diff --git a/ webgoat/ExecResults.java b/ webgoat/ExecResults.java
deleted file mode 100644
index eb8fb2fa1..000000000
--- a/ webgoat/ExecResults.java
+++ /dev/null
@@ -1,320 +0,0 @@
-package org.owasp.webgoat.util;
-
-/**
- * Copyright (c) 2002 Free Software Foundation developed under the custody of
- * the Open Web Application Security Project (http://www.owasp.org) This
- * software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and
- * accept the LICENSE before you use, modify and/or redistribute this software.
- *
- * @author Jeff Williams Aspect Security
- */
-public class ExecResults
-{
- /**
- * Description of the Field
- */
- public final static int BADRETURNCODE = 2;
-
- /**
- * Description of the Field
- */
- public final static int THROWABLE = 1;
- private String myCommand;
- private boolean myError = false;
- private int myErrorType = 0;
- private String myErrors = null;
- private String myInput;
- private boolean myInterrupted = false;
- private String myOutput = null;
- private int myReturnCode = 0;
- private int mySuccessCode;
- private Throwable myThrowable = null;
- private int myTimeout;
-
- /**
- * Constructor for the ExecResults object
- *
- *@param command Description of the Parameter
- *@param input Description of the Parameter
- *@param successCode Description of the Parameter
- *@param timeout Description of the Parameter
- */
- public ExecResults(String command, String input, int successCode, int timeout)
- {
- myCommand = command.trim();
- myInput = input.trim();
- mySuccessCode = successCode;
- myTimeout = timeout;
- }
-
- /**
- * Description of the Method
- *
- *@param haystack Description of the Parameter
- *@param needle Description of the Parameter
- *@param fromIndex Description of the Parameter
- *@return Description of the Return Value
- */
- private boolean contains(String haystack, String needle, int fromIndex)
- {
- return (haystack.trim().toLowerCase().indexOf(needle.trim().toLowerCase(), fromIndex) != -1);
- }
-
-
- /**
- * Description of the Method
- *
- *@param value Description of the Parameter
- *@return Description of the Return Value
- */
- public boolean errorsContains(String value)
- {
- return (errorsContains(value, 0));
- }
-
-
- /**
- * Description of the Method
- *
- *@param value Description of the Parameter
- *@param fromIndex Description of the Parameter
- *@return Description of the Return Value
- */
- public boolean errorsContains(String value, int fromIndex)
- {
- return (contains(myErrors, value, fromIndex));
- }
-
-
- /**
- * Gets the error attribute of the ExecResults object
- *
- *@return The error value
- */
- public boolean getError()
- {
- return (myError);
- }
-
-
- /**
- * Gets the errorMessage attribute of the ExecResults object
- *
- *@return The errorMessage value
- */
- public String getErrorMessage()
- {
- switch (getErrorType())
- {
- case THROWABLE:
- return ("Exception: " + myThrowable.getMessage());
-
- case BADRETURNCODE:
- return ("Bad return code (expected " + mySuccessCode + ")");
-
- default:
- return ("Unknown error");
- }
- }
-
-
- /**
- * Gets the errorType attribute of the ExecResults object
- *
- *@return The errorType value
- */
- public int getErrorType()
- {
- return (myErrorType);
- }
-
-
- /**
- * Gets the errors attribute of the ExecResults object
- *
- *@return The errors value
- */
- public String getErrors()
- {
- return (myErrors);
- }
-
-
- /**
- * Gets the interrupted attribute of the ExecResults object
- *
- *@return The interrupted value
- */
- public boolean getInterrupted()
- {
- return (myInterrupted);
- }
-
-
- /**
- * Gets the output attribute of the ExecResults object
- *
- *@return The output value
- */
- public String getOutput()
- {
- return (myOutput);
- }
-
-
- /**
- * Gets the returnCode attribute of the ExecResults object
- *
- *@return The returnCode value
- */
- public int getReturnCode()
- {
- return (myReturnCode);
- }
-
-
- /**
- * Gets the throwable attribute of the ExecResults object
- *
- *@return The throwable value
- */
- public Throwable getThrowable()
- {
- return (myThrowable);
- }
-
-
- /**
- * Description of the Method
- *
- *@param value Description of the Parameter
- *@return Description of the Return Value
- */
- public boolean outputContains(String value)
- {
- return (outputContains(value, 0));
- }
-
-
- /**
- * Description of the Method
- *
- *@param value Description of the Parameter
- *@param fromIndex Description of the Parameter
- *@return Description of the Return Value
- */
- public boolean outputContains(String value, int fromIndex)
- {
- return (contains(myOutput, value, fromIndex));
- }
-
-
- /**
- * Sets the error attribute of the ExecResults object
- *
- *@param value The new error value
- */
- public void setError(int value)
- {
- myError = true;
- myErrorType = value;
- }
-
-
- /**
- * Sets the errors attribute of the ExecResults object
- *
- *@param errors The new errors value
- */
- public void setErrors(String errors)
- {
- myErrors = errors.trim();
- }
-
-
- /**
- * Sets the interrupted attribute of the ExecResults object
- */
- public void setInterrupted()
- {
- myInterrupted = true;
- }
-
-
- /**
- * Sets the output attribute of the ExecResults object
- *
- *@param value The new output value
- */
- public void setOutput(String value)
- {
- myOutput = value.trim();
- }
-
-
- /**
- * Sets the returnCode attribute of the ExecResults object
- *
- *@param value The new returnCode value
- */
- public void setReturnCode(int value)
- {
- myReturnCode = value;
- }
-
-
- /**
- * Sets the throwable attribute of the ExecResults object
- *
- *@param value The new throwable value
- */
- public void setThrowable(Throwable value)
- {
- setError(THROWABLE);
- myThrowable = value;
- }
-
-
- /**
- * Description of the Method
- *
- *@return Description of the Return Value
- */
- public String toString()
- {
- String sep = System.getProperty("line.separator");
- StringBuffer value = new StringBuffer();
- value.append("ExecResults for \'" + myCommand + "\'" + sep);
-
- if ((myInput != null) && !myInput.equals(""))
- {
- value.append(sep + "Input..." + sep + myInput + sep);
- }
-
- if ((myOutput != null) && !myOutput.equals(""))
- {
- value.append(sep + "Output..." + sep + myOutput + sep);
- }
-
- if ((myErrors != null) && !myErrors.equals(""))
- {
- value.append(sep + "Errors..." + sep + myErrors + sep);
- }
-
- value.append(sep);
-
- if (myInterrupted)
- {
- value.append("Command timed out after " + (myTimeout / 1000) + " seconds " + sep);
- }
-
- value.append("Returncode: " + myReturnCode + sep);
-
- if (myError)
- {
- value.append(getErrorMessage() + sep);
- }
-
- return (value.toString());
- }
-}
diff --git a/ webgoat/ExecutionException.java b/ webgoat/ExecutionException.java
deleted file mode 100644
index e01c00f31..000000000
--- a/ webgoat/ExecutionException.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package org.owasp.webgoat.util;
-
-/**
- * Copyright (c) 2002 Free Software Foundation developed under the custody of
- * the Open Web Application Security Project (http://www.owasp.org) This
- * software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and
- * accept the LICENSE before you use, modify and/or redistribute this software.
- *
- * @author Jeff Williams Aspect Security
- */
-public class ExecutionException extends Exception
-{
- /**
- * Constructor for the ExecutionException object
- */
- public ExecutionException()
- {
- super();
- }
-
-
- /**
- * Constructor for the ExecutionException object
- *
- *@param msg Description of the Parameter
- */
- public ExecutionException(String msg)
- {
- super(msg);
- }
-}
diff --git a/ webgoat/HtmlEncoder.java b/ webgoat/HtmlEncoder.java
deleted file mode 100644
index 09401378a..000000000
--- a/ webgoat/HtmlEncoder.java
+++ /dev/null
@@ -1,195 +0,0 @@
-package org.owasp.webgoat.util;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class HtmlEncoder
-{
- static Map e2i = new HashMap();
- static Map i2e = new HashMap();
-
- // html entity list
- private static Object[][] entities =
- {
- {"quot", new Integer( 34 )}, // " - double-quote
- {"amp", new Integer( 38 )}, // & - ampersand
- {"lt", new Integer( 60 )}, // < - less-than
- {"gt", new Integer( 62 )}, // > - greater-than
- {"nbsp", new Integer( 160 )}, // non-breaking space
- {"copy", new Integer( 169 )}, // © - copyright
- {"reg", new Integer( 174 )}, // ® - registered trademark
- {"Agrave", new Integer( 192 )}, // À - uppercase A, grave accent
- {"Aacute", new Integer( 193 )}, // Á - uppercase A, acute accent
- {"Acirc", new Integer( 194 )}, // Â - uppercase A, circumflex accent
- {"Atilde", new Integer( 195 )}, // Ã - uppercase A, tilde
- {"Auml", new Integer( 196 )}, // Ä - uppercase A, umlaut
- {"Aring", new Integer( 197 )}, // Å - uppercase A, ring
- {"AElig", new Integer( 198 )}, // Æ - uppercase AE
- {"Ccedil", new Integer( 199 )}, // Ç - uppercase C, cedilla
- {"Egrave", new Integer( 200 )}, // È - uppercase E, grave accent
- {"Eacute", new Integer( 201 )}, // É - uppercase E, acute accent
- {"Ecirc", new Integer( 202 )}, // Ê - uppercase E, circumflex accent
- {"Euml", new Integer( 203 )}, // Ë - uppercase E, umlaut
- {"Igrave", new Integer( 204 )}, // Ì - uppercase I, grave accent
- {"Iacute", new Integer( 205 )}, // Í - uppercase I, acute accent
- {"Icirc", new Integer( 206 )}, // Î - uppercase I, circumflex accent
- {"Iuml", new Integer( 207 )}, // Ï - uppercase I, umlaut
- {"ETH", new Integer( 208 )}, // Ð - uppercase Eth, Icelandic
- {"Ntilde", new Integer( 209 )}, // Ñ - uppercase N, tilde
- {"Ograve", new Integer( 210 )}, // Ò - uppercase O, grave accent
- {"Oacute", new Integer( 211 )}, // Ó - uppercase O, acute accent
- {"Ocirc", new Integer( 212 )}, // Ô - uppercase O, circumflex accent
- {"Otilde", new Integer( 213 )}, // Õ - uppercase O, tilde
- {"Ouml", new Integer( 214 )}, // Ö - uppercase O, umlaut
- {"Oslash", new Integer( 216 )}, // Ø - uppercase O, slash
- {"Ugrave", new Integer( 217 )}, // Ù - uppercase U, grave accent
- {"Uacute", new Integer( 218 )}, // Ú - uppercase U, acute accent
- {"Ucirc", new Integer( 219 )}, // Û - uppercase U, circumflex accent
- {"Uuml", new Integer( 220 )}, // Ü - uppercase U, umlaut
- {"Yacute", new Integer( 221 )}, // Ý - uppercase Y, acute accent
- {"THORN", new Integer( 222 )}, // Þ - uppercase THORN, Icelandic
- {"szlig", new Integer( 223 )}, // ß - lowercase sharps, German
- {"agrave", new Integer( 224 )}, // à - lowercase a, grave accent
- {"aacute", new Integer( 225 )}, // á - lowercase a, acute accent
- {"acirc", new Integer( 226 )}, // â - lowercase a, circumflex accent
- {"atilde", new Integer( 227 )}, // ã - lowercase a, tilde
- {"auml", new Integer( 228 )}, // ä - lowercase a, umlaut
- {"aring", new Integer( 229 )}, // å - lowercase a, ring
- {"aelig", new Integer( 230 )}, // æ - lowercase ae
- {"ccedil", new Integer( 231 )}, // ç - lowercase c, cedilla
- {"egrave", new Integer( 232 )}, // è - lowercase e, grave accent
- {"eacute", new Integer( 233 )}, // é - lowercase e, acute accent
- {"ecirc", new Integer( 234 )}, // ê - lowercase e, circumflex accent
- {"euml", new Integer( 235 )}, // ë - lowercase e, umlaut
- {"igrave", new Integer( 236 )}, // ì - lowercase i, grave accent
- {"iacute", new Integer( 237 )}, // í - lowercase i, acute accent
- {"icirc", new Integer( 238 )}, // î - lowercase i, circumflex accent
- {"iuml", new Integer( 239 )}, // ï - lowercase i, umlaut
- {"igrave", new Integer( 236 )}, // ì - lowercase i, grave accent
- {"iacute", new Integer( 237 )}, // í - lowercase i, acute accent
- {"icirc", new Integer( 238 )}, // î - lowercase i, circumflex accent
- {"iuml", new Integer( 239 )}, // ï - lowercase i, umlaut
- {"eth", new Integer( 240 )}, // ð - lowercase eth, Icelandic
- {"ntilde", new Integer( 241 )}, // ñ - lowercase n, tilde
- {"ograve", new Integer( 242 )}, // ò - lowercase o, grave accent
- {"oacute", new Integer( 243 )}, // ó - lowercase o, acute accent
- {"ocirc", new Integer( 244 )}, // ô - lowercase o, circumflex accent
- {"otilde", new Integer( 245 )}, // õ - lowercase o, tilde
- {"ouml", new Integer( 246 )}, // ö - lowercase o, umlaut
- {"oslash", new Integer( 248 )}, // ø - lowercase o, slash
- {"ugrave", new Integer( 249 )}, // ù - lowercase u, grave accent
- {"uacute", new Integer( 250 )}, // ú - lowercase u, acute accent
- {"ucirc", new Integer( 251 )}, // û - lowercase u, circumflex accent
- {"uuml", new Integer( 252 )}, // ü - lowercase u, umlaut
- {"yacute", new Integer( 253 )}, // ý - lowercase y, acute accent
- {"thorn", new Integer( 254 )}, // þ - lowercase thorn, Icelandic
- {"yuml", new Integer( 255 )}, // ÿ - lowercase y, umlaut
- {"euro", new Integer( 8364 )},// Euro symbol
- };
-
-
- public HtmlEncoder()
- {
- for(int i=0; i
- *
- * e.g. "bread" & "butter" => "bread" &
- * "butter" . Update: supports nearly all HTML entities, including funky
- * accents. See the source code for more detail. Adapted from
- * http://www.purpletech.com/code/src/com/purpletech/util/Utils.java.
- *
- * @param s1 Description of the Parameter
- * @return Description of the Return Value
- */
- public static String encode( String s1 )
- {
- StringBuffer buf = new StringBuffer();
-
- int i;
- for ( i = 0; i < s1.length(); ++i )
- {
- char ch = s1.charAt( i );
-
- String entity = (String) i2e.get( new Integer( (int) ch ) );
-
- if ( entity == null )
- {
- if ( ( (int) ch ) > 128 )
- {
- buf.append( "&#" + ( (int) ch ) + ";" );
- }
- else
- {
- buf.append( ch );
- }
- }
- else
- {
- buf.append( "&" + entity + ";" );
- }
- }
-
- return buf.toString();
- }
-
-
- /**
- * Given a string containing entity escapes, returns a string containing the actual Unicode
- * characters corresponding to the escapes. Adapted from
- * http://www.purpletech.com/code/src/com/purpletech/util/Utils.java.
- *
- * @param s1 Description of the Parameter
- * @return Description of the Return Value
- */
- public static String decode( String s1 )
- {
- StringBuffer buf = new StringBuffer();
-
- int i;
- for ( i = 0; i < s1.length(); ++i )
- {
- char ch = s1.charAt( i );
-
- if ( ch == '&' )
- {
- int semi = s1.indexOf( ';', i + 1 );
- if ( semi == -1 )
- {
- buf.append( ch );
- continue;
- }
- String entity = s1.substring( i + 1, semi );
- Integer iso;
- if ( entity.charAt( 0 ) == '#' )
- {
- iso = new Integer( entity.substring( 1 ) );
- }
- else
- {
- iso = (Integer) e2i.get( entity );
- }
- if ( iso == null )
- {
- buf.append( "&" + entity + ";" );
- }
- else
- {
- buf.append( (char) ( iso.intValue() ) );
- }
- i = semi;
- }
- else
- {
- buf.append( ch );
- }
- }
-
- return buf.toString();
- }
-}
diff --git a/ webgoat/ThreadWatcher.java b/ webgoat/ThreadWatcher.java
deleted file mode 100644
index 3a5b46b64..000000000
--- a/ webgoat/ThreadWatcher.java
+++ /dev/null
@@ -1,90 +0,0 @@
-package org.owasp.webgoat.util;
-
-import java.util.BitSet;
-
-
-/**
- * Copyright (c) 2002 Free Software Foundation developed under the custody of
- * the Open Web Application Security Project (http://www.owasp.org) This
- * software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and
- * accept the LICENSE before you use, modify and/or redistribute this software.
- *
- *@author jwilliams@aspectsecurity.com
- *@created November 6, 2002
- */
-public class ThreadWatcher implements Runnable
-{
- // time to live in milliseconds
- private BitSet myInterrupted;
- private Process myProcess;
- private int myTimeout;
-
- /**
- * Constructor for the ThreadWatcher object
- *
- *@param p Description of the Parameter
- *@param interrupted Description of the Parameter
- *@param timeout Description of the Parameter
- */
- public ThreadWatcher(Process p, BitSet interrupted, int timeout)
- {
- myProcess = p;
-
- // thread used by whoever constructed this watcher
- myTimeout = timeout;
- myInterrupted = interrupted;
- }
-
- /*
- * Interrupt the thread by marking the interrupted bit and killing the process
- */
-
- /**
- * Description of the Method
- */
- public void interrupt()
- {
- myInterrupted.set(0);
-
- // set interrupted bit (bit 0 of the bitset) to 1
- myProcess.destroy();
-
- /*
- * try
- * {
- * myProcess.getInputStream().close();
- * }
- * catch( IOException e1 )
- * {
- * / do nothing -- input streams are probably already closed
- * }
- * try
- * {
- * myProcess.getErrorStream().close();
- * }
- * catch( IOException e2 )
- * {
- * / do nothing -- input streams are probably already closed
- * }
- * myThread.interrupt();
- */
- }
-
-
- /**
- * Main processing method for the ThreadWatcher object
- */
- public void run()
- {
- try
- {
- Thread.sleep(myTimeout);
- }
- catch (InterruptedException e)
- {
- // do nothing -- if watcher is interrupted, so is thread
- }
-
- interrupt();
- }
-}