dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Corrected information related to credits.

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@437 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
sherif.fathy@gmail.com 2011-09-29 00:32:56 +00:00
parent 4059bb5d33
commit ba97e884a4
13 changed files with 45 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/org/owasp/webgoat/lessons/BackDoors.java
View File

@ -10,6 +10,7 @@ import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.IMG;
@ -50,7 +51,7 @@ import org.owasp.webgoat.session.WebSession;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
*/
public class BackDoors extends SequentialLessonAdapter
{
@ -61,8 +62,7 @@ public class BackDoors extends SequentialLessonAdapter
private final static String SELECT_ST = "select userid, password, ssn, salary, email from employee where userid=";
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
protected Element createContent(WebSession s)
{
@ -262,7 +262,7 @@ public class BackDoors extends SequentialLessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
protected List<String> getHints(WebSession s)

9
src/main/java/org/owasp/webgoat/lessons/CSRF.java
View File

@ -14,6 +14,7 @@ import javax.servlet.http.HttpSession;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.B;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Form;
@ -59,7 +60,7 @@ import org.owasp.webgoat.util.HtmlEncoder;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
*
*/
public class CSRF extends LessonAdapter
@ -76,9 +77,7 @@ public class CSRF extends LessonAdapter
private static int count = 1;
private final static int USER_COL = 4; // Added by Chuck Willis - used to show user who posted
// message
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
/**
* Adds a feature to the Message attribute of the MessageBoardScreen object
*
@ -377,7 +376,7 @@ public class CSRF extends LessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
}

10
src/main/java/org/owasp/webgoat/lessons/DOMInjection.java
View File

@ -7,6 +7,7 @@ import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Form;
@ -46,7 +47,7 @@ import org.owasp.webgoat.session.WebSession;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created October 28, 2006
*/
@ -57,9 +58,8 @@ public class DOMInjection extends LessonAdapter
private final static String KEY = "key";
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
private final static String key = "K1JFWP8BSO8HI52LNPQS8F5L01N";
public void handleRequest(WebSession s)
@ -161,7 +161,7 @@ public class DOMInjection extends LessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
protected Category getDefaultCategory()

10
src/main/java/org/owasp/webgoat/lessons/ForcedBrowsing.java
View File

@ -6,6 +6,7 @@ import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.H1;
import org.apache.ecs.html.IMG;
@ -44,7 +45,7 @@ import org.owasp.webgoat.session.WebSession;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created November 02, 2006
*/
public class ForcedBrowsing extends LessonAdapter
@ -52,9 +53,8 @@ public class ForcedBrowsing extends LessonAdapter
private final static String SUCCEEDED = "succeeded";
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
/**
* Description of the Method
*
@ -145,6 +145,6 @@ public class ForcedBrowsing extends LessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
}

8
src/main/java/org/owasp/webgoat/lessons/HttpSplitting.java
View File

@ -40,7 +40,7 @@ import org.owasp.webgoat.session.WebSession;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created September 30, 2006
*/
@ -53,9 +53,7 @@ public class HttpSplitting extends SequentialLessonAdapter
private static String STAGE = "stage";
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
/**
* Description of the Method
*
@ -260,7 +258,7 @@ public class HttpSplitting extends SequentialLessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
}

4
src/main/java/org/owasp/webgoat/lessons/JSONInjection.java
View File

@ -45,7 +45,7 @@ import java.util.ArrayList;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created December 25, 2006
*/
@ -58,7 +58,7 @@ public class JSONInjection extends LessonAdapter
private final static String TRAVEL_TO = "travelTo";
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
private final static IMG MAC_LOGO = new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured")
.setBorder(0).setHspace(0).setVspace(0);
public void handleRequest(WebSession s)

10
src/main/java/org/owasp/webgoat/lessons/LogSpoofing.java
View File

@ -9,6 +9,7 @@ import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.HtmlColor;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.PRE;
@ -47,7 +48,7 @@ import org.owasp.webgoat.util.WebGoatI18N;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created October 28, 2006
*/
@ -58,9 +59,8 @@ public class LogSpoofing extends LessonAdapter
private static final String PASSWORD = "password";
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
protected Element createContent(WebSession s)
{
@ -156,6 +156,6 @@ public class LogSpoofing extends LessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
}

2
src/main/java/org/owasp/webgoat/lessons/NewLesson.java
View File

@ -33,7 +33,7 @@ import org.owasp.webgoat.session.WebSession;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created October 28, 2003
*/
public class NewLesson extends LessonAdapter

10
src/main/java/org/owasp/webgoat/lessons/SilentTransactions.java
View File

@ -7,6 +7,7 @@ import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Form;
@ -48,7 +49,7 @@ import org.owasp.webgoat.session.WebSession;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created December 26, 2006
*/
@ -59,9 +60,8 @@ public class SilentTransactions extends LessonAdapter
private final static Double CURRENT_BALANCE = 11987.09;
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
public void handleRequest(WebSession s)
{
@ -283,7 +283,7 @@ public class SilentTransactions extends LessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
}

10
src/main/java/org/owasp/webgoat/lessons/XMLInjection.java
View File

@ -8,6 +8,7 @@ import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Form;
@ -48,7 +49,7 @@ import org.owasp.webgoat.session.WebSession;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
*/
public class XMLInjection extends LessonAdapter
{
@ -59,9 +60,8 @@ public class XMLInjection extends LessonAdapter
public static HashMap<Integer, Reward> rewardsMap = new HashMap<Integer, Reward>();
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
protected static HashMap<Integer, Reward> init()
{
Reward r = new Reward();
@ -268,7 +268,7 @@ public class XMLInjection extends LessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
protected Category getDefaultCategory()

10
src/main/java/org/owasp/webgoat/lessons/XPATHInjection.java
View File

@ -19,6 +19,7 @@ import javax.xml.xpath.XPathExpressionException;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.P;
@ -62,7 +63,7 @@ import org.owasp.webgoat.session.ECSFactory;
*
* For details, please see http://code.google.com/p/webgoat/
*
* @author Sherif Koussa <a href="http://www.macadamian.com">Macadamian Technologies.</a>
* @author Sherif Koussa <a href="http://www.softwaresecured.com">Software Secured</a>
* @created November 28, 2006
*/
@ -75,9 +76,8 @@ public class XPATHInjection extends LessonAdapter
private final static String PASSWORD = "Password";
private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
.setBorder(0).setHspace(0).setVspace(0);
public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
protected Element createContent(WebSession s)
{
@ -197,7 +197,7 @@ public class XPATHInjection extends LessonAdapter
public Element getCredits()
{
return super.getCustomCredits("Created by Sherif Koussa ", MAC_LOGO);
return super.getCustomCredits("Created by Sherif Koussa&nbsp;", MAC_LOGO);
}
protected Category getDefaultCategory()

BIN
src/main/webapp/images/logos/softwaresecured.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB

1
src/main/webapp/webgoat.jsp
View File

@ -83,6 +83,7 @@ by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatCo
</td>
<td>
<div align="center" class="style2">Sherif Koussa<br />
(http://www.softwaresecured.com)
</div>
<div align="center" class="style2">Aung Khant<br />
(http://yehg.org/)</div>