diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/BackDoors.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/BackDoors.java index 309e6336e..2f936587c 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/BackDoors.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/BackDoors.java @@ -10,6 +10,7 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; import org.apache.ecs.html.Div; import org.apache.ecs.html.IMG; @@ -50,7 +51,7 @@ import org.owasp.webgoat.session.WebSession; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured */ public class BackDoors extends SequentialLessonAdapter { @@ -61,8 +62,7 @@ public class BackDoors extends SequentialLessonAdapter private final static String SELECT_ST = "select userid, password, ssn, salary, email from employee where userid="; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); protected Element createContent(WebSession s) { @@ -262,7 +262,7 @@ public class BackDoors extends SequentialLessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } protected List getHints(WebSession s) diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/CSRF.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/CSRF.java index c30991295..ea48a8a8d 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/CSRF.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/CSRF.java @@ -14,6 +14,7 @@ import javax.servlet.http.HttpSession; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.B; import org.apache.ecs.html.BR; import org.apache.ecs.html.Form; @@ -59,7 +60,7 @@ import org.owasp.webgoat.util.HtmlEncoder; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * */ public class CSRF extends LessonAdapter @@ -76,9 +77,7 @@ public class CSRF extends LessonAdapter private static int count = 1; private final static int USER_COL = 4; // Added by Chuck Willis - used to show user who posted // message - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); /** * Adds a feature to the Message attribute of the MessageBoardScreen object * @@ -377,7 +376,7 @@ public class CSRF extends LessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } } diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/DOMInjection.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/DOMInjection.java index 8bf605fc0..087cec6f6 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/DOMInjection.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/DOMInjection.java @@ -7,6 +7,7 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; import org.apache.ecs.html.Div; import org.apache.ecs.html.Form; @@ -46,7 +47,7 @@ import org.owasp.webgoat.session.WebSession; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * @created October 28, 2006 */ @@ -57,9 +58,8 @@ public class DOMInjection extends LessonAdapter private final static String KEY = "key"; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); + private final static String key = "K1JFWP8BSO8HI52LNPQS8F5L01N"; public void handleRequest(WebSession s) @@ -161,7 +161,7 @@ public class DOMInjection extends LessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } protected Category getDefaultCategory() diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/ForcedBrowsing.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/ForcedBrowsing.java index 7cfef80ca..064b39def 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/ForcedBrowsing.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/ForcedBrowsing.java @@ -6,6 +6,7 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; import org.apache.ecs.html.H1; import org.apache.ecs.html.IMG; @@ -44,7 +45,7 @@ import org.owasp.webgoat.session.WebSession; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * @created November 02, 2006 */ public class ForcedBrowsing extends LessonAdapter @@ -52,9 +53,8 @@ public class ForcedBrowsing extends LessonAdapter private final static String SUCCEEDED = "succeeded"; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); + /** * Description of the Method * @@ -145,6 +145,6 @@ public class ForcedBrowsing extends LessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } } diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/HttpSplitting.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/HttpSplitting.java index 814386d8b..826651cf5 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/HttpSplitting.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/HttpSplitting.java @@ -40,7 +40,7 @@ import org.owasp.webgoat.session.WebSession; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * @created September 30, 2006 */ @@ -53,9 +53,7 @@ public class HttpSplitting extends SequentialLessonAdapter private static String STAGE = "stage"; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); /** * Description of the Method * @@ -260,7 +258,7 @@ public class HttpSplitting extends SequentialLessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } } diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/JSONInjection.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/JSONInjection.java index fe44a476f..c4acf0c58 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/JSONInjection.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/JSONInjection.java @@ -45,7 +45,7 @@ import java.util.ArrayList; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * @created December 25, 2006 */ @@ -58,7 +58,7 @@ public class JSONInjection extends LessonAdapter private final static String TRAVEL_TO = "travelTo"; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") + private final static IMG MAC_LOGO = new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured") .setBorder(0).setHspace(0).setVspace(0); public void handleRequest(WebSession s) diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/LogSpoofing.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/LogSpoofing.java index d3cbb36f4..edbe6a701 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/LogSpoofing.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/LogSpoofing.java @@ -9,6 +9,7 @@ import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.HtmlColor; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.PRE; @@ -47,7 +48,7 @@ import org.owasp.webgoat.util.WebGoatI18N; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies + * @author Sherif Koussa Software Secured * @created October 28, 2006 */ @@ -58,9 +59,8 @@ public class LogSpoofing extends LessonAdapter private static final String PASSWORD = "password"; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); + protected Element createContent(WebSession s) { @@ -156,6 +156,6 @@ public class LogSpoofing extends LessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } } diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/NewLesson.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/NewLesson.java index 20d4c712b..0b3b157cb 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/NewLesson.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/NewLesson.java @@ -33,7 +33,7 @@ import org.owasp.webgoat.session.WebSession; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * @created October 28, 2003 */ public class NewLesson extends LessonAdapter diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/SilentTransactions.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/SilentTransactions.java index d74b167b5..a1c420eb2 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/SilentTransactions.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/SilentTransactions.java @@ -7,6 +7,7 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; import org.apache.ecs.html.Div; import org.apache.ecs.html.Form; @@ -48,7 +49,7 @@ import org.owasp.webgoat.session.WebSession; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * @created December 26, 2006 */ @@ -59,9 +60,8 @@ public class SilentTransactions extends LessonAdapter private final static Double CURRENT_BALANCE = 11987.09; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); + public void handleRequest(WebSession s) { @@ -283,7 +283,7 @@ public class SilentTransactions extends LessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } } diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/XMLInjection.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/XMLInjection.java index 9dd5db8ca..daeb05975 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/XMLInjection.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/XMLInjection.java @@ -8,6 +8,7 @@ import java.util.List; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.BR; import org.apache.ecs.html.Div; import org.apache.ecs.html.Form; @@ -48,7 +49,7 @@ import org.owasp.webgoat.session.WebSession; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured */ public class XMLInjection extends LessonAdapter { @@ -59,9 +60,8 @@ public class XMLInjection extends LessonAdapter public static HashMap rewardsMap = new HashMap(); - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); + protected static HashMap init() { Reward r = new Reward(); @@ -268,7 +268,7 @@ public class XMLInjection extends LessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } protected Category getDefaultCategory() diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/XPATHInjection.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/XPATHInjection.java index 6307b8783..e7c6b1134 100644 --- a/webgoat/src/main/java/org/owasp/webgoat/lessons/XPATHInjection.java +++ b/webgoat/src/main/java/org/owasp/webgoat/lessons/XPATHInjection.java @@ -19,6 +19,7 @@ import javax.xml.xpath.XPathExpressionException; import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; +import org.apache.ecs.html.A; import org.apache.ecs.html.IMG; import org.apache.ecs.html.Input; import org.apache.ecs.html.P; @@ -62,7 +63,7 @@ import org.owasp.webgoat.session.ECSFactory; * * For details, please see http://code.google.com/p/webgoat/ * - * @author Sherif Koussa Macadamian Technologies. + * @author Sherif Koussa Software Secured * @created November 28, 2006 */ @@ -75,9 +76,8 @@ public class XPATHInjection extends LessonAdapter private final static String PASSWORD = "Password"; - private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies") - .setBorder(0).setHspace(0).setVspace(0); - + public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0)); + protected Element createContent(WebSession s) { @@ -197,7 +197,7 @@ public class XPATHInjection extends LessonAdapter public Element getCredits() { - return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); + return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO); } protected Category getDefaultCategory() diff --git a/webgoat/src/main/webapp/images/logos/softwaresecured.gif b/webgoat/src/main/webapp/images/logos/softwaresecured.gif new file mode 100644 index 000000000..69e7c42cc Binary files /dev/null and b/webgoat/src/main/webapp/images/logos/softwaresecured.gif differ diff --git a/webgoat/src/main/webapp/webgoat.jsp b/webgoat/src/main/webapp/webgoat.jsp index b1bad31ba..1598466a7 100644 --- a/webgoat/src/main/webapp/webgoat.jsp +++ b/webgoat/src/main/webapp/webgoat.jsp @@ -83,6 +83,7 @@ by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatCo
Sherif Koussa
+ (http://www.softwaresecured.com)
Aung Khant
(http://yehg.org/)