dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor Bugfixes

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@338 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel
2008-04-14 13:28:25 +00:00
parent 15d80a3006
commit c001a67b95
11 changed files with 29 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
main/project/WebContent/lesson_solutions/SessionFixation.html
View File

@ -51,7 +51,7 @@ the link. Of course can WHATEVER be replaced by any other string.
The link should look similar to following:<br>
&lt;a href=http://localhost/WebGoat/attack?Screen=46&menu=320&SID=WHATEVER&gt;
</p>
<div align="center"><font size="2">
<div align="left"><font size="2">
<img src='lesson_solutions/SessionFixation_files/sf_stage1.png'><br>
<b>Figure 1: Phishing Mail</b>
</font>
@ -64,7 +64,7 @@ Point with the mouse on the link and you will notice the
SID in the status bar of your browser. This is the easiest
stage as you have only to click on the link 'Goat Hills Financial'.
</p>
<div align="center"><font size="2">
<div align="left"><font size="2">
<img src='lesson_solutions/SessionFixation_files/sf_stage2.png'><br>
<b>Figure 2: Received Phishing Mail</b>
</font>
@ -78,7 +78,7 @@ the URL is the SID visible. All
you have to do is to log in with your user name Jane
and your password tarzan.
</p>
<div align="center"><font size="2">
<div align="left"><font size="2">
<img src='lesson_solutions/SessionFixation_files/sf_stage3.png'><br>
<b>Figure 3: Goat Hills Financial Login Screen</b>
</font>
@ -98,7 +98,7 @@ Goat Hill Financial. Take a look at the URL and
you will see that your SID is NOVALIDSESSION.
Change this string to the SID you have chosen
at the beginning of this lesson and hit enter.</p>
<div align="center"><font size="2">
<div align="left"><font size="2">
<img src='lesson_solutions/SessionFixation_files/sf_stage4_1.png'><br>
<b>Figure 4: Browser Address Bar Before Changes</b>
<br><br>
@ -109,7 +109,7 @@ at the beginning of this lesson and hit enter.</p>
<br><br>
Congratulation! You are logged in as Jane
and the lesson was successful.
<div align="center"><font size="2">
<div align="left"><font size="2">
<img src='lesson_solutions/SessionFixation_files/sf_success.png'><br>
<b>Figure 6: Successful Completion Of The Lesson</b>
</font>