBasics.java | 8 ++++++++ .../org/owasp/webgoat/lessons/ReflectedXSS.java | 8 ++++++++ .../owasp/webgoat/lessons/SqlNumericInjection.java | 8 ++++++++ .../owasp/webgoat/lessons/SqlStringInjection.java | 12 ++++++++++-- .../org/owasp/webgoat/lessons/StoredXss.java | 7 +++++++ .../org/owasp/webgoat/lessons/UncheckedEmail.java | 8 ++++++++ 9 files changed, 72 insertions(+), 2 deletions(-) diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java index 824126a0e..0963c1df1 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java @@ -6,6 +6,8 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.P; import org.apache.ecs.html.TD; @@ -49,6 +51,7 @@ import org.owasp.webgoat.session.WebSession; */ public class BasicAuthentication extends SequentialLessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private static final String EMPTY_STRING = ""; @@ -330,4 +333,9 @@ public class BasicAuthentication extends SequentialLessonAdapter { return ("Basic Authentication"); } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java index becb97a70..be22ba3cb 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java @@ -20,11 +20,13 @@ import javax.servlet.http.Cookie; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.B; import org.apache.ecs.html.BR; import org.apache.ecs.html.Center; import org.apache.ecs.html.H1; import org.apache.ecs.html.HR; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.P; import org.apache.ecs.html.TD; @@ -71,6 +73,7 @@ import org.owasp.webgoat.util.ExecResults; */ public class Challenge2Screen extends SequentialLessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private static final String USER_COOKIE = "user"; @@ -811,4 +814,8 @@ public class Challenge2Screen extends SequentialLessonAdapter return (null); } + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java index 8baf32b1d..377882681 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java @@ -9,8 +9,10 @@ import java.util.StringTokenizer; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; import org.apache.ecs.html.HR; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.P; import org.apache.ecs.html.PRE; @@ -53,6 +55,7 @@ import org.owasp.webgoat.util.ExecResults; */ public class CommandInjection extends LessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private final static String HELP_FILE = "HelpFile"; @@ -380,4 +383,9 @@ public class CommandInjection extends LessonAdapter { return "How to Perform Command Injection"; } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpBasics.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpBasics.java index fa8501025..31b0df5bc 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpBasics.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpBasics.java @@ -6,6 +6,8 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.owasp.webgoat.session.*; @@ -43,6 +45,7 @@ import org.owasp.webgoat.session.*; */ public class HttpBasics extends LessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private final static String PERSON = "person"; @@ -132,4 +135,9 @@ public class HttpBasics extends LessonAdapter { return ("Http Basics"); } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ReflectedXSS.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ReflectedXSS.java index 1e46bbe42..0a1886055 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ReflectedXSS.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ReflectedXSS.java @@ -6,10 +6,12 @@ import java.util.regex.Pattern; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; import org.apache.ecs.html.Center; import org.apache.ecs.html.H1; import org.apache.ecs.html.HR; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.TD; import org.apache.ecs.html.TH; @@ -54,6 +56,7 @@ import org.owasp.webgoat.util.HtmlEncoder; public class ReflectedXSS extends LessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); /** * Description of the Method @@ -291,4 +294,9 @@ public class ReflectedXSS extends LessonAdapter { return "How to Perform Reflected Cross Site Scripting (XSS) Attacks"; } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlNumericInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlNumericInjection.java index 2c4323c61..900742d10 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlNumericInjection.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlNumericInjection.java @@ -14,7 +14,9 @@ import java.util.TreeMap; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Option; import org.apache.ecs.html.P; import org.apache.ecs.html.PRE; @@ -57,6 +59,7 @@ import org.owasp.webgoat.session.WebSession; */ public class SqlNumericInjection extends SequentialLessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private final static String STATION_ID = "station"; @@ -401,4 +404,9 @@ public class SqlNumericInjection extends SequentialLessonAdapter e.printStackTrace(System.out); } } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlStringInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlStringInjection.java index e278cfc02..64df2d7d4 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlStringInjection.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlStringInjection.java @@ -11,7 +11,9 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.P; import org.apache.ecs.html.PRE; @@ -53,6 +55,7 @@ import org.owasp.webgoat.session.WebSession; */ public class SqlStringInjection extends SequentialLessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private final static String ACCT_NAME = "account_name"; @@ -129,7 +132,7 @@ public class SqlStringInjection extends SequentialLessonAdapter msg.append("Bet you can't do it again! "); msg .append("This lesson has detected your successfull attack "); - msg.append("and has now switch to a defensive mode. "); + msg.append("and has now switched to a defensive mode. "); msg .append("Try again to attack a parameterized query."); @@ -162,7 +165,7 @@ public class SqlStringInjection extends SequentialLessonAdapter ec .addElement("Now that you have successfully performed an SQL injection, try the same " - + " type of attack on a parameterized query. Type 'restart' in the input field if you wish to " + + " type of attack on a parameterized query. Restart the lesson if you wish " + " to return to the injectable query"); if (s.getParser().getRawParameter(ACCT_NAME, "YOUR_NAME").equals( "restart")) @@ -317,4 +320,9 @@ public class SqlStringInjection extends SequentialLessonAdapter e.printStackTrace(System.out); } } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/StoredXss.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/StoredXss.java index 805f0d637..ee6dccf01 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/StoredXss.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/StoredXss.java @@ -13,6 +13,7 @@ import org.apache.ecs.html.A; import org.apache.ecs.html.B; import org.apache.ecs.html.H1; import org.apache.ecs.html.HR; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.P; import org.apache.ecs.html.TD; @@ -56,6 +57,7 @@ import org.owasp.webgoat.util.HtmlEncoder; */ public class StoredXss extends LessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private final static String MESSAGE = "message"; @@ -380,4 +382,9 @@ public class StoredXss extends LessonAdapter } return nameroot; } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } } diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/UncheckedEmail.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/UncheckedEmail.java index 0056eef90..9f69ddfeb 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/UncheckedEmail.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/UncheckedEmail.java @@ -9,12 +9,14 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.B; import org.apache.ecs.html.BR; import org.apache.ecs.html.Center; import org.apache.ecs.html.H1; import org.apache.ecs.html.H3; import org.apache.ecs.html.HR; +import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.TD; import org.apache.ecs.html.TH; @@ -60,6 +62,7 @@ import org.owasp.webgoat.session.WebSession; public class UncheckedEmail extends LessonAdapter { + public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0)); private final static String MESSAGE = "msg"; @@ -261,4 +264,9 @@ public class UncheckedEmail extends LessonAdapter { return ("How to Exploit Unchecked Email"); } + + public Element getCredits() + { + return super.getCustomCredits("", ASPECT_LOGO); + } }