diff --git a/webgoat-lessons/cross-site-scripting/src/main/resources/lessonPlans/en/CrossSiteScripting_content1.adoc b/webgoat-lessons/cross-site-scripting/src/main/resources/lessonPlans/en/CrossSiteScripting_content1.adoc index e2143ab90..4e64a7c83 100644 --- a/webgoat-lessons/cross-site-scripting/src/main/resources/lessonPlans/en/CrossSiteScripting_content1.adoc +++ b/webgoat-lessons/cross-site-scripting/src/main/resources/lessonPlans/en/CrossSiteScripting_content1.adoc @@ -1,8 +1,6 @@ == What is XSS? -Cross-Site Scripting (also commonly known as XSS) is a vulnerability/flaw that combines ... -# the allowance of html/script tags as input that are ... -# rendered into a browser without encoding or sanitization +Cross-Site Scripting (also commonly known as XSS) is a vulnerability/flaw that combines the allowance of html/script tags as input that are rendered into a browser without encoding or sanitization === Cross-Site Scripting (XSS) is the most prevalent and pernicious web application security issue @@ -11,12 +9,12 @@ coverage of fixes also tends to be a problem. We will talk more about the defens === XSS has significant impact -Especially as 'Rich Internet Applications' are more and more common place, privileged function calls linked to via JavaScript may be compromised. +Especially as 'Rich Internet Applications' are more and more commonplace, privileged function calls linked to via JavaScript may be compromised. And if not properly protected, sensitive data (such as your authentication cookies) can be stolen and used for someone else's purpose. ==== Quick examples: -* From the JavaScript console in the developer tools of the browser (chrome, Firefox) +* From the JavaScript console in the developer tools of the browser (Chrome, Firefox) + ---- alert("XSS Test"); @@ -28,7 +26,7 @@ alert(document.cookie); ---- -== Try It! Using Chrome or Firefox +== Try It! Using Chrome or Firefox * Open a second tab and use the same url as this page you are currently on (or any url within this instance of WebGoat) * Then, on that second that open the browser developer tools and open the javascript console. And type: `alert(document.cookie);` . diff --git a/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/postquantum.adoc b/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/postquantum.adoc index ccbfde099..da981f0fc 100644 --- a/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/postquantum.adoc +++ b/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/postquantum.adoc @@ -2,6 +2,6 @@ == Post quantum cryptography -Quantum computers are here and getting more power in available qubits each year. Quantum computers are and will be capable of decrypting information that was encrypted with algorithms that were thought to be safe. For some years now, a lot of encrypted communicatation using quantum vulnerable cryptoraphy is being recorded. This information will be decrypted when the quantum computers are powerful enough. Even tough the information may be old, it still could contain valuable information that can be misused. Besides the fact that some private information will be known to parties it was not intended for. +Quantum computers are here and getting more power in available qubits each year. Quantum computers are and will be capable of decrypting information that was encrypted with algorithms that were thought to be safe. For some years now, a lot of encrypted communicatation using quantum vulnerable cryptoraphy is being recorded. This information will be decrypted when the quantum computers are powerful enough. Even though the information may be old, it still could contain valuable information that can be misused. Besides the fact that some private information will be known to parties it was not intended for. -Mathematics has answers for the post quantum era. New cryptography is already available and should be used NOW in order to minimize threads. You can read more on this on Wikipedia https://en.wikipedia.org/wiki/Post-quantum_cryptography[Post quatum on Wikipedia,window=_blank] \ No newline at end of file +Mathematics has answers for the post quantum era. New cryptography is already available and should be used NOW in order to minimize threads. You can read more on this on Wikipedia https://en.wikipedia.org/wiki/Post-quantum_cryptography[Post quatum on Wikipedia,window=_blank] diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_content6c.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_content6c.adoc index a8dd7d668..b7bd0b165 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_content6c.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_content6c.adoc @@ -1,7 +1,7 @@ == Blind SQL injection Blind SQL injection is a type of SQL injection attack that asks the database true or false -questions and determines the answer based on the applications response. This attack is often used when the web +questions and determines the answer based on the application's response. This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection. diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_before.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_before.adoc index 96a98e285..084053a3d 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_before.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_before.adoc @@ -1,6 +1,6 @@ == What is SQL injection? -SQL injections are the most common web hacking techniques. *A SQL injection attack consists of insertion or "injection" of malicious code via the SQL query input from the client to the application.* If not dealt with correctly, such an injection of code into the application can have an serious impact on e.g. data integrity and security. +SQL injections are the most common web hacking techniques. *A SQL injection attack consists of insertion or "injection" of malicious code via the SQL query input from the client to the application.* If not dealt with correctly, such an injection of code into the application can have a serious impact on e.g. data integrity and security. SQL injections can occur, when unfiltered data from the client, e.g. the input of a search field, gets into the SQL interpreter of the application itself. If the input from the client does not get checked for containing SQL commands, hackers can easily manipulate the underlying SQL statement to their advantage. + Per example if the input is not filtered for SQL metacharacters like *--* (comments out the rest of the line) or *;* (ends a SQL query and that way can be used to chain them). @@ -11,7 +11,7 @@ Per example if the input is not filtered for SQL metacharacters like *--* (comme Think of a web application, that allows to display user information, by typing a username into an input field. -The input will then be sent to the server and gets inserted into a SQL query which then is processed by an SQL interpreter. +The input will then be sent to the server and gets inserted into a SQL query which then is processed by a SQL interpreter. The SQL query to retrieve the user information from the database looks like that: + ------------------------------------------------------- @@ -28,4 +28,4 @@ and would retrieve all data for the user with the name Smith. {nbsp} + But if an attacker supplies an unexpected input which could be part of a SQL query, the query itself can be modified and that way be used to perform other (malicious) actions on the database. -Here is an input field. Try typing some SQL in here to better understand how the query changes. \ No newline at end of file +Here is an input field. Try typing some SQL in here to better understand how the query changes. diff --git a/webgoat-lessons/webgoat-lesson-template/src/main/resources/lessonPlans/en/lesson-template-intro.adoc b/webgoat-lessons/webgoat-lesson-template/src/main/resources/lessonPlans/en/lesson-template-intro.adoc index d0a007c7a..441ce0aaa 100644 --- a/webgoat-lessons/webgoat-lesson-template/src/main/resources/lessonPlans/en/lesson-template-intro.adoc +++ b/webgoat-lessons/webgoat-lesson-template/src/main/resources/lessonPlans/en/lesson-template-intro.adoc @@ -3,7 +3,7 @@ This lesson describes the steps needed to add a new lesson to WebGoat. In genera - Write the content, in WebGoat we use AsciiDoc as a format. - Create a lesson class - Write html glue page so WebGoat knows how the content should be displayed -- Add one of more assignments within the lesson +- Add one or more assignments within the lesson Let's see how to create a new lesson. diff --git a/webgoat-lessons/webwolf-introduction/src/main/resources/lessonPlans/en/IntroductionWebWolf.adoc b/webgoat-lessons/webwolf-introduction/src/main/resources/lessonPlans/en/IntroductionWebWolf.adoc index 03f3223bb..3b817e7f7 100644 --- a/webgoat-lessons/webwolf-introduction/src/main/resources/lessonPlans/en/IntroductionWebWolf.adoc +++ b/webgoat-lessons/webwolf-introduction/src/main/resources/lessonPlans/en/IntroductionWebWolf.adoc @@ -10,10 +10,10 @@ image::images/wolf-enabled.png[width=115,height=128] {nbsp} -Even if the icon is present your are not obliged to use WebWolf, you can also use any intercepting tool you like. +Even if the icon is present, you are not obliged to use WebWolf, you can also use any intercepting tool you like. (`netcat` etc.) -WebWolf is a separate web application which simulates an attackers machine. It makes it possible for us to +WebWolf is a separate web application which simulates an attacker's machine. It makes it possible for us to make a clear distinction between what takes place on the attacked website and the actions you need to do as an "attacker". WebWolf was introduced after a couple of workshops where we received feedback that there was no clear distinction between what was part of the "attackers" role and what was part of the "users" role on the