dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Re-add Aspect credits for various lessons

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@178 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes 2007-07-18 13:28:02 +00:00
parent 5f5e2e829a
commit ad7f4aec68
9 changed files with 72 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java
View File

@ -6,6 +6,8 @@ import java.util.List;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement; import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input; import org.apache.ecs.html.Input;
import org.apache.ecs.html.P; import org.apache.ecs.html.P;
import org.apache.ecs.html.TD; import org.apache.ecs.html.TD;
@ -49,6 +51,7 @@ import org.owasp.webgoat.session.WebSession;
*/ */
public class BasicAuthentication extends SequentialLessonAdapter public class BasicAuthentication extends SequentialLessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private static final String EMPTY_STRING = ""; private static final String EMPTY_STRING = "";
@ -330,4 +333,9 @@ public class BasicAuthentication extends SequentialLessonAdapter
{ {
return ("Basic Authentication"); return ("Basic Authentication");
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

7
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java
View File

@ -20,11 +20,13 @@ import javax.servlet.http.Cookie;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement; import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.B; import org.apache.ecs.html.B;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.Center; import org.apache.ecs.html.Center;
import org.apache.ecs.html.H1; import org.apache.ecs.html.H1;
import org.apache.ecs.html.HR; import org.apache.ecs.html.HR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input; import org.apache.ecs.html.Input;
import org.apache.ecs.html.P; import org.apache.ecs.html.P;
import org.apache.ecs.html.TD; import org.apache.ecs.html.TD;
@ -71,6 +73,7 @@ import org.owasp.webgoat.util.ExecResults;
*/ */
public class Challenge2Screen extends SequentialLessonAdapter public class Challenge2Screen extends SequentialLessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private static final String USER_COOKIE = "user"; private static final String USER_COOKIE = "user";
@ -811,4 +814,8 @@ public class Challenge2Screen extends SequentialLessonAdapter
return (null); return (null);
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java
View File

@ -9,8 +9,10 @@ import java.util.StringTokenizer;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement; import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.HR; import org.apache.ecs.html.HR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.P; import org.apache.ecs.html.P;
import org.apache.ecs.html.PRE; import org.apache.ecs.html.PRE;
@ -53,6 +55,7 @@ import org.owasp.webgoat.util.ExecResults;
*/ */
public class CommandInjection extends LessonAdapter public class CommandInjection extends LessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private final static String HELP_FILE = "HelpFile"; private final static String HELP_FILE = "HelpFile";
@ -380,4 +383,9 @@ public class CommandInjection extends LessonAdapter
{ {
return "How to Perform Command Injection"; return "How to Perform Command Injection";
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpBasics.java
View File

@ -6,6 +6,8 @@ import java.util.List;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement; import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input; import org.apache.ecs.html.Input;
import org.owasp.webgoat.session.*; import org.owasp.webgoat.session.*;
@ -43,6 +45,7 @@ import org.owasp.webgoat.session.*;
*/ */
public class HttpBasics extends LessonAdapter public class HttpBasics extends LessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private final static String PERSON = "person"; private final static String PERSON = "person";
@ -132,4 +135,9 @@ public class HttpBasics extends LessonAdapter
{ {
return ("Http Basics"); return ("Http Basics");
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ReflectedXSS.java
View File

@ -6,10 +6,12 @@ import java.util.regex.Pattern;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.Center; import org.apache.ecs.html.Center;
import org.apache.ecs.html.H1; import org.apache.ecs.html.H1;
import org.apache.ecs.html.HR; import org.apache.ecs.html.HR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input; import org.apache.ecs.html.Input;
import org.apache.ecs.html.TD; import org.apache.ecs.html.TD;
import org.apache.ecs.html.TH; import org.apache.ecs.html.TH;
@ -54,6 +56,7 @@ import org.owasp.webgoat.util.HtmlEncoder;
public class ReflectedXSS extends LessonAdapter public class ReflectedXSS extends LessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
/** /**
* Description of the Method * Description of the Method
@ -291,4 +294,9 @@ public class ReflectedXSS extends LessonAdapter
{ {
return "How to Perform Reflected Cross Site Scripting (XSS) Attacks"; return "How to Perform Reflected Cross Site Scripting (XSS) Attacks";
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlNumericInjection.java
View File

@ -14,7 +14,9 @@ import java.util.TreeMap;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Option; import org.apache.ecs.html.Option;
import org.apache.ecs.html.P; import org.apache.ecs.html.P;
import org.apache.ecs.html.PRE; import org.apache.ecs.html.PRE;
@ -57,6 +59,7 @@ import org.owasp.webgoat.session.WebSession;
*/ */
public class SqlNumericInjection extends SequentialLessonAdapter public class SqlNumericInjection extends SequentialLessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private final static String STATION_ID = "station"; private final static String STATION_ID = "station";
@ -401,4 +404,9 @@ public class SqlNumericInjection extends SequentialLessonAdapter
e.printStackTrace(System.out); e.printStackTrace(System.out);
} }
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

12
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SqlStringInjection.java
View File

@ -11,7 +11,9 @@ import java.util.List;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input; import org.apache.ecs.html.Input;
import org.apache.ecs.html.P; import org.apache.ecs.html.P;
import org.apache.ecs.html.PRE; import org.apache.ecs.html.PRE;
@ -53,6 +55,7 @@ import org.owasp.webgoat.session.WebSession;
*/ */
public class SqlStringInjection extends SequentialLessonAdapter public class SqlStringInjection extends SequentialLessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private final static String ACCT_NAME = "account_name"; private final static String ACCT_NAME = "account_name";
@ -129,7 +132,7 @@ public class SqlStringInjection extends SequentialLessonAdapter
msg.append("Bet you can't do it again! "); msg.append("Bet you can't do it again! ");
msg msg
.append("This lesson has detected your successfull attack "); .append("This lesson has detected your successfull attack ");
msg.append("and has now switch to a defensive mode. "); msg.append("and has now switched to a defensive mode. ");
msg msg
.append("Try again to attack a parameterized query."); .append("Try again to attack a parameterized query.");
@ -162,7 +165,7 @@ public class SqlStringInjection extends SequentialLessonAdapter
ec ec
.addElement("Now that you have successfully performed an SQL injection, try the same " .addElement("Now that you have successfully performed an SQL injection, try the same "
+ " type of attack on a parameterized query. Type 'restart' in the input field if you wish to " + " type of attack on a parameterized query. Restart the lesson if you wish "
+ " to return to the injectable query"); + " to return to the injectable query");
if (s.getParser().getRawParameter(ACCT_NAME, "YOUR_NAME").equals( if (s.getParser().getRawParameter(ACCT_NAME, "YOUR_NAME").equals(
"restart")) "restart"))
@ -317,4 +320,9 @@ public class SqlStringInjection extends SequentialLessonAdapter
e.printStackTrace(System.out); e.printStackTrace(System.out);
} }
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

7
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/StoredXss.java
View File

@ -13,6 +13,7 @@ import org.apache.ecs.html.A;
import org.apache.ecs.html.B; import org.apache.ecs.html.B;
import org.apache.ecs.html.H1; import org.apache.ecs.html.H1;
import org.apache.ecs.html.HR; import org.apache.ecs.html.HR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input; import org.apache.ecs.html.Input;
import org.apache.ecs.html.P; import org.apache.ecs.html.P;
import org.apache.ecs.html.TD; import org.apache.ecs.html.TD;
@ -56,6 +57,7 @@ import org.owasp.webgoat.util.HtmlEncoder;
*/ */
public class StoredXss extends LessonAdapter public class StoredXss extends LessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private final static String MESSAGE = "message"; private final static String MESSAGE = "message";
@ -380,4 +382,9 @@ public class StoredXss extends LessonAdapter
} }
return nameroot; return nameroot;
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/UncheckedEmail.java
View File

@ -9,12 +9,14 @@ import java.util.List;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement; import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.B; import org.apache.ecs.html.B;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.Center; import org.apache.ecs.html.Center;
import org.apache.ecs.html.H1; import org.apache.ecs.html.H1;
import org.apache.ecs.html.H3; import org.apache.ecs.html.H3;
import org.apache.ecs.html.HR; import org.apache.ecs.html.HR;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input; import org.apache.ecs.html.Input;
import org.apache.ecs.html.TD; import org.apache.ecs.html.TD;
import org.apache.ecs.html.TH; import org.apache.ecs.html.TH;
@ -60,6 +62,7 @@ import org.owasp.webgoat.session.WebSession;
public class UncheckedEmail extends LessonAdapter public class UncheckedEmail extends LessonAdapter
{ {
public final static A ASPECT_LOGO = new A().setHref("http://www.aspectsecurity.com").addElement(new IMG("images/logos/aspect.jpg").setAlt("Aspect Security").setBorder(0).setHspace(0).setVspace(0));
private final static String MESSAGE = "msg"; private final static String MESSAGE = "msg";
@ -261,4 +264,9 @@ public class UncheckedEmail extends LessonAdapter
{ {
return ("How to Exploit Unchecked Email"); return ("How to Exploit Unchecked Email");
} }
public Element getCredits()
{
return super.getCustomCredits("", ASPECT_LOGO);
}
} }