dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor Bugfixes

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@338 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel
2008-04-14 13:28:25 +00:00
parent 15d80a3006
commit c001a67b95
11 changed files with 29 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
main/project/WebContent/lesson_solutions/SqlNumericInjection.html
View File

@ -637,7 +637,7 @@ query: SELECT * FROM weather_data WHERE station = 101<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>Intercept the post request with WebScarab and replace 101 with 101 or 1=1!<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>
<center>
<img src = "/WebGoat/lesson_solutions/SqlNumericInjection_files/numericinjection.png" width=350px>
@ -647,13 +647,13 @@ field-begin'></span><span style='mso-spacerun:yes'>
style='mso-no-proof:yes'>1</span><!--[if supportFields]><span style='mso-element:
field-end'></span><![endif]--> Intercepted Request with WebScarab<span style='font-family:
"Arial","sans-serif"'><o:p></o:p></span></p>
</center>
<br/>
<br/>
<p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>As the SQL Statement is true for every station you get
a list of all stations:<o:p></o:p></span></p>
<center>
<img src = "/WebGoat/lesson_solutions/SqlNumericInjection_files/numericinjection_solved.png" width=350px>
@ -663,7 +663,7 @@ field-begin'></span><span style='mso-spacerun:yes'>
style='mso-no-proof:yes'>2</span><!--[if supportFields]><span style='mso-element:
field-end'></span><![endif]--> All stations are visible<span style='font-family:
"Arial","sans-serif"'><o:p></o:p></span></p>
</center>
<p class=MsoNormal><o:p>&nbsp;</o:p></p>