* Log spoofing lesson this includes the following file:

- LogSpoofing.html - LogSpoofing.java git-svn-id: http://webgoat.googlecode.com/svn/trunk@27 4033779f-a91e-0410-96ef-6bf7bf53c507
2006-11-01 02:26:51 +00:00
parent 1a9d859507
commit ca2dfa27d1
4 changed files with 137 additions and 0 deletions
--- a/webgoat/main/project/WebContent/lesson_plans/LogSpoofing.html
+++ b/webgoat/main/project/WebContent/lesson_plans/LogSpoofing.html
@ -0,0 +1,19 @@
+<div align="Center"> 
+<p><b>Lesson Plan Title:</b> Log Spoofing. </p>
+ </div>
+ 
+<p><b>Concept / Topic To Teach:</b> </p>
+ This lesson teaches attempts to fool the human eye.
+ <br> 
+<div align="Left"> 
+<p>
+<b>How the attacks works:</b>
+The attack is based on fooling the humane eye in log files. An attacker can erase his traces from the logs
+using this attack.
+</p>
+</div>
+<p><b>General Goal(s):</b> </p>
+<!-- Start Instructions -->
+* The grey area below represents what is going to be logged in the web server's log file.<br>
+* Your goal is to make it like a username "admin" has succeeded into logging in.
+<!-- Stop Instructions -->