Password reset link test condition more strict and move all WebWolf links to /WebWolf (#1645)
* better check on host and port for password reset and make context roots more flexible * spotless applied * removed hardcoded /WebGoat from js * removed hardcoded /WebGoat from js * fix spotless * fix scoreboard * upgrade WebWolf bootstrap version and icons and templates - part 1 * fixed more bootstrap 5 style issues and context path issues * organized WebSecurityConfig based on latest conventions and added basic support for oauth (more work needed) * spotless applied * added mock bean * requires updates to properties - commented for now * requires updates to properties - commented for now * oauth secrets through env values * user creation after oauth login * integration test against non default context paths * adjusted StartupMessage * add global model element username * conditionally show login oauth links * fixed WebWolf login --------- Co-authored-by: René Zubcevic <rene@Mac-mini-van-Rene.local>
This commit is contained in:
pom.xml
robot
src
it
java
org
owasp
webgoat
AccessControlIntegrationTest.javaCSRFIntegrationTest.javaChallengeIntegrationTest.javaCryptoIntegrationTest.javaDeserializationIntegrationTest.javaGeneralLessonIntegrationTest.javaIDORIntegrationTest.javaIntegrationTest.javaJWTLessonIntegrationTest.javaPasswordResetLessonIntegrationTest.javaPathTraversalIntegrationTest.javaProgressRaceConditionIntegrationTest.javaSSRFIntegrationTest.javaSessionManagementIntegrationTest.javaSqlInjectionAdvancedIntegrationTest.javaSqlInjectionLessonIntegrationTest.javaSqlInjectionMitigationIntegrationTest.javaWebWolfIntegrationTest.javaXSSIntegrationTest.javaXXEIntegrationTest.java
main
java
org
owasp
webgoat
container
lessons
server
webwolf
resources
application-webgoat.propertiesapplication-webwolf.properties
lessons
authbypass
bypassrestrictions
challenges
documentation
html
chromedevtools
clientsidefiltering
cryptography
csrf
html
deserialization
hijacksession
templates
htmltampering
httpbasics
html
httpproxies
html
idor
insecurelogin
jwt
lessontemplate
logging
html
missingac
passwordreset
pathtraversal
securepasswords
spoofcookie
templates
sqlinjection
ssrf
html
vulnerablecomponents
webwolfintroduction
xss
html
i18n
js
xxe
html
webgoat
static
js
templates
webwolf
test
java
org
owasp
webgoat
15
pom.xml
15
pom.xml
@ -110,8 +110,7 @@
|
|||||||
<properties>
|
<properties>
|
||||||
<!-- Shared properties with plugins and version numbers across submodules-->
|
<!-- Shared properties with plugins and version numbers across submodules-->
|
||||||
<asciidoctorj.version>2.5.10</asciidoctorj.version>
|
<asciidoctorj.version>2.5.10</asciidoctorj.version>
|
||||||
<!-- Upgrading needs UI work in WebWolf Limited to 3.4.1 due to stylesheet refactoring -->
|
<bootstrap.version>5.3.1</bootstrap.version>
|
||||||
<bootstrap.version>3.4.1</bootstrap.version>
|
|
||||||
<cglib.version>3.3.0</cglib.version>
|
<cglib.version>3.3.0</cglib.version>
|
||||||
<!-- do not update necessary for lesson -->
|
<!-- do not update necessary for lesson -->
|
||||||
<checkstyle.version>3.3.1</checkstyle.version>
|
<checkstyle.version>3.3.1</checkstyle.version>
|
||||||
@ -141,8 +140,10 @@
|
|||||||
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
||||||
<thymeleaf.version>3.1.1.RELEASE</thymeleaf.version>
|
<thymeleaf.version>3.1.1.RELEASE</thymeleaf.version>
|
||||||
<webdriver.version>5.3.3</webdriver.version>
|
<webdriver.version>5.3.3</webdriver.version>
|
||||||
|
<webgoat.context>/</webgoat.context>
|
||||||
<webgoat.port>8080</webgoat.port>
|
<webgoat.port>8080</webgoat.port>
|
||||||
<webjars-locator-core.version>0.53</webjars-locator-core.version>
|
<webjars-locator-core.version>0.53</webjars-locator-core.version>
|
||||||
|
<webwolf.context>/</webwolf.context>
|
||||||
<webwolf.port>9090</webwolf.port>
|
<webwolf.port>9090</webwolf.port>
|
||||||
<wiremock.version>2.27.2</wiremock.version>
|
<wiremock.version>2.27.2</wiremock.version>
|
||||||
<xml-resolver.version>1.2</xml-resolver.version>
|
<xml-resolver.version>1.2</xml-resolver.version>
|
||||||
@ -327,6 +328,10 @@
|
|||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>spring-boot-starter-thymeleaf</artifactId>
|
<artifactId>spring-boot-starter-thymeleaf</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-oauth2-client</artifactId>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.thymeleaf.extras</groupId>
|
<groupId>org.thymeleaf.extras</groupId>
|
||||||
<artifactId>thymeleaf-extras-springsecurity6</artifactId>
|
<artifactId>thymeleaf-extras-springsecurity6</artifactId>
|
||||||
@ -511,7 +516,7 @@
|
|||||||
<systemPropertyVariables>
|
<systemPropertyVariables>
|
||||||
<logback.configurationFile>${basedir}/src/test/resources/logback-test.xml</logback.configurationFile>
|
<logback.configurationFile>${basedir}/src/test/resources/logback-test.xml</logback.configurationFile>
|
||||||
</systemPropertyVariables>
|
</systemPropertyVariables>
|
||||||
<argLine>-Xmx512m -Dwebgoatport=${webgoat.port} -Dwebwolfport=${webwolf.port}</argLine>
|
<argLine>-Xmx512m -Dwebgoatport=${webgoat.port} -Dwebwolfport=${webwolf.port} -Dwebwolfcontext=${webwolf.context} -Dwebgoatcontext=${webgoat.context}</argLine>
|
||||||
<includes>org/owasp/webgoat/*Test</includes>
|
<includes>org/owasp/webgoat/*Test</includes>
|
||||||
</configuration>
|
</configuration>
|
||||||
<executions>
|
<executions>
|
||||||
@ -534,6 +539,7 @@
|
|||||||
<artifactId>maven-surefire-plugin</artifactId>
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
<version>${maven-surefire-plugin.version}</version>
|
<version>${maven-surefire-plugin.version}</version>
|
||||||
<configuration>
|
<configuration>
|
||||||
|
<forkedProcessTimeoutInSeconds>600</forkedProcessTimeoutInSeconds>
|
||||||
<argLine>--add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED
|
<argLine>--add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED
|
||||||
--add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED
|
--add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED
|
||||||
--add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED
|
--add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED
|
||||||
@ -707,7 +713,9 @@
|
|||||||
<argument>-Dwebgoat.user.directory=${java.io.tmpdir}/webgoat_${webgoat.port}</argument>
|
<argument>-Dwebgoat.user.directory=${java.io.tmpdir}/webgoat_${webgoat.port}</argument>
|
||||||
<argument>-Dspring.main.banner-mode=off</argument>
|
<argument>-Dspring.main.banner-mode=off</argument>
|
||||||
<argument>-Dwebgoat.port=${webgoat.port}</argument>
|
<argument>-Dwebgoat.port=${webgoat.port}</argument>
|
||||||
|
<argument>-Dwebgoat.context=${webgoat.context}</argument>
|
||||||
<argument>-Dwebwolf.port=${webwolf.port}</argument>
|
<argument>-Dwebwolf.port=${webwolf.port}</argument>
|
||||||
|
<argument>-Dwebwolf.context=${webwolf.context}</argument>
|
||||||
<argument>--add-opens</argument>
|
<argument>--add-opens</argument>
|
||||||
<argument>java.base/java.lang=ALL-UNNAMED</argument>
|
<argument>java.base/java.lang=ALL-UNNAMED</argument>
|
||||||
<argument>--add-opens</argument>
|
<argument>--add-opens</argument>
|
||||||
@ -733,6 +741,7 @@
|
|||||||
<argument>${project.build.directory}/webgoat-${project.version}.jar</argument>
|
<argument>${project.build.directory}/webgoat-${project.version}.jar</argument>
|
||||||
</arguments>
|
</arguments>
|
||||||
<waitForInterrupt>false</waitForInterrupt>
|
<waitForInterrupt>false</waitForInterrupt>
|
||||||
|
<waitAfterLaunch>120</waitAfterLaunch>
|
||||||
<healthcheckUrl>http://localhost:${webgoat.port}/WebGoat/actuator/health</healthcheckUrl>
|
<healthcheckUrl>http://localhost:${webgoat.port}/WebGoat/actuator/health</healthcheckUrl>
|
||||||
</configuration>
|
</configuration>
|
||||||
</execution>
|
</execution>
|
||||||
|
@ -11,7 +11,7 @@ ${BROWSER} chrome
|
|||||||
${SLEEP} 100
|
${SLEEP} 100
|
||||||
${DELAY} 0.25
|
${DELAY} 0.25
|
||||||
${ENDPOINT} http://127.0.0.1:8080/WebGoat
|
${ENDPOINT} http://127.0.0.1:8080/WebGoat
|
||||||
${ENDPOINT_WOLF} http://127.0.0.1:9090
|
${ENDPOINT_WOLF} http://127.0.0.1:9090/WebWolf
|
||||||
${USERNAME} robotuser
|
${USERNAME} robotuser
|
||||||
${PASSWORD} password
|
${PASSWORD} password
|
||||||
${HEADLESS} ${FALSE}
|
${HEADLESS} ${FALSE}
|
||||||
@ -27,9 +27,9 @@ Initial_Page
|
|||||||
Open Browser ${ENDPOINT} ${BROWSER} options=add_experimental_option('prefs', {'intl.accept_languages': 'en,en_US'}) alias=webgoat
|
Open Browser ${ENDPOINT} ${BROWSER} options=add_experimental_option('prefs', {'intl.accept_languages': 'en,en_US'}) alias=webgoat
|
||||||
END
|
END
|
||||||
IF ${HEADLESS}
|
IF ${HEADLESS}
|
||||||
Open Browser ${ENDPOINT_WOLF}/WebWolf ${BROWSER} options=add_argument("-headless");add_argument("--start-maximized");add_experimental_option('prefs', {'intl.accept_languages': 'en,en_US'}) alias=webwolf
|
Open Browser ${ENDPOINT_WOLF} ${BROWSER} options=add_argument("-headless");add_argument("--start-maximized");add_experimental_option('prefs', {'intl.accept_languages': 'en,en_US'}) alias=webwolf
|
||||||
ELSE
|
ELSE
|
||||||
Open Browser ${ENDPOINT_WOLF}/WebWolf ${BROWSER} options=add_experimental_option('prefs', {'intl.accept_languages': 'en,en_US'}) alias=webwolf
|
Open Browser ${ENDPOINT_WOLF} ${BROWSER} options=add_experimental_option('prefs', {'intl.accept_languages': 'en,en_US'}) alias=webwolf
|
||||||
END
|
END
|
||||||
Switch Browser webgoat
|
Switch Browser webgoat
|
||||||
Maximize Browser Window
|
Maximize Browser Window
|
||||||
@ -93,9 +93,10 @@ Check_Menu_Page
|
|||||||
|
|
||||||
Check_WebWolf
|
Check_WebWolf
|
||||||
Switch Browser webwolf
|
Switch Browser webwolf
|
||||||
location should be ${ENDPOINT_WOLF}/WebWolf
|
location should be ${ENDPOINT_WOLF}/login
|
||||||
Go To ${ENDPOINT_WOLF}/mail
|
|
||||||
Input Text username ${USERNAME}
|
Input Text username ${USERNAME}
|
||||||
Input Text password ${PASSWORD}
|
Input Text password ${PASSWORD}
|
||||||
Click Button Sign In
|
Click Button Sign In
|
||||||
|
Go To ${ENDPOINT_WOLF}/mail
|
||||||
|
Go To ${ENDPOINT_WOLF}/requests
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@ class AccessControlIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.get(url("/WebGoat/access-control/users-admin-fix"))
|
.get(url("access-control/users-admin-fix"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(HttpStatus.SC_FORBIDDEN);
|
.statusCode(HttpStatus.SC_FORBIDDEN);
|
||||||
|
|
||||||
@ -40,7 +40,7 @@ class AccessControlIntegrationTest extends IntegrationTest {
|
|||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.body(String.format(userTemplate, this.getUser(), this.getUser()))
|
.body(String.format(userTemplate, this.getUser(), this.getUser()))
|
||||||
.post(url("/WebGoat/access-control/users"))
|
.post(url("access-control/users"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(HttpStatus.SC_OK);
|
.statusCode(HttpStatus.SC_OK);
|
||||||
|
|
||||||
@ -51,15 +51,14 @@ class AccessControlIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.get(url("/WebGoat/access-control/users-admin-fix"))
|
.get(url("access-control/users-admin-fix"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
.jsonPath()
|
.jsonPath()
|
||||||
.get("find { it.username == \"Jerry\" }.userHash");
|
.get("find { it.username == \"Jerry\" }.userHash");
|
||||||
|
|
||||||
checkAssignment(
|
checkAssignment(url("access-control/user-hash-fix"), Map.of("userHash", userHash), true);
|
||||||
url("/WebGoat/access-control/user-hash-fix"), Map.of("userHash", userHash), true);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private void assignment2() {
|
private void assignment2() {
|
||||||
@ -69,18 +68,18 @@ class AccessControlIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.get(url("/WebGoat/access-control/users"))
|
.get(url("access-control/users"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
.jsonPath()
|
.jsonPath()
|
||||||
.get("find { it.username == \"Jerry\" }.userHash");
|
.get("find { it.username == \"Jerry\" }.userHash");
|
||||||
|
|
||||||
checkAssignment(url("/WebGoat/access-control/user-hash"), Map.of("userHash", userHash), true);
|
checkAssignment(url("access-control/user-hash"), Map.of("userHash", userHash), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void assignment1() {
|
private void assignment1() {
|
||||||
var params = Map.of("hiddenMenu1", "Users", "hiddenMenu2", "Config");
|
var params = Map.of("hiddenMenu1", "Users", "hiddenMenu2", "Config");
|
||||||
checkAssignment(url("/WebGoat/access-control/hidden-menu"), params, true);
|
checkAssignment(url("access-control/hidden-menu"), params, true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -64,12 +64,12 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
public void init() {
|
public void init() {
|
||||||
startLesson("CSRF");
|
startLesson("CSRF");
|
||||||
webwolfFileDir = getWebWolfFileServerLocation();
|
webwolfFileDir = getWebWolfFileServerLocation();
|
||||||
uploadTrickHtml("csrf3.html", trickHTML3.replace("WEBGOATURL", url("/csrf/basic-get-flag")));
|
uploadTrickHtml("csrf3.html", trickHTML3.replace("WEBGOATURL", url("csrf/basic-get-flag")));
|
||||||
uploadTrickHtml("csrf4.html", trickHTML4.replace("WEBGOATURL", url("/csrf/review")));
|
uploadTrickHtml("csrf4.html", trickHTML4.replace("WEBGOATURL", url("csrf/review")));
|
||||||
uploadTrickHtml("csrf7.html", trickHTML7.replace("WEBGOATURL", url("/csrf/feedback/message")));
|
uploadTrickHtml("csrf7.html", trickHTML7.replace("WEBGOATURL", url("csrf/feedback/message")));
|
||||||
uploadTrickHtml(
|
uploadTrickHtml(
|
||||||
"csrf8.html",
|
"csrf8.html",
|
||||||
trickHTML8.replace("WEBGOATURL", url("/login")).replace("USERNAME", this.getUser()));
|
trickHTML8.replace("WEBGOATURL", url("login")).replace("USERNAME", this.getUser()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@TestFactory
|
@TestFactory
|
||||||
@ -103,7 +103,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.multiPart("file", htmlName, htmlContent.getBytes())
|
.multiPart("file", htmlName, htmlContent.getBytes())
|
||||||
.post(webWolfUrl("/WebWolf/fileupload"))
|
.post(webWolfUrl("fileupload"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -118,7 +118,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/files/" + this.getUser() + "/" + htmlName))
|
.get(webWolfUrl("files/" + this.getUser() + "/" + htmlName))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -136,7 +136,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.header("Referer", webWolfUrl("/files/fake.html"))
|
.header("Referer", webWolfUrl("files/fake.html"))
|
||||||
.post(goatURL)
|
.post(goatURL)
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
@ -146,7 +146,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("confirmFlagVal", flag);
|
params.put("confirmFlagVal", flag);
|
||||||
checkAssignment(url("/WebGoat/csrf/confirm-flag-1"), params, true);
|
checkAssignment(url("csrf/confirm-flag-1"), params, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkAssignment4(String goatURL) {
|
private void checkAssignment4(String goatURL) {
|
||||||
@ -163,7 +163,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.header("Referer", webWolfUrl("/files/fake.html"))
|
.header("Referer", webWolfUrl("files/fake.html"))
|
||||||
.formParams(params)
|
.formParams(params)
|
||||||
.post(goatURL)
|
.post(goatURL)
|
||||||
.then()
|
.then()
|
||||||
@ -184,7 +184,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.header("Referer", webWolfUrl("/files/fake.html"))
|
.header("Referer", webWolfUrl("files/fake.html"))
|
||||||
.contentType(ContentType.TEXT)
|
.contentType(ContentType.TEXT)
|
||||||
.body(
|
.body(
|
||||||
"{\"name\":\"WebGoat\",\"email\":\"webgoat@webgoat.org\",\"content\":\"WebGoat is"
|
"{\"name\":\"WebGoat\",\"email\":\"webgoat@webgoat.org\",\"content\":\"WebGoat is"
|
||||||
@ -198,7 +198,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("confirmFlagVal", flag);
|
params.put("confirmFlagVal", flag);
|
||||||
checkAssignment(url("/WebGoat/csrf/feedback"), params, true);
|
checkAssignment(url("csrf/feedback"), params, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkAssignment8(String goatURL) {
|
private void checkAssignment8(String goatURL) {
|
||||||
@ -217,7 +217,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.header("Referer", webWolfUrl("/files/fake.html"))
|
.header("Referer", webWolfUrl("files/fake.html"))
|
||||||
.params(params)
|
.params(params)
|
||||||
.post(goatURL)
|
.post(goatURL)
|
||||||
.then()
|
.then()
|
||||||
@ -239,7 +239,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", newCookie)
|
.cookie("JSESSIONID", newCookie)
|
||||||
.post(url("/csrf/login"))
|
.post(url("csrf/login"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -253,7 +253,7 @@ public class CSRFIntegrationTest extends IntegrationTest {
|
|||||||
Overview[] assignments =
|
Overview[] assignments =
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/service/lessonoverview.mvc"))
|
.get(url("service/lessonoverview.mvc"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.jsonPath()
|
.jsonPath()
|
||||||
|
@ -22,7 +22,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/challenge/logo"))
|
.get(url("challenge/logo"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -34,14 +34,14 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
params.put("username", "admin");
|
params.put("username", "admin");
|
||||||
params.put("password", "!!webgoat_admin_1234!!".replace("1234", pincode));
|
params.put("password", "!!webgoat_admin_1234!!".replace("1234", pincode));
|
||||||
|
|
||||||
checkAssignment(url("/WebGoat/challenge/1"), params, true);
|
checkAssignment(url("challenge/1"), params, true);
|
||||||
String result =
|
String result =
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.formParams(params)
|
.formParams(params)
|
||||||
.post(url("/WebGoat/challenge/1"))
|
.post(url("challenge/1"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -50,7 +50,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
String flag = result.substring(result.indexOf("flag") + 6, result.indexOf("flag") + 42);
|
String flag = result.substring(result.indexOf("flag") + 6, result.indexOf("flag") + 42);
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("flag", flag);
|
params.put("flag", flag);
|
||||||
checkAssignment(url("/WebGoat/challenge/flag"), params, true);
|
checkAssignment(url("challenge/flag"), params, true);
|
||||||
|
|
||||||
checkResults("/challenge/1");
|
checkResults("/challenge/1");
|
||||||
|
|
||||||
@ -59,7 +59,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/scoreboard-data"))
|
.get(url("scoreboard-data"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -83,7 +83,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.formParams(params)
|
.formParams(params)
|
||||||
.post(url("/WebGoat/challenge/5"))
|
.post(url("challenge/5"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -92,7 +92,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
String flag = result.substring(result.indexOf("flag") + 6, result.indexOf("flag") + 42);
|
String flag = result.substring(result.indexOf("flag") + 6, result.indexOf("flag") + 42);
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("flag", flag);
|
params.put("flag", flag);
|
||||||
checkAssignment(url("/WebGoat/challenge/flag"), params, true);
|
checkAssignment(url("challenge/flag"), params, true);
|
||||||
|
|
||||||
checkResults("/challenge/5");
|
checkResults("/challenge/5");
|
||||||
|
|
||||||
@ -101,7 +101,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/scoreboard-data"))
|
.get(url("scoreboard-data"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -120,7 +120,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/challenge/7/.git"))
|
.get(url("challenge/7/.git"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -132,7 +132,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.formParams("email", getUser() + "@webgoat.org")
|
.formParams("email", getUser() + "@webgoat.org")
|
||||||
.post(url("/WebGoat/challenge/7"))
|
.post(url("challenge/7"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -144,7 +144,7 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/mail"))
|
.get(webWolfUrl("mail"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -158,13 +158,13 @@ public class ChallengeIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/challenge/7/reset-password/{link}"), "375afe1104f4a487a73823c50a9292a2")
|
.get(url("challenge/7/reset-password/{link}"), "375afe1104f4a487a73823c50a9292a2")
|
||||||
.then()
|
.then()
|
||||||
.statusCode(HttpStatus.ACCEPTED.value())
|
.statusCode(HttpStatus.ACCEPTED.value())
|
||||||
.extract()
|
.extract()
|
||||||
.asString();
|
.asString();
|
||||||
|
|
||||||
String flag = result.substring(result.indexOf("flag") + 6, result.indexOf("flag") + 42);
|
String flag = result.substring(result.indexOf("flag") + 6, result.indexOf("flag") + 42);
|
||||||
checkAssignment(url("/WebGoat/challenge/flag"), Map.of("flag", flag), true);
|
checkAssignment(url("challenge/flag"), Map.of("flag", flag), true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -52,7 +52,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/crypto/encoding/basic"))
|
.get(url("crypto/encoding/basic"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.asString();
|
.asString();
|
||||||
@ -64,7 +64,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
params.clear();
|
params.clear();
|
||||||
params.put("answer_user", answer_user);
|
params.put("answer_user", answer_user);
|
||||||
params.put("answer_pwd", answer_pwd);
|
params.put("answer_pwd", answer_pwd);
|
||||||
checkAssignment(url("/crypto/encoding/basic-auth"), params, true);
|
checkAssignment(url("crypto/encoding/basic-auth"), params, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkAssignment3() {
|
private void checkAssignment3() {
|
||||||
@ -72,7 +72,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("answer_pwd1", answer_1);
|
params.put("answer_pwd1", answer_1);
|
||||||
checkAssignment(url("/crypto/encoding/xor"), params, true);
|
checkAssignment(url("crypto/encoding/xor"), params, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkAssignment4() throws NoSuchAlgorithmException {
|
private void checkAssignment4() throws NoSuchAlgorithmException {
|
||||||
@ -82,7 +82,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/crypto/hashing/md5"))
|
.get(url("crypto/hashing/md5"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.asString();
|
.asString();
|
||||||
@ -92,7 +92,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/crypto/hashing/sha256"))
|
.get(url("crypto/hashing/sha256"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.asString();
|
.asString();
|
||||||
@ -112,7 +112,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
params.clear();
|
params.clear();
|
||||||
params.put("answer_pwd1", answer_1);
|
params.put("answer_pwd1", answer_1);
|
||||||
params.put("answer_pwd2", answer_2);
|
params.put("answer_pwd2", answer_2);
|
||||||
checkAssignment(url("/WebGoat/crypto/hashing"), params, true);
|
checkAssignment(url("crypto/hashing"), params, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkAssignmentSigning() throws NoSuchAlgorithmException, InvalidKeySpecException {
|
private void checkAssignmentSigning() throws NoSuchAlgorithmException, InvalidKeySpecException {
|
||||||
@ -122,7 +122,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/crypto/signing/getprivate"))
|
.get(url("crypto/signing/getprivate"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.asString();
|
.asString();
|
||||||
@ -135,7 +135,7 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
params.clear();
|
params.clear();
|
||||||
params.put("modulus", modulus);
|
params.put("modulus", modulus);
|
||||||
params.put("signature", signature);
|
params.put("signature", signature);
|
||||||
checkAssignment(url("/crypto/signing/verify"), params, true);
|
checkAssignment(url("crypto/signing/verify"), params, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkAssignmentDefaults() {
|
private void checkAssignmentDefaults() {
|
||||||
@ -151,6 +151,6 @@ public class CryptoIntegrationTest extends IntegrationTest {
|
|||||||
params.clear();
|
params.clear();
|
||||||
params.put("secretText", text);
|
params.put("secretText", text);
|
||||||
params.put("secretFileName", "default_secret");
|
params.put("secretFileName", "default_secret");
|
||||||
checkAssignment(url("/crypto/secure/defaults"), params, true);
|
checkAssignment(url("crypto/secure/defaults"), params, true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -26,7 +26,7 @@ public class DeserializationIntegrationTest extends IntegrationTest {
|
|||||||
params.put(
|
params.put(
|
||||||
"token", SerializationHelper.toString(new VulnerableTaskHolder("wait", "sleep 5")));
|
"token", SerializationHelper.toString(new VulnerableTaskHolder("wait", "sleep 5")));
|
||||||
}
|
}
|
||||||
checkAssignment(url("/WebGoat/InsecureDeserialization/task"), params, true);
|
checkAssignment(url("InsecureDeserialization/task"), params, true);
|
||||||
|
|
||||||
checkResults("/InsecureDeserialization/");
|
checkResults("/InsecureDeserialization/");
|
||||||
}
|
}
|
||||||
|
@ -72,7 +72,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
params.put(
|
params.put(
|
||||||
"question_3_solution",
|
"question_3_solution",
|
||||||
"Solution 2: The systems security is compromised even if only one goal is harmed.");
|
"Solution 2: The systems security is compromised even if only one goal is harmed.");
|
||||||
checkAssignment(url("/WebGoat/cia/quiz"), params, true);
|
checkAssignment(url("cia/quiz"), params, true);
|
||||||
checkResults("/cia/");
|
checkResults("/cia/");
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -95,7 +95,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("payload", solution);
|
params.put("payload", solution);
|
||||||
checkAssignment(url("/WebGoat/VulnerableComponents/attack1"), params, true);
|
checkAssignment(url("VulnerableComponents/attack1"), params, true);
|
||||||
checkResults("/VulnerableComponents/");
|
checkResults("/VulnerableComponents/");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -107,7 +107,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
params.clear();
|
params.clear();
|
||||||
params.put("username", "CaptainJack");
|
params.put("username", "CaptainJack");
|
||||||
params.put("password", "BlackPearl");
|
params.put("password", "BlackPearl");
|
||||||
checkAssignment(url("/WebGoat/InsecureLogin/task"), params, true);
|
checkAssignment(url("InsecureLogin/task"), params, true);
|
||||||
checkResults("/InsecureLogin/");
|
checkResults("/InsecureLogin/");
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -117,7 +117,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("password", "ajnaeliclm^&&@kjn.");
|
params.put("password", "ajnaeliclm^&&@kjn.");
|
||||||
checkAssignment(url("/WebGoat/SecurePasswords/assignment"), params, true);
|
checkAssignment(url("SecurePasswords/assignment"), params, true);
|
||||||
checkResults("SecurePasswords/");
|
checkResults("SecurePasswords/");
|
||||||
|
|
||||||
startLesson("AuthBypass");
|
startLesson("AuthBypass");
|
||||||
@ -127,7 +127,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
params.put("jsEnabled", "1");
|
params.put("jsEnabled", "1");
|
||||||
params.put("verifyMethod", "SEC_QUESTIONS");
|
params.put("verifyMethod", "SEC_QUESTIONS");
|
||||||
params.put("userId", "12309746");
|
params.put("userId", "12309746");
|
||||||
checkAssignment(url("/WebGoat/auth-bypass/verify-account"), params, true);
|
checkAssignment(url("auth-bypass/verify-account"), params, true);
|
||||||
checkResults("/auth-bypass/");
|
checkResults("/auth-bypass/");
|
||||||
|
|
||||||
startLesson("HttpProxies");
|
startLesson("HttpProxies");
|
||||||
@ -138,8 +138,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.header("x-request-intercepted", "true")
|
.header("x-request-intercepted", "true")
|
||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.get(
|
.get(url("HttpProxies/intercept-request?changeMe=Requests are tampered easily"))
|
||||||
url("/WebGoat/HttpProxies/intercept-request?changeMe=Requests are tampered easily"))
|
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -165,7 +164,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
.header("webgoat-requested-by", "dom-xss-vuln")
|
.header("webgoat-requested-by", "dom-xss-vuln")
|
||||||
.header("X-Requested-With", "XMLHttpRequest")
|
.header("X-Requested-With", "XMLHttpRequest")
|
||||||
.formParams(params)
|
.formParams(params)
|
||||||
.post(url("/WebGoat/CrossSiteScripting/phone-home-xss"))
|
.post(url("CrossSiteScripting/phone-home-xss"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -174,12 +173,12 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("successMessage", secretNumber);
|
params.put("successMessage", secretNumber);
|
||||||
checkAssignment(url("/WebGoat/ChromeDevTools/dummy"), params, true);
|
checkAssignment(url("ChromeDevTools/dummy"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("number", "24");
|
params.put("number", "24");
|
||||||
params.put("network_num", "24");
|
params.put("network_num", "24");
|
||||||
checkAssignment(url("/WebGoat/ChromeDevTools/network"), params, true);
|
checkAssignment(url("ChromeDevTools/network"), params, true);
|
||||||
|
|
||||||
checkResults("/ChromeDevTools/");
|
checkResults("/ChromeDevTools/");
|
||||||
}
|
}
|
||||||
@ -194,7 +193,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
params.put("jsEnabled", "1");
|
params.put("jsEnabled", "1");
|
||||||
params.put("verifyMethod", "SEC_QUESTIONS");
|
params.put("verifyMethod", "SEC_QUESTIONS");
|
||||||
params.put("userId", "12309746");
|
params.put("userId", "12309746");
|
||||||
checkAssignment(url("/auth-bypass/verify-account"), params, true);
|
checkAssignment(url("auth-bypass/verify-account"), params, true);
|
||||||
checkResults("/auth-bypass/");
|
checkResults("/auth-bypass/");
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -205,7 +204,7 @@ public class GeneralLessonIntegrationTest extends IntegrationTest {
|
|||||||
params.clear();
|
params.clear();
|
||||||
params.put("param1", "secr37Value");
|
params.put("param1", "secr37Value");
|
||||||
params.put("param2", "Main");
|
params.put("param2", "Main");
|
||||||
checkAssignment(url("/lesson-template/sample-attack"), params, true);
|
checkAssignment(url("lesson-template/sample-attack"), params, true);
|
||||||
checkResults("/lesson-template/");
|
checkResults("/lesson-template/");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -4,11 +4,9 @@ import static org.junit.jupiter.api.DynamicTest.dynamicTest;
|
|||||||
|
|
||||||
import io.restassured.RestAssured;
|
import io.restassured.RestAssured;
|
||||||
import io.restassured.http.ContentType;
|
import io.restassured.http.ContentType;
|
||||||
import java.io.IOException;
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import lombok.SneakyThrows;
|
|
||||||
import org.hamcrest.CoreMatchers;
|
import org.hamcrest.CoreMatchers;
|
||||||
import org.hamcrest.MatcherAssert;
|
import org.hamcrest.MatcherAssert;
|
||||||
import org.junit.jupiter.api.AfterEach;
|
import org.junit.jupiter.api.AfterEach;
|
||||||
@ -19,7 +17,6 @@ import org.junit.jupiter.api.TestFactory;
|
|||||||
public class IDORIntegrationTest extends IntegrationTest {
|
public class IDORIntegrationTest extends IntegrationTest {
|
||||||
|
|
||||||
@BeforeEach
|
@BeforeEach
|
||||||
@SneakyThrows
|
|
||||||
public void init() {
|
public void init() {
|
||||||
startLesson("IDOR");
|
startLesson("IDOR");
|
||||||
}
|
}
|
||||||
@ -27,56 +24,63 @@ public class IDORIntegrationTest extends IntegrationTest {
|
|||||||
@TestFactory
|
@TestFactory
|
||||||
Iterable<DynamicTest> testIDORLesson() {
|
Iterable<DynamicTest> testIDORLesson() {
|
||||||
return Arrays.asList(
|
return Arrays.asList(
|
||||||
dynamicTest("login", () -> loginIDOR()), dynamicTest("profile", () -> profile()));
|
dynamicTest("assignment 2 - login", this::loginIDOR),
|
||||||
|
dynamicTest("profile", this::profile));
|
||||||
}
|
}
|
||||||
|
|
||||||
@AfterEach
|
@AfterEach
|
||||||
public void shutdown() throws IOException {
|
public void shutdown() {
|
||||||
checkResults("/IDOR");
|
checkResults("/IDOR");
|
||||||
}
|
}
|
||||||
|
|
||||||
private void loginIDOR() throws IOException {
|
private void loginIDOR() {
|
||||||
|
|
||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
|
||||||
params.put("username", "tom");
|
params.put("username", "tom");
|
||||||
params.put("password", "cat");
|
params.put("password", "cat");
|
||||||
|
|
||||||
checkAssignment(url("/WebGoat/IDOR/login"), params, true);
|
checkAssignment(url("IDOR/login"), params, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void profile() {
|
private void profile() {
|
||||||
|
|
||||||
|
// View profile - assignment 3a
|
||||||
MatcherAssert.assertThat(
|
MatcherAssert.assertThat(
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/IDOR/profile"))
|
.get(url("IDOR/profile"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
.path("userId"),
|
.path("userId"),
|
||||||
CoreMatchers.is("2342384"));
|
CoreMatchers.is("2342384"));
|
||||||
|
|
||||||
|
// Show difference - assignment 3b
|
||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
|
||||||
params.put("attributes", "userId,role");
|
params.put("attributes", "userId,role");
|
||||||
checkAssignment(url("/WebGoat/IDOR/diff-attributes"), params, true);
|
checkAssignment(url("IDOR/diff-attributes"), params, true);
|
||||||
|
|
||||||
|
// View profile another way - assignment 4
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("url", "WebGoat/IDOR/profile/2342384");
|
params.put("url", "WebGoat/IDOR/profile/2342384");
|
||||||
checkAssignment(url("/WebGoat/IDOR/profile/alt-path"), params, true);
|
checkAssignment(url("IDOR/profile/alt-path"), params, true);
|
||||||
|
|
||||||
|
// assignment 5a
|
||||||
MatcherAssert.assertThat(
|
MatcherAssert.assertThat(
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/IDOR/profile/2342388"))
|
.get(url("IDOR/profile/2342388"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
.path("lessonCompleted"),
|
.path("lessonCompleted"),
|
||||||
CoreMatchers.is(true));
|
CoreMatchers.is(true));
|
||||||
|
|
||||||
|
// assignment 5b
|
||||||
MatcherAssert.assertThat(
|
MatcherAssert.assertThat(
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.when()
|
.when()
|
||||||
@ -86,7 +90,7 @@ public class IDORIntegrationTest extends IntegrationTest {
|
|||||||
.body(
|
.body(
|
||||||
"{\"role\":\"1\", \"color\":\"red\", \"size\":\"large\", \"name\":\"Buffalo Bill\","
|
"{\"role\":\"1\", \"color\":\"red\", \"size\":\"large\", \"name\":\"Buffalo Bill\","
|
||||||
+ " \"userId\":\"2342388\"}")
|
+ " \"userId\":\"2342388\"}")
|
||||||
.put(url("/WebGoat/IDOR/profile/2342388"))
|
.put(url("IDOR/profile/2342388"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
|
@ -15,36 +15,37 @@ import org.springframework.http.HttpStatus;
|
|||||||
|
|
||||||
public abstract class IntegrationTest {
|
public abstract class IntegrationTest {
|
||||||
|
|
||||||
private static String webGoatPort = Objects.requireNonNull(System.getProperty("webgoatport"));
|
private static String webGoatPort =
|
||||||
|
Objects.requireNonNull(System.getProperty("webgoatport", "8080"));
|
||||||
|
private static String webGoatContext =
|
||||||
|
Objects.requireNonNull(System.getProperty("webgoatcontext", "/WebGoat/"));
|
||||||
|
|
||||||
@Getter
|
@Getter
|
||||||
private static String webWolfPort = Objects.requireNonNull(System.getProperty("webwolfport"));
|
private static String webWolfPort =
|
||||||
|
Objects.requireNonNull(System.getProperty("webwolfport", "9090"));
|
||||||
|
|
||||||
|
private static String webWolfContext =
|
||||||
|
Objects.requireNonNull(System.getProperty("webwolfcontext", "/WebWolf/"));
|
||||||
|
|
||||||
private static boolean useSSL = false;
|
private static boolean useSSL = false;
|
||||||
private static String webgoatUrl =
|
private static String webgoatUrl =
|
||||||
(useSSL ? "https:" : "http:") + "//localhost:" + webGoatPort + "/WebGoat/";
|
(useSSL ? "https:" : "http:") + "//localhost:" + webGoatPort + webGoatContext;
|
||||||
private static String webWolfUrl =
|
private static String webWolfUrl =
|
||||||
(useSSL ? "https:" : "http:") + "//localhost:" + webWolfPort + "/";
|
(useSSL ? "https:" : "http:") + "//localhost:" + webWolfPort + webWolfContext;
|
||||||
@Getter private String webGoatCookie;
|
@Getter private String webGoatCookie;
|
||||||
@Getter private String webWolfCookie;
|
@Getter private String webWolfCookie;
|
||||||
@Getter private final String user = "webgoat";
|
@Getter private final String user = "webgoat";
|
||||||
|
|
||||||
protected String url(String url) {
|
protected String url(String url) {
|
||||||
url = url.replaceFirst("/WebGoat/", "");
|
|
||||||
url = url.replaceFirst("/WebGoat", "");
|
|
||||||
url = url.startsWith("/") ? url.replaceFirst("/", "") : url;
|
|
||||||
return webgoatUrl + url;
|
return webgoatUrl + url;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected String webWolfUrl(String url) {
|
protected String webWolfUrl(String url) {
|
||||||
url = url.replaceFirst("/WebWolf/", "");
|
|
||||||
url = url.replaceFirst("/WebWolf", "");
|
|
||||||
url = url.startsWith("/") ? url.replaceFirst("/", "") : url;
|
|
||||||
return webWolfUrl + url;
|
return webWolfUrl + url;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected String webWolfFileUrl(String fileName) {
|
protected String webWolfFileUrl(String fileName) {
|
||||||
return webWolfUrl("/files") + "/" + getUser() + "/" + fileName;
|
return webWolfUrl("files") + "/" + getUser() + "/" + fileName;
|
||||||
}
|
}
|
||||||
|
|
||||||
@BeforeEach
|
@BeforeEach
|
||||||
@ -235,7 +236,7 @@ public abstract class IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/file-server-location"))
|
.get(webWolfUrl("file-server-location"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -250,7 +251,7 @@ public abstract class IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/server-directory"))
|
.get(url("server-directory"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -263,7 +264,7 @@ public abstract class IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.delete(webWolfUrl("/mail"))
|
.delete(webWolfUrl("mail"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(HttpStatus.ACCEPTED.value());
|
.statusCode(HttpStatus.ACCEPTED.value());
|
||||||
}
|
}
|
||||||
|
@ -88,7 +88,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.formParam("jwt-encode-user", "user")
|
.formParam("jwt-encode-user", "user")
|
||||||
.post(url("/WebGoat/JWT/decode"))
|
.post(url("JWT/decode"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -103,7 +103,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/JWT/secret/gettoken"))
|
.get(url("JWT/secret/gettoken"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -117,7 +117,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.formParam("token", generateToken(secret))
|
.formParam("token", generateToken(secret))
|
||||||
.post(url("/WebGoat/JWT/secret"))
|
.post(url("JWT/secret"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -131,7 +131,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.get(url("/WebGoat/JWT/votings/login?user=Tom"))
|
.get(url("JWT/votings/login?user=Tom"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.cookie("access_token");
|
.cookie("access_token");
|
||||||
@ -164,7 +164,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.cookie("access_token", replacedToken)
|
.cookie("access_token", replacedToken)
|
||||||
.post(url("/WebGoat/JWT/votings"))
|
.post(url("JWT/votings"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -205,7 +205,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.header("Authorization", "Bearer " + replacedToken)
|
.header("Authorization", "Bearer " + replacedToken)
|
||||||
.post(url("/WebGoat/JWT/refresh/checkout"))
|
.post(url("JWT/refresh/checkout"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -238,7 +238,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.post(url("/WebGoat/JWT/kid/delete?token=" + token))
|
.post(url("JWT/kid/delete?token=" + token))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -256,7 +256,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.multiPart("file", "jwks.json", jwks.toJson().getBytes())
|
.multiPart("file", "jwks.json", jwks.toJson().getBytes())
|
||||||
.post(webWolfUrl("/fileupload"))
|
.post(webWolfUrl("fileupload"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -285,7 +285,7 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.post(url("/WebGoat/JWT/jku/delete?token=" + token))
|
.post(url("JWT/jku/delete?token=" + token))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -298,6 +298,6 @@ public class JWTLessonIntegrationTest extends IntegrationTest {
|
|||||||
params.put("question_0_solution", "Solution 1");
|
params.put("question_0_solution", "Solution 1");
|
||||||
params.put("question_1_solution", "Solution 2");
|
params.put("question_1_solution", "Solution 2");
|
||||||
|
|
||||||
checkAssignment(url("/WebGoat/JWT/quiz"), params, true);
|
checkAssignment(url("JWT/quiz"), params, true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -11,12 +11,13 @@ import org.junit.jupiter.api.AfterEach;
|
|||||||
import org.junit.jupiter.api.BeforeEach;
|
import org.junit.jupiter.api.BeforeEach;
|
||||||
import org.junit.jupiter.api.DynamicTest;
|
import org.junit.jupiter.api.DynamicTest;
|
||||||
import org.junit.jupiter.api.TestFactory;
|
import org.junit.jupiter.api.TestFactory;
|
||||||
|
import org.springframework.http.HttpHeaders;
|
||||||
|
|
||||||
public class PasswordResetLessonIntegrationTest extends IntegrationTest {
|
public class PasswordResetLessonIntegrationTest extends IntegrationTest {
|
||||||
|
|
||||||
@BeforeEach
|
@BeforeEach
|
||||||
public void init() {
|
public void init() {
|
||||||
startLesson("/PasswordReset");
|
startLesson("PasswordReset");
|
||||||
}
|
}
|
||||||
|
|
||||||
@TestFactory
|
@TestFactory
|
||||||
@ -85,7 +86,7 @@ public class PasswordResetLessonIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/WebWolf/mail"))
|
.get(webWolfUrl("mail"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -119,7 +120,7 @@ public class PasswordResetLessonIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/WebWolf/requests"))
|
.get(webWolfUrl("requests"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -136,7 +137,7 @@ public class PasswordResetLessonIntegrationTest extends IntegrationTest {
|
|||||||
private void clickForgotEmailLink(String user) {
|
private void clickForgotEmailLink(String user) {
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.when()
|
.when()
|
||||||
.header("host", String.format("%s:%s", "localhost", getWebWolfPort()))
|
.header(HttpHeaders.HOST, String.format("%s:%s", "127.0.0.1", getWebWolfPort()))
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.formParams("email", user)
|
.formParams("email", user)
|
||||||
|
@ -55,7 +55,7 @@ class PathTraversalIT extends IntegrationTest {
|
|||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.multiPart("uploadedFile", "test.jpg", Files.readAllBytes(fileToUpload.toPath()))
|
.multiPart("uploadedFile", "test.jpg", Files.readAllBytes(fileToUpload.toPath()))
|
||||||
.param("fullName", "../John Doe")
|
.param("fullName", "../John Doe")
|
||||||
.post(url("/WebGoat/PathTraversal/profile-upload"))
|
.post(url("PathTraversal/profile-upload"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -71,7 +71,7 @@ class PathTraversalIT extends IntegrationTest {
|
|||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.multiPart("uploadedFileFix", "test.jpg", Files.readAllBytes(fileToUpload.toPath()))
|
.multiPart("uploadedFileFix", "test.jpg", Files.readAllBytes(fileToUpload.toPath()))
|
||||||
.param("fullNameFix", "..././John Doe")
|
.param("fullNameFix", "..././John Doe")
|
||||||
.post(url("/WebGoat/PathTraversal/profile-upload-fix"))
|
.post(url("PathTraversal/profile-upload-fix"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -89,7 +89,7 @@ class PathTraversalIT extends IntegrationTest {
|
|||||||
"uploadedFileRemoveUserInput",
|
"uploadedFileRemoveUserInput",
|
||||||
"../test.jpg",
|
"../test.jpg",
|
||||||
Files.readAllBytes(fileToUpload.toPath()))
|
Files.readAllBytes(fileToUpload.toPath()))
|
||||||
.post(url("/WebGoat/PathTraversal/profile-upload-remove-user-input"))
|
.post(url("PathTraversal/profile-upload-remove-user-input"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -98,7 +98,7 @@ class PathTraversalIT extends IntegrationTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private void assignment4() throws IOException {
|
private void assignment4() throws IOException {
|
||||||
var uri = "/WebGoat/PathTraversal/random-picture?id=%2E%2E%2F%2E%2E%2Fpath-traversal-secret";
|
var uri = "PathTraversal/random-picture?id=%2E%2E%2F%2E%2E%2Fpath-traversal-secret";
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.urlEncodingEnabled(false)
|
.urlEncodingEnabled(false)
|
||||||
.when()
|
.when()
|
||||||
@ -110,7 +110,7 @@ class PathTraversalIT extends IntegrationTest {
|
|||||||
.body(CoreMatchers.is("You found it submit the SHA-512 hash of your username as answer"));
|
.body(CoreMatchers.is("You found it submit the SHA-512 hash of your username as answer"));
|
||||||
|
|
||||||
checkAssignment(
|
checkAssignment(
|
||||||
url("/WebGoat/PathTraversal/random"),
|
url("PathTraversal/random"),
|
||||||
Map.of("secret", Sha512DigestUtils.shaHex(this.getUser())),
|
Map.of("secret", Sha512DigestUtils.shaHex(this.getUser())),
|
||||||
true);
|
true);
|
||||||
}
|
}
|
||||||
@ -133,8 +133,10 @@ class PathTraversalIT extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.multiPart("uploadedFileZipSlip", "upload.zip", Files.readAllBytes(zipFile.toPath()))
|
.multiPart("uploadedFileZipSlip", "upload.zip", Files.readAllBytes(zipFile.toPath()))
|
||||||
.post(url("/WebGoat/PathTraversal/zip-slip"))
|
.post(url("PathTraversal/zip-slip"))
|
||||||
.then()
|
.then()
|
||||||
|
.log()
|
||||||
|
.all()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
.path("lessonCompleted"),
|
.path("lessonCompleted"),
|
||||||
|
@ -29,7 +29,7 @@ public class ProgressRaceConditionIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.formParams(Map.of("flag", "test"))
|
.formParams(Map.of("flag", "test"))
|
||||||
.post(url("/challenge/flag"));
|
.post(url("challenge/flag"));
|
||||||
};
|
};
|
||||||
ExecutorService executorService = Executors.newFixedThreadPool(NUMBER_OF_PARALLEL_THREADS);
|
ExecutorService executorService = Executors.newFixedThreadPool(NUMBER_OF_PARALLEL_THREADS);
|
||||||
List<? extends Callable<Response>> flagCalls =
|
List<? extends Callable<Response>> flagCalls =
|
||||||
|
@ -15,11 +15,11 @@ public class SSRFIntegrationTest extends IntegrationTest {
|
|||||||
params.clear();
|
params.clear();
|
||||||
params.put("url", "images/jerry.png");
|
params.put("url", "images/jerry.png");
|
||||||
|
|
||||||
checkAssignment(url("/WebGoat/SSRF/task1"), params, true);
|
checkAssignment(url("SSRF/task1"), params, true);
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("url", "http://ifconfig.pro");
|
params.put("url", "http://ifconfig.pro");
|
||||||
|
|
||||||
checkAssignment(url("/WebGoat/SSRF/task2"), params, true);
|
checkAssignment(url("SSRF/task2"), params, true);
|
||||||
|
|
||||||
checkResults("/SSRF/");
|
checkResults("/SSRF/");
|
||||||
}
|
}
|
||||||
|
@ -31,7 +31,7 @@ import org.junit.jupiter.api.Test;
|
|||||||
*/
|
*/
|
||||||
class SessionManagementIT extends IntegrationTest {
|
class SessionManagementIT extends IntegrationTest {
|
||||||
|
|
||||||
private static final String HIJACK_LOGIN_CONTEXT_PATH = "/WebGoat/HijackSession/login";
|
private static final String HIJACK_LOGIN_CONTEXT_PATH = "HijackSession/login";
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void hijackSessionTest() {
|
void hijackSessionTest() {
|
||||||
|
@ -16,27 +16,27 @@ public class SqlInjectionAdvancedIntegrationTest extends IntegrationTest {
|
|||||||
params.put("password_reg", "password");
|
params.put("password_reg", "password");
|
||||||
params.put("email_reg", "someone@microsoft.com");
|
params.put("email_reg", "someone@microsoft.com");
|
||||||
params.put("confirm_password", "password");
|
params.put("confirm_password", "password");
|
||||||
checkAssignmentWithPUT(url("/WebGoat/SqlInjectionAdvanced/challenge"), params, true);
|
checkAssignmentWithPUT(url("SqlInjectionAdvanced/challenge"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("username_login", "tom");
|
params.put("username_login", "tom");
|
||||||
params.put("password_login", "thisisasecretfortomonly");
|
params.put("password_login", "thisisasecretfortomonly");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionAdvanced/challenge_Login"), params, true);
|
checkAssignment(url("SqlInjectionAdvanced/challenge_Login"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("userid_6a", "'; SELECT * FROM user_system_data;--");
|
params.put("userid_6a", "'; SELECT * FROM user_system_data;--");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionAdvanced/attack6a"), params, true);
|
checkAssignment(url("SqlInjectionAdvanced/attack6a"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put(
|
params.put(
|
||||||
"userid_6a",
|
"userid_6a",
|
||||||
"Smith' union select userid,user_name, user_name,user_name,password,cookie,userid from"
|
"Smith' union select userid,user_name, user_name,user_name,password,cookie,userid from"
|
||||||
+ " user_system_data --");
|
+ " user_system_data --");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionAdvanced/attack6a"), params, true);
|
checkAssignment(url("SqlInjectionAdvanced/attack6a"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("userid_6b", "passW0rD");
|
params.put("userid_6b", "passW0rD");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionAdvanced/attack6b"), params, true);
|
checkAssignment(url("SqlInjectionAdvanced/attack6b"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put(
|
params.put(
|
||||||
@ -54,7 +54,7 @@ public class SqlInjectionAdvancedIntegrationTest extends IntegrationTest {
|
|||||||
params.put(
|
params.put(
|
||||||
"question_4_solution",
|
"question_4_solution",
|
||||||
"Solution 4: The database registers 'Robert' ); DROP TABLE Students;--'.");
|
"Solution 4: The database registers 'Robert' ); DROP TABLE Students;--'.");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionAdvanced/quiz"), params, true);
|
checkAssignment(url("SqlInjectionAdvanced/quiz"), params, true);
|
||||||
|
|
||||||
checkResults("/SqlInjectionAdvanced/");
|
checkResults("/SqlInjectionAdvanced/");
|
||||||
}
|
}
|
||||||
|
@ -34,44 +34,44 @@ public class SqlInjectionLessonIntegrationTest extends IntegrationTest {
|
|||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("query", sql_2);
|
params.put("query", sql_2);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/attack2"), params, true);
|
checkAssignment(url("SqlInjection/attack2"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("query", sql_3);
|
params.put("query", sql_3);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/attack3"), params, true);
|
checkAssignment(url("SqlInjection/attack3"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("query", sql_4_add);
|
params.put("query", sql_4_add);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/attack4"), params, true);
|
checkAssignment(url("SqlInjection/attack4"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("query", sql_5);
|
params.put("query", sql_5);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/attack5"), params, true);
|
checkAssignment(url("SqlInjection/attack5"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("operator", sql_9_operator);
|
params.put("operator", sql_9_operator);
|
||||||
params.put("account", sql_9_account);
|
params.put("account", sql_9_account);
|
||||||
params.put("injection", sql_9_injection);
|
params.put("injection", sql_9_injection);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/assignment5a"), params, true);
|
checkAssignment(url("SqlInjection/assignment5a"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("login_count", sql_10_login_count);
|
params.put("login_count", sql_10_login_count);
|
||||||
params.put("userid", sql_10_userid);
|
params.put("userid", sql_10_userid);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/assignment5b"), params, true);
|
checkAssignment(url("SqlInjection/assignment5b"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("name", sql_11_a);
|
params.put("name", sql_11_a);
|
||||||
params.put("auth_tan", sql_11_b);
|
params.put("auth_tan", sql_11_b);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/attack8"), params, true);
|
checkAssignment(url("SqlInjection/attack8"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("name", sql_12_a);
|
params.put("name", sql_12_a);
|
||||||
params.put("auth_tan", sql_12_b);
|
params.put("auth_tan", sql_12_b);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/attack9"), params, true);
|
checkAssignment(url("SqlInjection/attack9"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("action_string", sql_13);
|
params.put("action_string", sql_13);
|
||||||
checkAssignment(url("/WebGoat/SqlInjection/attack10"), params, true);
|
checkAssignment(url("SqlInjection/attack10"), params, true);
|
||||||
|
|
||||||
checkResults("/SqlInjection/");
|
checkResults("/SqlInjection/");
|
||||||
}
|
}
|
||||||
|
@ -23,7 +23,7 @@ public class SqlInjectionMitigationIntegrationTest extends IntegrationTest {
|
|||||||
params.put("field5", "?");
|
params.put("field5", "?");
|
||||||
params.put("field6", "prep.setString(1,\"\")");
|
params.put("field6", "prep.setString(1,\"\")");
|
||||||
params.put("field7", "prep.setString(2,\\\"\\\")");
|
params.put("field7", "prep.setString(2,\\\"\\\")");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionMitigations/attack10a"), params, true);
|
checkAssignment(url("SqlInjectionMitigations/attack10a"), params, true);
|
||||||
|
|
||||||
params.put(
|
params.put(
|
||||||
"editor",
|
"editor",
|
||||||
@ -37,18 +37,18 @@ public class SqlInjectionMitigationIntegrationTest extends IntegrationTest {
|
|||||||
+ "} catch (Exception e) {\r\n"
|
+ "} catch (Exception e) {\r\n"
|
||||||
+ " System.out.println(\"Oops. Something went wrong!\");\r\n"
|
+ " System.out.println(\"Oops. Something went wrong!\");\r\n"
|
||||||
+ "}");
|
+ "}");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionMitigations/attack10b"), params, true);
|
checkAssignment(url("SqlInjectionMitigations/attack10b"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put(
|
params.put(
|
||||||
"userid_sql_only_input_validation", "Smith';SELECT/**/*/**/from/**/user_system_data;--");
|
"userid_sql_only_input_validation", "Smith';SELECT/**/*/**/from/**/user_system_data;--");
|
||||||
checkAssignment(url("/WebGoat/SqlOnlyInputValidation/attack"), params, true);
|
checkAssignment(url("SqlOnlyInputValidation/attack"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put(
|
params.put(
|
||||||
"userid_sql_only_input_validation_on_keywords",
|
"userid_sql_only_input_validation_on_keywords",
|
||||||
"Smith';SESELECTLECT/**/*/**/FRFROMOM/**/user_system_data;--");
|
"Smith';SESELECTLECT/**/*/**/FRFROMOM/**/user_system_data;--");
|
||||||
checkAssignment(url("/WebGoat/SqlOnlyInputValidationOnKeywords/attack"), params, true);
|
checkAssignment(url("SqlOnlyInputValidationOnKeywords/attack"), params, true);
|
||||||
|
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.when()
|
.when()
|
||||||
@ -57,7 +57,7 @@ public class SqlInjectionMitigationIntegrationTest extends IntegrationTest {
|
|||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.get(
|
.get(
|
||||||
url(
|
url(
|
||||||
"/WebGoat/SqlInjectionMitigations/servers?column=(case when (true) then hostname"
|
"SqlInjectionMitigations/servers?column=(case when (true) then hostname"
|
||||||
+ " else id end)"))
|
+ " else id end)"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200);
|
.statusCode(200);
|
||||||
@ -67,7 +67,7 @@ public class SqlInjectionMitigationIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.get(url("/WebGoat/SqlInjectionMitigations/servers?column=unknown"))
|
.get(url("SqlInjectionMitigations/servers?column=unknown"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(500)
|
.statusCode(500)
|
||||||
.body(
|
.body(
|
||||||
@ -78,7 +78,7 @@ public class SqlInjectionMitigationIntegrationTest extends IntegrationTest {
|
|||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("ip", "104.130.219.202");
|
params.put("ip", "104.130.219.202");
|
||||||
checkAssignment(url("/WebGoat/SqlInjectionMitigations/attack12a"), params, true);
|
checkAssignment(url("SqlInjectionMitigations/attack12a"), params, true);
|
||||||
|
|
||||||
checkResults();
|
checkResults();
|
||||||
}
|
}
|
||||||
|
@ -3,7 +3,6 @@ package org.owasp.webgoat;
|
|||||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
|
||||||
import io.restassured.RestAssured;
|
import io.restassured.RestAssured;
|
||||||
import java.io.IOException;
|
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
@ -11,21 +10,20 @@ import org.junit.jupiter.api.Test;
|
|||||||
public class WebWolfIntegrationTest extends IntegrationTest {
|
public class WebWolfIntegrationTest extends IntegrationTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void runTests() throws IOException {
|
public void runTests() {
|
||||||
startLesson("WebWolfIntroduction");
|
startLesson("WebWolfIntroduction");
|
||||||
|
|
||||||
// Assignment 3
|
// Assignment 3
|
||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
|
||||||
params.put("email", this.getUser() + "@webgoat.org");
|
params.put("email", this.getUser() + "@webgoat.org");
|
||||||
checkAssignment(url("/WebGoat/WebWolf/mail/send"), params, false);
|
checkAssignment(url("WebWolf/mail/send"), params, false);
|
||||||
|
|
||||||
String responseBody =
|
String responseBody =
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/WebWolf/mail"))
|
.get(webWolfUrl("mail"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -39,7 +37,7 @@ public class WebWolfIntegrationTest extends IntegrationTest {
|
|||||||
uniqueCode.lastIndexOf("your unique code is: ") + (21 + this.getUser().length()));
|
uniqueCode.lastIndexOf("your unique code is: ") + (21 + this.getUser().length()));
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("uniqueCode", uniqueCode);
|
params.put("uniqueCode", uniqueCode);
|
||||||
checkAssignment(url("/WebGoat/WebWolf/mail"), params, true);
|
checkAssignment(url("WebWolf/mail"), params, true);
|
||||||
|
|
||||||
// Assignment 4
|
// Assignment 4
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
@ -47,7 +45,7 @@ public class WebWolfIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("JSESSIONID", getWebGoatCookie())
|
.cookie("JSESSIONID", getWebGoatCookie())
|
||||||
.queryParams(params)
|
.queryParams(params)
|
||||||
.get(url("/WebGoat/WebWolf/landing/password-reset"))
|
.get(url("WebWolf/landing/password-reset"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200);
|
.statusCode(200);
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
@ -55,7 +53,7 @@ public class WebWolfIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.queryParams(params)
|
.queryParams(params)
|
||||||
.get(webWolfUrl("/landing"))
|
.get(webWolfUrl("landing"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200);
|
.statusCode(200);
|
||||||
responseBody =
|
responseBody =
|
||||||
@ -63,7 +61,7 @@ public class WebWolfIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/WebWolf/requests"))
|
.get(webWolfUrl("requests"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -72,7 +70,7 @@ public class WebWolfIntegrationTest extends IntegrationTest {
|
|||||||
assertTrue(responseBody.contains(uniqueCode));
|
assertTrue(responseBody.contains(uniqueCode));
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("uniqueCode", uniqueCode);
|
params.put("uniqueCode", uniqueCode);
|
||||||
checkAssignment(url("/WebGoat/WebWolf/landing"), params, true);
|
checkAssignment(url("WebWolf/landing"), params, true);
|
||||||
|
|
||||||
checkResults("/WebWolf");
|
checkResults("/WebWolf");
|
||||||
}
|
}
|
||||||
|
@ -14,7 +14,7 @@ public class XSSIntegrationTest extends IntegrationTest {
|
|||||||
Map<String, Object> params = new HashMap<>();
|
Map<String, Object> params = new HashMap<>();
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("checkboxAttack1", "value");
|
params.put("checkboxAttack1", "value");
|
||||||
checkAssignment(url("/CrossSiteScripting/attack1"), params, true);
|
checkAssignment(url("CrossSiteScripting/attack1"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("QTY1", "1");
|
params.put("QTY1", "1");
|
||||||
@ -23,11 +23,11 @@ public class XSSIntegrationTest extends IntegrationTest {
|
|||||||
params.put("QTY4", "1");
|
params.put("QTY4", "1");
|
||||||
params.put("field1", "<script>alert('XSS+Test')</script>");
|
params.put("field1", "<script>alert('XSS+Test')</script>");
|
||||||
params.put("field2", "111");
|
params.put("field2", "111");
|
||||||
checkAssignmentWithGet(url("/CrossSiteScripting/attack5a"), params, true);
|
checkAssignmentWithGet(url("CrossSiteScripting/attack5a"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("DOMTestRoute", "start.mvc#test");
|
params.put("DOMTestRoute", "start.mvc#test");
|
||||||
checkAssignment(url("/CrossSiteScripting/attack6a"), params, true);
|
checkAssignment(url("CrossSiteScripting/attack6a"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("param1", "42");
|
params.put("param1", "42");
|
||||||
@ -41,7 +41,7 @@ public class XSSIntegrationTest extends IntegrationTest {
|
|||||||
.header("webgoat-requested-by", "dom-xss-vuln")
|
.header("webgoat-requested-by", "dom-xss-vuln")
|
||||||
.header("X-Requested-With", "XMLHttpRequest")
|
.header("X-Requested-With", "XMLHttpRequest")
|
||||||
.formParams(params)
|
.formParams(params)
|
||||||
.post(url("/CrossSiteScripting/phone-home-xss"))
|
.post(url("CrossSiteScripting/phone-home-xss"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200)
|
.statusCode(200)
|
||||||
.extract()
|
.extract()
|
||||||
@ -50,7 +50,7 @@ public class XSSIntegrationTest extends IntegrationTest {
|
|||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put("successMessage", secretNumber);
|
params.put("successMessage", secretNumber);
|
||||||
checkAssignment(url("/CrossSiteScripting/dom-follow-up"), params, true);
|
checkAssignment(url("CrossSiteScripting/dom-follow-up"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put(
|
params.put(
|
||||||
@ -73,7 +73,7 @@ public class XSSIntegrationTest extends IntegrationTest {
|
|||||||
"question_4_solution",
|
"question_4_solution",
|
||||||
"Solution 4: No there are many other ways. Like HTML, Flash or any other type of code that"
|
"Solution 4: No there are many other ways. Like HTML, Flash or any other type of code that"
|
||||||
+ " the browser executes.");
|
+ " the browser executes.");
|
||||||
checkAssignment(url("/CrossSiteScripting/quiz"), params, true);
|
checkAssignment(url("CrossSiteScripting/quiz"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put(
|
params.put(
|
||||||
@ -99,7 +99,7 @@ public class XSSIntegrationTest extends IntegrationTest {
|
|||||||
+ "</table>"
|
+ "</table>"
|
||||||
+ "</body>"
|
+ "</body>"
|
||||||
+ "</html>");
|
+ "</html>");
|
||||||
checkAssignment(url("/CrossSiteScripting/attack3"), params, true);
|
checkAssignment(url("CrossSiteScripting/attack3"), params, true);
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.put(
|
params.put(
|
||||||
@ -109,7 +109,7 @@ public class XSSIntegrationTest extends IntegrationTest {
|
|||||||
+ "s.scan(newComment,\"\");"
|
+ "s.scan(newComment,\"\");"
|
||||||
+ "CleanResults();"
|
+ "CleanResults();"
|
||||||
+ "MyCommentDAO.addComment(threadID, userID).getCleanHTML());");
|
+ "MyCommentDAO.addComment(threadID, userID).getCleanHTML());");
|
||||||
checkAssignment(url("/CrossSiteScripting/attack4"), params, true);
|
checkAssignment(url("CrossSiteScripting/attack4"), params, true);
|
||||||
|
|
||||||
checkResults("/CrossSiteScripting");
|
checkResults("/CrossSiteScripting");
|
||||||
}
|
}
|
||||||
|
@ -45,10 +45,10 @@ public class XXEIntegrationTest extends IntegrationTest {
|
|||||||
.get(url("service/enable-security.mvc"))
|
.get(url("service/enable-security.mvc"))
|
||||||
.then()
|
.then()
|
||||||
.statusCode(200);
|
.statusCode(200);
|
||||||
checkAssignment(url("/WebGoat/xxe/simple"), ContentType.XML, xxe3, false);
|
checkAssignment(url("xxe/simple"), ContentType.XML, xxe3, false);
|
||||||
checkAssignment(url("/WebGoat/xxe/content-type"), ContentType.XML, xxe4, false);
|
checkAssignment(url("xxe/content-type"), ContentType.XML, xxe4, false);
|
||||||
checkAssignment(
|
checkAssignment(
|
||||||
url("/WebGoat/xxe/blind"),
|
url("xxe/blind"),
|
||||||
ContentType.XML,
|
ContentType.XML,
|
||||||
"<comment><text>" + getSecret() + "</text></comment>",
|
"<comment><text>" + getSecret() + "</text></comment>",
|
||||||
false);
|
false);
|
||||||
@ -68,7 +68,7 @@ public class XXEIntegrationTest extends IntegrationTest {
|
|||||||
}
|
}
|
||||||
String secretFile = webGoatHomeDirectory.concat("/XXE/" + getUser() + "/secret.txt");
|
String secretFile = webGoatHomeDirectory.concat("/XXE/" + getUser() + "/secret.txt");
|
||||||
String dtd7String =
|
String dtd7String =
|
||||||
dtd7.replace("WEBWOLFURL", webWolfUrl("/landing")).replace("SECRET", secretFile);
|
dtd7.replace("WEBWOLFURL", webWolfUrl("landing")).replace("SECRET", secretFile);
|
||||||
|
|
||||||
// upload DTD
|
// upload DTD
|
||||||
RestAssured.given()
|
RestAssured.given()
|
||||||
@ -76,7 +76,7 @@ public class XXEIntegrationTest extends IntegrationTest {
|
|||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.multiPart("file", "blind.dtd", dtd7String.getBytes())
|
.multiPart("file", "blind.dtd", dtd7String.getBytes())
|
||||||
.post(webWolfUrl("/fileupload"))
|
.post(webWolfUrl("fileupload"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -84,8 +84,8 @@ public class XXEIntegrationTest extends IntegrationTest {
|
|||||||
.asString();
|
.asString();
|
||||||
// upload attack
|
// upload attack
|
||||||
String xxe7String =
|
String xxe7String =
|
||||||
xxe7.replace("WEBWOLFURL", webWolfUrl("/files")).replace("USERNAME", this.getUser());
|
xxe7.replace("WEBWOLFURL", webWolfUrl("files")).replace("USERNAME", this.getUser());
|
||||||
checkAssignment(url("/WebGoat/xxe/blind"), ContentType.XML, xxe7String, false);
|
checkAssignment(url("xxe/blind"), ContentType.XML, xxe7String, false);
|
||||||
|
|
||||||
// read results from WebWolf
|
// read results from WebWolf
|
||||||
String result =
|
String result =
|
||||||
@ -93,7 +93,7 @@ public class XXEIntegrationTest extends IntegrationTest {
|
|||||||
.when()
|
.when()
|
||||||
.relaxedHTTPSValidation()
|
.relaxedHTTPSValidation()
|
||||||
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
.cookie("WEBWOLFSESSION", getWebWolfCookie())
|
||||||
.get(webWolfUrl("/WebWolf/requests"))
|
.get(webWolfUrl("requests"))
|
||||||
.then()
|
.then()
|
||||||
.extract()
|
.extract()
|
||||||
.response()
|
.response()
|
||||||
@ -114,10 +114,10 @@ public class XXEIntegrationTest extends IntegrationTest {
|
|||||||
startLesson("XXE", true);
|
startLesson("XXE", true);
|
||||||
webGoatHomeDirectory = webGoatServerDirectory();
|
webGoatHomeDirectory = webGoatServerDirectory();
|
||||||
webWolfFileServerLocation = getWebWolfFileServerLocation();
|
webWolfFileServerLocation = getWebWolfFileServerLocation();
|
||||||
checkAssignment(url("/WebGoat/xxe/simple"), ContentType.XML, xxe3, true);
|
checkAssignment(url("xxe/simple"), ContentType.XML, xxe3, true);
|
||||||
checkAssignment(url("/WebGoat/xxe/content-type"), ContentType.XML, xxe4, true);
|
checkAssignment(url("xxe/content-type"), ContentType.XML, xxe4, true);
|
||||||
checkAssignment(
|
checkAssignment(
|
||||||
url("/WebGoat/xxe/blind"),
|
url("xxe/blind"),
|
||||||
ContentType.XML,
|
ContentType.XML,
|
||||||
"<comment><text>" + getSecret() + "</text></comment>",
|
"<comment><text>" + getSecret() + "</text></comment>",
|
||||||
true);
|
true);
|
||||||
|
@ -242,6 +242,7 @@ public class MvcConfiguration implements WebMvcConfigurer {
|
|||||||
@Override
|
@Override
|
||||||
public void addInterceptors(InterceptorRegistry registry) {
|
public void addInterceptors(InterceptorRegistry registry) {
|
||||||
registry.addInterceptor(localeChangeInterceptor());
|
registry.addInterceptor(localeChangeInterceptor());
|
||||||
|
registry.addInterceptor(new UserInterceptor());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
@ -0,0 +1,53 @@
|
|||||||
|
package org.owasp.webgoat.container;
|
||||||
|
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
|
import org.owasp.webgoat.container.asciidoc.EnvironmentExposure;
|
||||||
|
import org.springframework.core.env.Environment;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
|
import org.springframework.web.servlet.HandlerInterceptor;
|
||||||
|
import org.springframework.web.servlet.ModelAndView;
|
||||||
|
|
||||||
|
public class UserInterceptor implements HandlerInterceptor {
|
||||||
|
|
||||||
|
private Environment env = EnvironmentExposure.getEnv();
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
|
||||||
|
throws Exception {
|
||||||
|
// Do nothing
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void postHandle(
|
||||||
|
HttpServletRequest request,
|
||||||
|
HttpServletResponse response,
|
||||||
|
Object handler,
|
||||||
|
ModelAndView modelAndView)
|
||||||
|
throws Exception {
|
||||||
|
if (null != modelAndView) {
|
||||||
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
if (null != authentication) {
|
||||||
|
modelAndView.getModel().put("username", authentication.getName());
|
||||||
|
}
|
||||||
|
if (null != env) {
|
||||||
|
String githubClientId =
|
||||||
|
env.getProperty("spring.security.oauth2.client.registration.github.client-id");
|
||||||
|
if (null != githubClientId && !githubClientId.equals("dummy")) {
|
||||||
|
modelAndView.getModel().put("oauth", Boolean.TRUE);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
modelAndView.getModel().put("oauth", Boolean.FALSE);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void afterCompletion(
|
||||||
|
HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
|
||||||
|
throws Exception {
|
||||||
|
// Do nothing
|
||||||
|
}
|
||||||
|
}
|
@ -34,6 +34,9 @@ package org.owasp.webgoat.container;
|
|||||||
import java.io.File;
|
import java.io.File;
|
||||||
import org.owasp.webgoat.container.session.UserSessionData;
|
import org.owasp.webgoat.container.session.UserSessionData;
|
||||||
import org.owasp.webgoat.container.session.WebSession;
|
import org.owasp.webgoat.container.session.WebSession;
|
||||||
|
import org.owasp.webgoat.container.users.UserRepository;
|
||||||
|
import org.owasp.webgoat.container.users.WebGoatUser;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
@ -42,6 +45,8 @@ import org.springframework.context.annotation.Configuration;
|
|||||||
import org.springframework.context.annotation.PropertySource;
|
import org.springframework.context.annotation.PropertySource;
|
||||||
import org.springframework.context.annotation.Scope;
|
import org.springframework.context.annotation.Scope;
|
||||||
import org.springframework.context.annotation.ScopedProxyMode;
|
import org.springframework.context.annotation.ScopedProxyMode;
|
||||||
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
|
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
|
||||||
import org.springframework.web.client.RestTemplate;
|
import org.springframework.web.client.RestTemplate;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@ -50,6 +55,8 @@ import org.springframework.web.client.RestTemplate;
|
|||||||
@EnableAutoConfiguration
|
@EnableAutoConfiguration
|
||||||
public class WebGoat {
|
public class WebGoat {
|
||||||
|
|
||||||
|
@Autowired private UserRepository userRepository;
|
||||||
|
|
||||||
@Bean(name = "pluginTargetDirectory")
|
@Bean(name = "pluginTargetDirectory")
|
||||||
public File pluginTargetDirectory(@Value("${webgoat.user.directory}") final String webgoatHome) {
|
public File pluginTargetDirectory(@Value("${webgoat.user.directory}") final String webgoatHome) {
|
||||||
return new File(webgoatHome);
|
return new File(webgoatHome);
|
||||||
@ -58,7 +65,14 @@ public class WebGoat {
|
|||||||
@Bean
|
@Bean
|
||||||
@Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS)
|
@Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS)
|
||||||
public WebSession webSession() {
|
public WebSession webSession() {
|
||||||
return new WebSession();
|
WebGoatUser webGoatUser = null;
|
||||||
|
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
||||||
|
if (principal instanceof WebGoatUser) {
|
||||||
|
webGoatUser = (WebGoatUser) principal;
|
||||||
|
} else if (principal instanceof DefaultOAuth2User) {
|
||||||
|
webGoatUser = userRepository.findByUsername(((DefaultOAuth2User) principal).getName());
|
||||||
|
}
|
||||||
|
return new WebSession(webGoatUser);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
@ -54,32 +54,41 @@ public class WebSecurityConfig {
|
|||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http.authorizeHttpRequests(
|
return http.authorizeHttpRequests(
|
||||||
auth ->
|
auth ->
|
||||||
auth.requestMatchers(
|
auth.requestMatchers(
|
||||||
"/css/**",
|
"/",
|
||||||
"/images/**",
|
"/favicon.ico",
|
||||||
"/js/**",
|
"/css/**",
|
||||||
"fonts/**",
|
"/images/**",
|
||||||
"/plugins/**",
|
"/js/**",
|
||||||
"/registration",
|
"fonts/**",
|
||||||
"/register.mvc",
|
"/plugins/**",
|
||||||
"/actuator/**")
|
"/registration",
|
||||||
.permitAll()
|
"/register.mvc")
|
||||||
.anyRequest()
|
.permitAll()
|
||||||
.authenticated());
|
.anyRequest()
|
||||||
http.formLogin()
|
.authenticated())
|
||||||
.loginPage("/login")
|
.formLogin(
|
||||||
.defaultSuccessUrl("/welcome.mvc", true)
|
login ->
|
||||||
.usernameParameter("username")
|
login
|
||||||
.passwordParameter("password")
|
.loginPage("/login")
|
||||||
.permitAll();
|
.defaultSuccessUrl("/welcome.mvc", true)
|
||||||
http.logout().deleteCookies("JSESSIONID").invalidateHttpSession(true);
|
.usernameParameter("username")
|
||||||
http.csrf().disable();
|
.passwordParameter("password")
|
||||||
|
.permitAll())
|
||||||
http.headers().cacheControl().disable();
|
.oauth2Login(
|
||||||
http.exceptionHandling().authenticationEntryPoint(new AjaxAuthenticationEntryPoint("/login"));
|
oidc -> {
|
||||||
return http.build();
|
oidc.defaultSuccessUrl("/login-oauth.mvc");
|
||||||
|
oidc.loginPage("/login");
|
||||||
|
})
|
||||||
|
.logout(logout -> logout.deleteCookies("JSESSIONID").invalidateHttpSession(true))
|
||||||
|
.csrf(csrf -> csrf.disable())
|
||||||
|
.headers(headers -> headers.disable())
|
||||||
|
.exceptionHandling(
|
||||||
|
handling ->
|
||||||
|
handling.authenticationEntryPoint(new AjaxAuthenticationEntryPoint("/login")))
|
||||||
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
@ -98,7 +107,6 @@ public class WebSecurityConfig {
|
|||||||
return authenticationConfiguration.getAuthenticationManager();
|
return authenticationConfiguration.getAuthenticationManager();
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("deprecation")
|
|
||||||
@Bean
|
@Bean
|
||||||
public NoOpPasswordEncoder passwordEncoder() {
|
public NoOpPasswordEncoder passwordEncoder() {
|
||||||
return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
|
return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
|
||||||
|
@ -16,7 +16,7 @@ public class EnvironmentExposure implements ApplicationContextAware {
|
|||||||
private static ApplicationContext context;
|
private static ApplicationContext context;
|
||||||
|
|
||||||
public static Environment getEnv() {
|
public static Environment getEnv() {
|
||||||
return context.getEnvironment();
|
return (null != context) ? context.getEnvironment() : null;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -3,7 +3,6 @@ package org.owasp.webgoat.container.session;
|
|||||||
import java.io.Serializable;
|
import java.io.Serializable;
|
||||||
import org.owasp.webgoat.container.lessons.Lesson;
|
import org.owasp.webgoat.container.lessons.Lesson;
|
||||||
import org.owasp.webgoat.container.users.WebGoatUser;
|
import org.owasp.webgoat.container.users.WebGoatUser;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* *************************************************************************************************
|
* *************************************************************************************************
|
||||||
@ -40,13 +39,12 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
|||||||
public class WebSession implements Serializable {
|
public class WebSession implements Serializable {
|
||||||
|
|
||||||
private static final long serialVersionUID = -4270066103101711560L;
|
private static final long serialVersionUID = -4270066103101711560L;
|
||||||
private final WebGoatUser currentUser;
|
private WebGoatUser currentUser;
|
||||||
private transient Lesson currentLesson;
|
private transient Lesson currentLesson;
|
||||||
private boolean securityEnabled;
|
private boolean securityEnabled;
|
||||||
|
|
||||||
public WebSession() {
|
public WebSession(WebGoatUser webGoatUser) {
|
||||||
this.currentUser =
|
this.currentUser = webGoatUser;
|
||||||
(WebGoatUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -3,8 +3,10 @@ package org.owasp.webgoat.container.users;
|
|||||||
import jakarta.servlet.ServletException;
|
import jakarta.servlet.ServletException;
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.validation.Valid;
|
import jakarta.validation.Valid;
|
||||||
|
import java.util.UUID;
|
||||||
import lombok.AllArgsConstructor;
|
import lombok.AllArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.validation.BindingResult;
|
import org.springframework.validation.BindingResult;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
@ -44,4 +46,12 @@ public class RegistrationController {
|
|||||||
|
|
||||||
return "redirect:/attack";
|
return "redirect:/attack";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@GetMapping("/login-oauth.mvc")
|
||||||
|
public String registrationOAUTH(Authentication authentication, HttpServletRequest request)
|
||||||
|
throws ServletException {
|
||||||
|
log.info("register oauth user in database");
|
||||||
|
userService.addUser(authentication.getName(), UUID.randomUUID().toString());
|
||||||
|
return "redirect:/welcome.mvc";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -48,16 +48,19 @@ public class ResetLinkAssignmentForgotPassword extends AssignmentEndpoint {
|
|||||||
private final RestTemplate restTemplate;
|
private final RestTemplate restTemplate;
|
||||||
private String webWolfHost;
|
private String webWolfHost;
|
||||||
private String webWolfPort;
|
private String webWolfPort;
|
||||||
|
private String webWolfURL;
|
||||||
private final String webWolfMailURL;
|
private final String webWolfMailURL;
|
||||||
|
|
||||||
public ResetLinkAssignmentForgotPassword(
|
public ResetLinkAssignmentForgotPassword(
|
||||||
RestTemplate restTemplate,
|
RestTemplate restTemplate,
|
||||||
@Value("${webwolf.host}") String webWolfHost,
|
@Value("${webwolf.host}") String webWolfHost,
|
||||||
@Value("${webwolf.port}") String webWolfPort,
|
@Value("${webwolf.port}") String webWolfPort,
|
||||||
|
@Value("${webwolf.url}") String webWolfURL,
|
||||||
@Value("${webwolf.mail.url}") String webWolfMailURL) {
|
@Value("${webwolf.mail.url}") String webWolfMailURL) {
|
||||||
this.restTemplate = restTemplate;
|
this.restTemplate = restTemplate;
|
||||||
this.webWolfHost = webWolfHost;
|
this.webWolfHost = webWolfHost;
|
||||||
this.webWolfPort = webWolfPort;
|
this.webWolfPort = webWolfPort;
|
||||||
|
this.webWolfURL = webWolfURL;
|
||||||
this.webWolfMailURL = webWolfMailURL;
|
this.webWolfMailURL = webWolfMailURL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -67,12 +70,12 @@ public class ResetLinkAssignmentForgotPassword extends AssignmentEndpoint {
|
|||||||
@RequestParam String email, HttpServletRequest request) {
|
@RequestParam String email, HttpServletRequest request) {
|
||||||
String resetLink = UUID.randomUUID().toString();
|
String resetLink = UUID.randomUUID().toString();
|
||||||
ResetLinkAssignment.resetLinks.add(resetLink);
|
ResetLinkAssignment.resetLinks.add(resetLink);
|
||||||
String host = request.getHeader("host");
|
String host = request.getHeader(HttpHeaders.HOST);
|
||||||
if (ResetLinkAssignment.TOM_EMAIL.equals(email)
|
if (ResetLinkAssignment.TOM_EMAIL.equals(email)
|
||||||
&& (host.contains(webWolfPort)
|
&& (host.contains(webWolfPort)
|
||||||
|| host.contains(webWolfHost))) { // User indeed changed the host header.
|
&& host.contains(webWolfHost))) { // User indeed changed the host header.
|
||||||
ResetLinkAssignment.userToTomResetLink.put(getWebSession().getUserName(), resetLink);
|
ResetLinkAssignment.userToTomResetLink.put(getWebSession().getUserName(), resetLink);
|
||||||
fakeClickingLinkEmail(host, resetLink);
|
fakeClickingLinkEmail(webWolfURL, resetLink);
|
||||||
} else {
|
} else {
|
||||||
try {
|
try {
|
||||||
sendMailToUser(email, host, resetLink);
|
sendMailToUser(email, host, resetLink);
|
||||||
@ -97,13 +100,13 @@ public class ResetLinkAssignmentForgotPassword extends AssignmentEndpoint {
|
|||||||
this.restTemplate.postForEntity(webWolfMailURL, mail, Object.class);
|
this.restTemplate.postForEntity(webWolfMailURL, mail, Object.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void fakeClickingLinkEmail(String host, String resetLink) {
|
private void fakeClickingLinkEmail(String webWolfURL, String resetLink) {
|
||||||
try {
|
try {
|
||||||
HttpHeaders httpHeaders = new HttpHeaders();
|
HttpHeaders httpHeaders = new HttpHeaders();
|
||||||
HttpEntity httpEntity = new HttpEntity(httpHeaders);
|
HttpEntity httpEntity = new HttpEntity(httpHeaders);
|
||||||
new RestTemplate()
|
new RestTemplate()
|
||||||
.exchange(
|
.exchange(
|
||||||
String.format("http://%s/PasswordReset/reset/reset-password/%s", host, resetLink),
|
String.format("%s/PasswordReset/reset/reset-password/%s", webWolfURL, resetLink),
|
||||||
HttpMethod.GET,
|
HttpMethod.GET,
|
||||||
httpEntity,
|
httpEntity,
|
||||||
Void.class);
|
Void.class);
|
||||||
|
@ -58,7 +58,8 @@ public class LandingAssignment extends AssignmentEndpoint {
|
|||||||
public ModelAndView openPasswordReset(HttpServletRequest request) throws URISyntaxException {
|
public ModelAndView openPasswordReset(HttpServletRequest request) throws URISyntaxException {
|
||||||
URI uri = new URI(request.getRequestURL().toString());
|
URI uri = new URI(request.getRequestURL().toString());
|
||||||
ModelAndView modelAndView = new ModelAndView();
|
ModelAndView modelAndView = new ModelAndView();
|
||||||
modelAndView.addObject("webwolfUrl", landingPageUrl);
|
modelAndView.addObject(
|
||||||
|
"webwolfLandingPageUrl", landingPageUrl.replace("//landing", "/landing"));
|
||||||
modelAndView.addObject("uniqueCode", StringUtils.reverse(getWebSession().getUserName()));
|
modelAndView.addObject("uniqueCode", StringUtils.reverse(getWebSession().getUserName()));
|
||||||
|
|
||||||
modelAndView.setViewName("lessons/webwolfintroduction/templates/webwolfPasswordReset.html");
|
modelAndView.setViewName("lessons/webwolfintroduction/templates/webwolfPasswordReset.html");
|
||||||
|
@ -25,14 +25,12 @@
|
|||||||
|
|
||||||
package org.owasp.webgoat.server;
|
package org.owasp.webgoat.server;
|
||||||
|
|
||||||
import lombok.extern.slf4j.Slf4j;
|
|
||||||
import org.owasp.webgoat.container.WebGoat;
|
import org.owasp.webgoat.container.WebGoat;
|
||||||
import org.owasp.webgoat.webwolf.WebWolf;
|
import org.owasp.webgoat.webwolf.WebWolf;
|
||||||
import org.springframework.boot.Banner;
|
import org.springframework.boot.Banner;
|
||||||
import org.springframework.boot.WebApplicationType;
|
import org.springframework.boot.WebApplicationType;
|
||||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||||
|
|
||||||
@Slf4j
|
|
||||||
public class StartWebGoat {
|
public class StartWebGoat {
|
||||||
|
|
||||||
public static void main(String[] args) {
|
public static void main(String[] args) {
|
||||||
|
@ -15,16 +15,18 @@ public class StartupMessage {
|
|||||||
|
|
||||||
private String port;
|
private String port;
|
||||||
private String address;
|
private String address;
|
||||||
|
private String contextPath;
|
||||||
|
|
||||||
@EventListener
|
@EventListener
|
||||||
void onStartup(ApplicationReadyEvent event) {
|
void onStartup(ApplicationReadyEvent event) {
|
||||||
|
|
||||||
|
port = event.getApplicationContext().getEnvironment().getProperty("server.port");
|
||||||
|
address = event.getApplicationContext().getEnvironment().getProperty("server.address");
|
||||||
|
contextPath =
|
||||||
|
event.getApplicationContext().getEnvironment().getProperty("server.servlet.context-path");
|
||||||
if (StringUtils.hasText(port)
|
if (StringUtils.hasText(port)
|
||||||
&& !StringUtils.hasText(System.getProperty("running.in.docker"))) {
|
&& !StringUtils.hasText(System.getProperty("running.in.docker"))) {
|
||||||
log.info("Please browse to http://{}:{}/WebGoat to get started...", address, port);
|
log.warn("Please browse to http://{}:{}{} to get started...", address, port, contextPath);
|
||||||
}
|
|
||||||
if (event.getApplicationContext().getApplicationName().contains("WebGoat")) {
|
|
||||||
port = event.getApplicationContext().getEnvironment().getProperty("server.port");
|
|
||||||
address = event.getApplicationContext().getEnvironment().getProperty("server.address");
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -32,10 +32,9 @@ import lombok.AllArgsConstructor;
|
|||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.apache.commons.io.FileUtils;
|
import org.apache.commons.io.FileUtils;
|
||||||
import org.owasp.webgoat.webwolf.user.WebGoatUser;
|
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.http.MediaType;
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.ui.ModelMap;
|
import org.springframework.ui.ModelMap;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
@ -58,6 +57,9 @@ public class FileServer {
|
|||||||
@Value("${server.address}")
|
@Value("${server.address}")
|
||||||
private String server;
|
private String server;
|
||||||
|
|
||||||
|
@Value("${server.servlet.context-path}")
|
||||||
|
private String contextPath;
|
||||||
|
|
||||||
@Value("${server.port}")
|
@Value("${server.port}")
|
||||||
private int port;
|
private int port;
|
||||||
|
|
||||||
@ -71,9 +73,11 @@ public class FileServer {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping(value = "/fileupload")
|
@PostMapping(value = "/fileupload")
|
||||||
public ModelAndView importFile(@RequestParam("file") MultipartFile myFile) throws IOException {
|
public ModelAndView importFile(
|
||||||
var user = (WebGoatUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
@RequestParam("file") MultipartFile myFile, Authentication authentication)
|
||||||
var destinationDir = new File(fileLocation, user.getUsername());
|
throws IOException {
|
||||||
|
String username = authentication.getName();
|
||||||
|
var destinationDir = new File(fileLocation, username);
|
||||||
destinationDir.mkdirs();
|
destinationDir.mkdirs();
|
||||||
myFile.transferTo(new File(destinationDir, myFile.getOriginalFilename()));
|
myFile.transferTo(new File(destinationDir, myFile.getOriginalFilename()));
|
||||||
log.debug("File saved to {}", new File(destinationDir, myFile.getOriginalFilename()));
|
log.debug("File saved to {}", new File(destinationDir, myFile.getOriginalFilename()));
|
||||||
@ -92,15 +96,13 @@ public class FileServer {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping(value = "/files")
|
@GetMapping(value = "/files")
|
||||||
public ModelAndView getFiles(HttpServletRequest request) {
|
public ModelAndView getFiles(HttpServletRequest request, Authentication authentication) {
|
||||||
WebGoatUser user =
|
String username = (null != authentication) ? authentication.getName() : "anonymous";
|
||||||
(WebGoatUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
|
||||||
String username = user.getUsername();
|
|
||||||
File destinationDir = new File(fileLocation, username);
|
File destinationDir = new File(fileLocation, username);
|
||||||
|
|
||||||
ModelAndView modelAndView = new ModelAndView();
|
ModelAndView modelAndView = new ModelAndView();
|
||||||
modelAndView.setViewName("files");
|
modelAndView.setViewName("files");
|
||||||
File changeIndicatorFile = new File(destinationDir, user.getUsername() + "_changed");
|
File changeIndicatorFile = new File(destinationDir, username + "_changed");
|
||||||
if (changeIndicatorFile.exists()) {
|
if (changeIndicatorFile.exists()) {
|
||||||
modelAndView.addObject("uploadSuccess", request.getParameter("uploadSuccess"));
|
modelAndView.addObject("uploadSuccess", request.getParameter("uploadSuccess"));
|
||||||
}
|
}
|
||||||
@ -117,7 +119,7 @@ public class FileServer {
|
|||||||
}
|
}
|
||||||
|
|
||||||
modelAndView.addObject("files", uploadedFiles);
|
modelAndView.addObject("files", uploadedFiles);
|
||||||
modelAndView.addObject("webwolf_url", "http://" + server + ":" + port);
|
modelAndView.addObject("webwolf_url", "http://" + server + ":" + port + contextPath);
|
||||||
return modelAndView;
|
return modelAndView;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -24,8 +24,10 @@ package org.owasp.webgoat.webwolf;
|
|||||||
|
|
||||||
import jakarta.annotation.PostConstruct;
|
import jakarta.annotation.PostConstruct;
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
|
import org.owasp.webgoat.container.UserInterceptor;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
@ -55,6 +57,12 @@ public class MvcConfiguration implements WebMvcConfigurer {
|
|||||||
public void addViewControllers(ViewControllerRegistry registry) {
|
public void addViewControllers(ViewControllerRegistry registry) {
|
||||||
registry.addViewController("/login").setViewName("webwolf-login");
|
registry.addViewController("/login").setViewName("webwolf-login");
|
||||||
registry.addViewController("/home").setViewName("home");
|
registry.addViewController("/home").setViewName("home");
|
||||||
|
registry.addViewController("/").setViewName("home");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void addInterceptors(InterceptorRegistry registry) {
|
||||||
|
registry.addInterceptor(new UserInterceptor());
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostConstruct
|
@PostConstruct
|
||||||
|
@ -22,6 +22,7 @@
|
|||||||
package org.owasp.webgoat.webwolf;
|
package org.owasp.webgoat.webwolf;
|
||||||
|
|
||||||
import lombok.AllArgsConstructor;
|
import lombok.AllArgsConstructor;
|
||||||
|
import org.owasp.webgoat.container.AjaxAuthenticationEntryPoint;
|
||||||
import org.owasp.webgoat.webwolf.user.UserService;
|
import org.owasp.webgoat.webwolf.user.UserService;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
@ -46,16 +47,39 @@ public class WebSecurityConfig {
|
|||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http.authorizeHttpRequests(
|
return http.authorizeHttpRequests(
|
||||||
auth -> auth.requestMatchers(HttpMethod.POST, "/fileupload").authenticated());
|
auth -> {
|
||||||
http.authorizeHttpRequests(
|
auth.requestMatchers("/css/**", "/webjars/**", "/favicon.ico", "/js/**", "/images/**")
|
||||||
auth ->
|
.permitAll();
|
||||||
auth.requestMatchers(HttpMethod.GET, "/files", "/mail", "/requests").authenticated());
|
auth.requestMatchers(
|
||||||
http.authorizeHttpRequests().anyRequest().permitAll();
|
HttpMethod.GET,
|
||||||
http.csrf().disable().formLogin().loginPage("/login").failureUrl("/login?error=true");
|
"/fileupload/**",
|
||||||
http.formLogin().loginPage("/login").defaultSuccessUrl("/home", true).permitAll();
|
"/files/**",
|
||||||
http.logout().permitAll();
|
"/landing/**",
|
||||||
return http.build();
|
"/PasswordReset/**")
|
||||||
|
.permitAll();
|
||||||
|
auth.requestMatchers(HttpMethod.POST, "/files", "/mail", "/requests").permitAll();
|
||||||
|
auth.anyRequest().authenticated();
|
||||||
|
})
|
||||||
|
.csrf(csrf -> csrf.disable())
|
||||||
|
.formLogin(
|
||||||
|
login ->
|
||||||
|
login
|
||||||
|
.loginPage("/login")
|
||||||
|
.failureUrl("/login?error=true")
|
||||||
|
.defaultSuccessUrl("/home", true)
|
||||||
|
.usernameParameter("username")
|
||||||
|
.passwordParameter("password")
|
||||||
|
.permitAll())
|
||||||
|
.oauth2Login(
|
||||||
|
oidc -> {
|
||||||
|
oidc.defaultSuccessUrl("/home");
|
||||||
|
})
|
||||||
|
.logout(logout -> logout.deleteCookies("WEBWOLFSESSION").invalidateHttpSession(true))
|
||||||
|
.exceptionHandling(
|
||||||
|
handling ->
|
||||||
|
handling.authenticationEntryPoint(new AjaxAuthenticationEntryPoint("/login")))
|
||||||
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
|
@ -25,8 +25,8 @@ package org.owasp.webgoat.webwolf.mailbox;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.ui.Model;
|
||||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.PostMapping;
|
||||||
@ -42,16 +42,16 @@ public class MailboxController {
|
|||||||
private final MailboxRepository mailboxRepository;
|
private final MailboxRepository mailboxRepository;
|
||||||
|
|
||||||
@GetMapping("/mail")
|
@GetMapping("/mail")
|
||||||
public ModelAndView mail() {
|
public ModelAndView mail(Authentication authentication, Model model) {
|
||||||
UserDetails user =
|
String username = (null != authentication) ? authentication.getName() : "anonymous";
|
||||||
(UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
|
||||||
ModelAndView modelAndView = new ModelAndView();
|
ModelAndView modelAndView = new ModelAndView();
|
||||||
List<Email> emails = mailboxRepository.findByRecipientOrderByTimeDesc(user.getUsername());
|
List<Email> emails = mailboxRepository.findByRecipientOrderByTimeDesc(username);
|
||||||
if (emails != null && !emails.isEmpty()) {
|
if (emails != null && !emails.isEmpty()) {
|
||||||
modelAndView.addObject("total", emails.size());
|
modelAndView.addObject("total", emails.size());
|
||||||
modelAndView.addObject("emails", emails);
|
modelAndView.addObject("emails", emails);
|
||||||
}
|
}
|
||||||
modelAndView.setViewName("mailbox");
|
modelAndView.setViewName("mailbox");
|
||||||
|
model.addAttribute("username", username);
|
||||||
return modelAndView;
|
return modelAndView;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -33,8 +33,7 @@ import lombok.RequiredArgsConstructor;
|
|||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.boot.actuate.web.exchanges.HttpExchange;
|
import org.springframework.boot.actuate.web.exchanges.HttpExchange;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.userdetails.UserDetails;
|
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
@ -64,12 +63,12 @@ public class Requests {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping
|
@GetMapping
|
||||||
public ModelAndView get() {
|
public ModelAndView get(Authentication authentication) {
|
||||||
var model = new ModelAndView("requests");
|
var model = new ModelAndView("requests");
|
||||||
var user = (UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
String username = (null != authentication) ? authentication.getName() : "anonymous";
|
||||||
var traces =
|
var traces =
|
||||||
traceRepository.findAllTraces().stream()
|
traceRepository.findAllTraces().stream()
|
||||||
.filter(t -> allowedTrace(t, user))
|
.filter(t -> allowedTrace(t, username))
|
||||||
.map(t -> new Tracert(t.getTimestamp(), path(t), toJsonString(t)))
|
.map(t -> new Tracert(t.getTimestamp(), path(t), toJsonString(t)))
|
||||||
.collect(toList());
|
.collect(toList());
|
||||||
model.addObject("traces", traces);
|
model.addObject("traces", traces);
|
||||||
@ -77,17 +76,16 @@ public class Requests {
|
|||||||
return model;
|
return model;
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean allowedTrace(HttpExchange t, UserDetails user) {
|
private boolean allowedTrace(HttpExchange t, String username) {
|
||||||
HttpExchange.Request req = t.getRequest();
|
HttpExchange.Request req = t.getRequest();
|
||||||
boolean allowed = true;
|
boolean allowed = true;
|
||||||
/* do not show certain traces to other users in a classroom setup */
|
/* do not show certain traces to other users in a classroom setup */
|
||||||
if (req.getUri().getPath().contains("/files")
|
if (req.getUri().getPath().contains("/files") && !req.getUri().getPath().contains(username)) {
|
||||||
&& !req.getUri().getPath().contains(user.getUsername())) {
|
|
||||||
allowed = false;
|
allowed = false;
|
||||||
} else if (req.getUri().getPath().contains("/landing")
|
} else if (req.getUri().getPath().contains("/landing")
|
||||||
&& req.getUri().getQuery() != null
|
&& req.getUri().getQuery() != null
|
||||||
&& req.getUri().getQuery().contains("uniqueCode")
|
&& req.getUri().getQuery().contains("uniqueCode")
|
||||||
&& !req.getUri().getQuery().contains(StringUtils.reverse(user.getUsername()))) {
|
&& !req.getUri().getQuery().contains(StringUtils.reverse(username))) {
|
||||||
allowed = false;
|
allowed = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -25,7 +25,6 @@ package org.owasp.webgoat.webwolf.requests;
|
|||||||
import com.google.common.collect.EvictingQueue;
|
import com.google.common.collect.EvictingQueue;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
|
||||||
import org.springframework.boot.actuate.web.exchanges.HttpExchange;
|
import org.springframework.boot.actuate.web.exchanges.HttpExchange;
|
||||||
import org.springframework.boot.actuate.web.exchanges.HttpExchangeRepository;
|
import org.springframework.boot.actuate.web.exchanges.HttpExchangeRepository;
|
||||||
|
|
||||||
@ -36,7 +35,6 @@ import org.springframework.boot.actuate.web.exchanges.HttpExchangeRepository;
|
|||||||
* @author nbaars
|
* @author nbaars
|
||||||
* @since 8/13/17.
|
* @since 8/13/17.
|
||||||
*/
|
*/
|
||||||
@Slf4j
|
|
||||||
public class WebWolfTraceRepository implements HttpExchangeRepository {
|
public class WebWolfTraceRepository implements HttpExchangeRepository {
|
||||||
|
|
||||||
private final EvictingQueue<HttpExchange> traces = EvictingQueue.create(10000);
|
private final EvictingQueue<HttpExchange> traces = EvictingQueue.create(10000);
|
||||||
@ -46,7 +44,6 @@ public class WebWolfTraceRepository implements HttpExchangeRepository {
|
|||||||
"/home",
|
"/home",
|
||||||
"/files",
|
"/files",
|
||||||
"/images/",
|
"/images/",
|
||||||
"/favicon.ico",
|
|
||||||
"/js/",
|
"/js/",
|
||||||
"/webjars/",
|
"/webjars/",
|
||||||
"/requests",
|
"/requests",
|
||||||
|
@ -1,10 +1,12 @@
|
|||||||
server.error.include-stacktrace=always
|
server.error.include-stacktrace=always
|
||||||
server.error.path=/error.html
|
server.error.path=/error.html
|
||||||
server.servlet.context-path=/WebGoat
|
server.servlet.context-path=${webgoat.context}
|
||||||
server.servlet.session.persistent=false
|
server.servlet.session.persistent=false
|
||||||
server.port=${webgoat.port:8080}
|
server.port=${webgoat.port}
|
||||||
server.address=${webgoat.host}
|
server.address=${webgoat.host}
|
||||||
webgoat.host=${WEBGOAT_HOST:127.0.0.1}
|
webgoat.host=${WEBGOAT_HOST:127.0.0.1}
|
||||||
|
webgoat.port=${WEBGOAT_PORT:8080}
|
||||||
|
webgoat.context=${WEBGOAT_CONTEXT:/WebGoat}
|
||||||
spring.application.name=WebGoat
|
spring.application.name=WebGoat
|
||||||
|
|
||||||
server.ssl.key-store-type=${WEBGOAT_KEYSTORE_TYPE:PKCS12}
|
server.ssl.key-store-type=${WEBGOAT_KEYSTORE_TYPE:PKCS12}
|
||||||
@ -27,9 +29,10 @@ logging.level.org.thymeleaf.TemplateEngine.cache.TEMPLATE_CACHE=INFO
|
|||||||
logging.level.org.springframework.web=INFO
|
logging.level.org.springframework.web=INFO
|
||||||
logging.level.org.springframework=INFO
|
logging.level.org.springframework=INFO
|
||||||
logging.level.org.springframework.boot.devtools=INFO
|
logging.level.org.springframework.boot.devtools=INFO
|
||||||
logging.level.org.owasp=DEBUG
|
logging.level.org.owasp=INFO
|
||||||
logging.level.org.owasp.webgoat=DEBUG
|
logging.level.org.owasp.webgoat=INFO
|
||||||
logging.level.org.hidbernate.SQL=DEBUG
|
logging.level.org.hidbernate.SQL=INFO
|
||||||
|
|
||||||
|
|
||||||
webgoat.server.directory=${user.home}/.webgoat-${webgoat.build.version}/
|
webgoat.server.directory=${user.home}/.webgoat-${webgoat.build.version}/
|
||||||
webgoat.user.directory=${user.home}/.webgoat-${webgoat.build.version}/
|
webgoat.user.directory=${user.home}/.webgoat-${webgoat.build.version}/
|
||||||
@ -43,7 +46,8 @@ webgoat.default.language=en
|
|||||||
|
|
||||||
webwolf.host=${WEBWOLF_HOST:127.0.0.1}
|
webwolf.host=${WEBWOLF_HOST:127.0.0.1}
|
||||||
webwolf.port=${WEBWOLF_PORT:9090}
|
webwolf.port=${WEBWOLF_PORT:9090}
|
||||||
webwolf.url=http://${webwolf.host}:${webwolf.port}
|
webwolf.context=${WEBWOLF_CONTEXT:/WebWolf}
|
||||||
|
webwolf.url=http://${webwolf.host}:${webwolf.port}${webwolf.context}
|
||||||
webwolf.landingpage.url=${webwolf.url}/landing
|
webwolf.landingpage.url=${webwolf.url}/landing
|
||||||
webwolf.mail.url=${webwolf.url}/mail
|
webwolf.mail.url=${webwolf.url}/mail
|
||||||
|
|
||||||
@ -62,3 +66,7 @@ exclude.lessons=${EXCLUDE_LESSONS:none,none}
|
|||||||
management.health.db.enabled=true
|
management.health.db.enabled=true
|
||||||
management.endpoint.health.show-details=always
|
management.endpoint.health.show-details=always
|
||||||
management.endpoints.web.exposure.include=env, health,configprops
|
management.endpoints.web.exposure.include=env, health,configprops
|
||||||
|
|
||||||
|
spring.security.oauth2.client.registration.github.client-id=${WEBGOAT_OAUTH_CLIENTID:dummy}
|
||||||
|
spring.security.oauth2.client.registration.github.client-secret=${WEBGOAT_OAUTH_CLIENTSECRET:dummy}
|
||||||
|
|
||||||
|
@ -1,10 +1,13 @@
|
|||||||
server.error.include-stacktrace=always
|
server.error.include-stacktrace=always
|
||||||
server.error.path=/error.html
|
server.error.path=/error.html
|
||||||
server.port=${webwolf.port:9090}
|
server.servlet.context-path=${webwolf.context}
|
||||||
|
server.port=${webwolf.port}
|
||||||
server.address=${webwolf.host}
|
server.address=${webwolf.host}
|
||||||
spring.application.name=WebWolf
|
spring.application.name=WebWolf
|
||||||
|
|
||||||
webwolf.host=${WEBWOLF_HOST:127.0.0.1}
|
webwolf.host=${WEBWOLF_HOST:127.0.0.1}
|
||||||
|
webwolf.port=${WEBWOLF_PORT:9090}
|
||||||
|
webwolf.context=${WEBWOLF_CONTEXT:/WebWolf}
|
||||||
|
|
||||||
management.server.port=-1
|
management.server.port=-1
|
||||||
server.servlet.session.cookie.name=WEBWOLFSESSION
|
server.servlet.session.cookie.name=WEBWOLFSESSION
|
||||||
@ -47,3 +50,6 @@ spring.jackson.serialization.write-dates-as-timestamps=false
|
|||||||
|
|
||||||
#For static file refresh ... and faster dev :D
|
#For static file refresh ... and faster dev :D
|
||||||
spring.devtools.restart.additional-paths=webwolf/src/main/resources/static/
|
spring.devtools.restart.additional-paths=webwolf/src/main/resources/static/
|
||||||
|
|
||||||
|
spring.security.oauth2.client.registration.github.client-id=${WEBWOLF_OAUTH_CLIENTID:dummy}
|
||||||
|
spring.security.oauth2.client.registration.github.client-secret=${WEBWOLF_OAUTH_CLIENTSECRET:dummy}
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN" id="verify-account-form"
|
<form class="attack-form" accept-charset="UNKNOWN" id="verify-account-form"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
successCallback="onBypassResponse"
|
successCallback="onBypassResponse"
|
||||||
action="/WebGoat/auth-bypass/verify-account">
|
action="auth-bypass/verify-account">
|
||||||
<p>Verify Your Account by answering the questions below:</p>
|
<p>Verify Your Account by answering the questions below:</p>
|
||||||
|
|
||||||
<p>What is the name of your favorite teacher?</p>
|
<p>What is the name of your favorite teacher?</p>
|
||||||
@ -43,7 +43,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN" id="change-password-form"
|
<form class="attack-form" accept-charset="UNKNOWN" id="change-password-form"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
successCallback="onBypassResponse"
|
successCallback="onBypassResponse"
|
||||||
action="/WebGoat/auth-bypass/verify-account"
|
action="auth-bypass/verify-account"
|
||||||
style="display:none"><!-- start off hidden -->
|
style="display:none"><!-- start off hidden -->
|
||||||
<p>Please provide a new password for your account</p>
|
<p>Please provide a new password for your account</p>
|
||||||
|
|
||||||
|
@ -9,7 +9,7 @@ var onViewProfile = function () {
|
|||||||
console.warn("on view profile activated")
|
console.warn("on view profile activated")
|
||||||
webgoat.customjs.jquery.ajax({
|
webgoat.customjs.jquery.ajax({
|
||||||
method: "GET",
|
method: "GET",
|
||||||
url: "/WebGoat/IDOR/profile",
|
url: "IDOR/profile",
|
||||||
contentType: 'application/json; charset=UTF-8'
|
contentType: 'application/json; charset=UTF-8'
|
||||||
}).then(webgoat.customjs.idorViewProfile);
|
}).then(webgoat.customjs.idorViewProfile);
|
||||||
}
|
}
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" name="fieldRestrictions"
|
<form class="attack-form" accept-charset="UNKNOWN" name="fieldRestrictions"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/BypassRestrictions/FieldRestrictions">
|
action="BypassRestrictions/FieldRestrictions">
|
||||||
|
|
||||||
<div class="bypass-input-container"><b>Select field with two possible value</b>
|
<div class="bypass-input-container"><b>Select field with two possible value</b>
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
@ -66,7 +66,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN" name="frontendValidation"
|
<form class="attack-form" accept-charset="UNKNOWN" name="frontendValidation"
|
||||||
id="frontendValidation"
|
id="frontendValidation"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/BypassRestrictions/frontendValidation"
|
action="BypassRestrictions/frontendValidation"
|
||||||
onsubmit="return validate()">
|
onsubmit="return validate()">
|
||||||
<div>
|
<div>
|
||||||
<strong>Field 1:</strong> exactly three lowercase characters(^[a-z]{3}$)
|
<strong>Field 1:</strong> exactly three lowercase characters(^[a-z]{3}$)
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
The challenges contain more a CTF like lessons where we do not provide any explanations what you need to do, no hints
|
The challenges contain more a CTF like lessons where we do not provide any explanations what you need to do, no hints
|
||||||
will be provided. You can use these challenges in a CTF style where you can run WebGoat on one server and all
|
will be provided. You can use these challenges in a CTF style where you can run WebGoat on one server and all
|
||||||
participants can join and hack the challenges. A scoreboard is available at link:/WebGoat/scoreboard["/WebGoat/scoreboard",window=_blank]
|
participants can join and hack the challenges. A scoreboard is available at link:scoreboard["scoreboard",window=_blank]
|
||||||
|
|
||||||
:hardbreaks:
|
:hardbreaks:
|
||||||
In this CTF you will need to solve a couple of challenges, each challenge will give you a flag which you will
|
In this CTF you will need to solve a couple of challenges, each challenge will give you a flag which you will
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
<div class="panel-body">
|
<div class="panel-body">
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/challenge/1"
|
action="challenge/1"
|
||||||
style="width: 200px;">
|
style="width: 200px;">
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
@ -37,7 +37,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/challenge/flag">
|
<form class="attack-form" method="POST" name="form" action="challenge/flag">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
||||||
|
@ -25,7 +25,7 @@
|
|||||||
<div class="col-lg-12">
|
<div class="col-lg-12">
|
||||||
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/challenge/5" role="form">
|
action="challenge/5" role="form">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="text" name="username_login" id="username4" tabindex="1"
|
<input type="text" name="username_login" id="username4" tabindex="1"
|
||||||
class="form-control" placeholder="Username" value=""/>
|
class="form-control" placeholder="Username" value=""/>
|
||||||
@ -66,7 +66,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<br/>
|
<br/>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/challenge/flag">
|
<form class="attack-form" method="POST" name="form" action="challenge/flag">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
||||||
|
@ -29,7 +29,7 @@
|
|||||||
<div class="col-lg-12">
|
<div class="col-lg-12">
|
||||||
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/challenge/6" role="form">
|
action="challenge/6" role="form">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="text" name="username_login" id="username4" tabindex="1"
|
<input type="text" name="username_login" id="username4" tabindex="1"
|
||||||
class="form-control" placeholder="Username" value=""/>
|
class="form-control" placeholder="Username" value=""/>
|
||||||
@ -64,7 +64,7 @@
|
|||||||
</form>
|
</form>
|
||||||
<form id="register-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="register-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="PUT" name="form"
|
method="PUT" name="form"
|
||||||
action="/WebGoat/challenge/6" style="display: none;" role="form">
|
action="challenge/6" style="display: none;" role="form">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="text" name="username_reg" id="username" tabindex="1"
|
<input type="text" name="username_reg" id="username" tabindex="1"
|
||||||
class="form-control" placeholder="Username" value=""/>
|
class="form-control" placeholder="Username" value=""/>
|
||||||
@ -99,7 +99,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<br/>
|
<br/>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/challenge/flag">
|
<form class="attack-form" method="POST" name="form" action="challenge/flag">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
||||||
|
@ -28,7 +28,7 @@ f94008f801fceb8833a30fe56a8b26976347edcf First version of WebGoat Cloud website
|
|||||||
|
|
||||||
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/challenge/7" role="form">
|
action="challenge/7" role="form">
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
@ -43,7 +43,7 @@ f94008f801fceb8833a30fe56a8b26976347edcf First version of WebGoat Cloud website
|
|||||||
value="Reset Password" type="submit"/>
|
value="Reset Password" type="submit"/>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<p>(c) 2017 WebGoat Cloud Platform</p>
|
<p>(c) 2023 WebGoat Cloud Platform</p>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<input type="hidden" class="hide" name="token" id="token" value=""/>
|
<input type="hidden" class="hide" name="token" id="token" value=""/>
|
||||||
@ -57,7 +57,7 @@ f94008f801fceb8833a30fe56a8b26976347edcf First version of WebGoat Cloud website
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<br/>
|
<br/>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/challenge/flag">
|
<form class="attack-form" method="POST" name="form" action="challenge/flag">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
||||||
|
@ -231,7 +231,7 @@
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<br/>
|
<br/>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/challenge/flag">
|
<form class="attack-form" method="POST" name="form" action="challenge/flag">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="DOMFollowUp"
|
method="POST" name="DOMFollowUp"
|
||||||
action="/WebGoat/ChromeDevTools/dummy">
|
action="ChromeDevTools/dummy">
|
||||||
<input name="successMessage" value="" type="TEXT" />
|
<input name="successMessage" value="" type="TEXT" />
|
||||||
<input name="submitMessage" value="Submit" type="SUBMIT"/>
|
<input name="submitMessage" value="Submit" type="SUBMIT"/>
|
||||||
</form>
|
</form>
|
||||||
@ -45,7 +45,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/ChromeDevTools/network">
|
action="ChromeDevTools/network">
|
||||||
<script>
|
<script>
|
||||||
// sample custom javascript in the recommended way ...
|
// sample custom javascript in the recommended way ...
|
||||||
// a namespace has been assigned for it, but you can roll your own if you prefer
|
// a namespace has been assigned for it, but you can roll your own if you prefer
|
||||||
@ -66,7 +66,7 @@
|
|||||||
|
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/ChromeDevTools/network">
|
action="ChromeDevTools/network">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>What is the number you found: </td>
|
<td>What is the number you found: </td>
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
<input type="hidden" id="user_id" value="102"/>
|
<input type="hidden" id="user_id" value="102"/>
|
||||||
<!-- using attack-form class on your form, will allow your request to be ajaxified and stay within the display framework for webgoat -->
|
<!-- using attack-form class on your form, will allow your request to be ajaxified and stay within the display framework for webgoat -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" method="POST" name="form"
|
<form class="attack-form" accept-charset="UNKNOWN" method="POST" name="form"
|
||||||
action="/WebGoat/clientSideFiltering/attack1">
|
action="clientSideFiltering/attack1">
|
||||||
<link rel="stylesheet" type="text/css"
|
<link rel="stylesheet" type="text/css"
|
||||||
th:href="@{/lesson_css/clientSideFiltering-stage1.css}"/>
|
th:href="@{/lesson_css/clientSideFiltering-stage1.css}"/>
|
||||||
<script th:src="@{/lesson_js/clientSideFiltering.js}"
|
<script th:src="@{/lesson_js/clientSideFiltering.js}"
|
||||||
@ -83,7 +83,7 @@
|
|||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/clientSideFiltering/getItForFree">
|
action="clientSideFiltering/getItForFree">
|
||||||
|
|
||||||
<input id="discount" type="hidden" value="0"/>
|
<input id="discount" type="hidden" value="0"/>
|
||||||
<div class="row">
|
<div class="row">
|
||||||
|
@ -7,10 +7,10 @@
|
|||||||
* JavaScript to load initial assignment tokens
|
* JavaScript to load initial assignment tokens
|
||||||
*/
|
*/
|
||||||
function initialise() {
|
function initialise() {
|
||||||
$("#sha256token").load('/WebGoat/crypto/hashing/sha256');
|
$("#sha256token").load('crypto/hashing/sha256');
|
||||||
$("#md5token").load('/WebGoat/crypto/hashing/md5');
|
$("#md5token").load('crypto/hashing/md5');
|
||||||
$("#basicauthtoken").load('/WebGoat/crypto/encoding/basic');
|
$("#basicauthtoken").load('crypto/encoding/basic');
|
||||||
$("#privatekey").load('/WebGoat/crypto/signing/getprivate');
|
$("#privatekey").load('crypto/signing/getprivate');
|
||||||
}
|
}
|
||||||
$(document).ready(initialise);
|
$(document).ready(initialise);
|
||||||
</script>
|
</script>
|
||||||
@ -28,7 +28,7 @@ $(document).ready(initialise);
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
Now suppose you have intercepted the following header:<br/>
|
Now suppose you have intercepted the following header:<br/>
|
||||||
<div id="basicauthtoken" ></div><br/>
|
<div id="basicauthtoken" ></div><br/>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/crypto/encoding/basic-auth">
|
<form class="attack-form" method="POST" name="form" action="crypto/encoding/basic-auth">
|
||||||
Then what was the username
|
Then what was the username
|
||||||
<input name="answer_user" value="" type="TEXT"/>
|
<input name="answer_user" value="" type="TEXT"/>
|
||||||
and what was the password:
|
and what was the password:
|
||||||
@ -45,7 +45,7 @@ $(document).ready(initialise);
|
|||||||
<!-- 3. assignment xor -->
|
<!-- 3. assignment xor -->
|
||||||
<div class="attack-container">
|
<div class="attack-container">
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/crypto/encoding/xor">
|
<form class="attack-form" method="POST" name="form" action="crypto/encoding/xor">
|
||||||
Suppose you found the database password encoded as {xor}Oz4rPj0+LDovPiwsKDAtOw==<br/>
|
Suppose you found the database password encoded as {xor}Oz4rPj0+LDovPiwsKDAtOw==<br/>
|
||||||
What would be the actual password
|
What would be the actual password
|
||||||
<input name="answer_pwd1" value="" type="TEXT"/><br/>
|
<input name="answer_pwd1" value="" type="TEXT"/><br/>
|
||||||
@ -62,7 +62,7 @@ $(document).ready(initialise);
|
|||||||
<!-- 4. weak hashing exercise -->
|
<!-- 4. weak hashing exercise -->
|
||||||
<div class="attack-container">
|
<div class="attack-container">
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/crypto/hashing">
|
<form class="attack-form" method="POST" name="form" action="crypto/hashing">
|
||||||
Which password belongs to this hash: <div id="md5token" ></div>
|
Which password belongs to this hash: <div id="md5token" ></div>
|
||||||
<input name="answer_pwd1" value="" type="TEXT"/><br/>
|
<input name="answer_pwd1" value="" type="TEXT"/><br/>
|
||||||
Which password belongs to this hash: <div id="sha256token" ></div>
|
Which password belongs to this hash: <div id="sha256token" ></div>
|
||||||
@ -87,7 +87,7 @@ $(document).ready(initialise);
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
Now suppose you have the following private key:<br/>
|
Now suppose you have the following private key:<br/>
|
||||||
<pre><div id="privatekey" ></div></pre><br/>
|
<pre><div id="privatekey" ></div></pre><br/>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/crypto/signing/verify">
|
<form class="attack-form" method="POST" name="form" action="crypto/signing/verify">
|
||||||
Then what was the modulus of the public key
|
Then what was the modulus of the public key
|
||||||
<input name="modulus" value="" type="TEXT"/>
|
<input name="modulus" value="" type="TEXT"/>
|
||||||
and now provide a signature for us based on that modulus
|
and now provide a signature for us based on that modulus
|
||||||
@ -110,7 +110,7 @@ $(document).ready(initialise);
|
|||||||
<!-- 8. assignment -->
|
<!-- 8. assignment -->
|
||||||
<div class="attack-container">
|
<div class="attack-container">
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/crypto/secure/defaults">
|
<form class="attack-form" method="POST" name="form" action="crypto/secure/defaults">
|
||||||
What is the unencrypted message<br/>
|
What is the unencrypted message<br/>
|
||||||
<input name="secretText" value="" type="TEXT"/><br/>
|
<input name="secretText" value="" type="TEXT"/><br/>
|
||||||
and what is the name of the file that stored the password <br/>
|
and what is the name of the file that stored the password <br/>
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
method="POST" name="form1"
|
method="POST" name="form1"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
successCallback=""
|
successCallback=""
|
||||||
action="/WebGoat/csrf/basic-get-flag">
|
action="csrf/basic-get-flag">
|
||||||
<input name="csrf" type="hidden" value="false"/>
|
<input name="csrf" type="hidden" value="false"/>
|
||||||
<input type="submit" name="submit"/>
|
<input type="submit" name="submit"/>
|
||||||
|
|
||||||
@ -35,7 +35,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN" id="confirm-flag-1"
|
<form class="attack-form" accept-charset="UNKNOWN" id="confirm-flag-1"
|
||||||
method="POST" name="form2"
|
method="POST" name="form2"
|
||||||
successCallback=""
|
successCallback=""
|
||||||
action="/WebGoat/csrf/confirm-flag-1">
|
action="csrf/confirm-flag-1">
|
||||||
|
|
||||||
Confirm Flag Value:
|
Confirm Flag Value:
|
||||||
<input type="text" length="6" name="confirmFlagVal" value=""/>
|
<input type="text" length="6" name="confirmFlagVal" value=""/>
|
||||||
@ -93,7 +93,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN" id="csrf-review"
|
<form class="attack-form" accept-charset="UNKNOWN" id="csrf-review"
|
||||||
method="POST" name="review-form"
|
method="POST" name="review-form"
|
||||||
successCallback=""
|
successCallback=""
|
||||||
action="/WebGoat/csrf/review">
|
action="csrf/review">
|
||||||
<input class="form-control" id="reviewText" name="reviewText" placeholder="Add a Review"
|
<input class="form-control" id="reviewText" name="reviewText" placeholder="Add a Review"
|
||||||
type="text"/>
|
type="text"/>
|
||||||
<input class="form-control" id="reviewStars" name="stars" type="text"/>
|
<input class="form-control" id="reviewStars" name="stars" type="text"/>
|
||||||
@ -146,7 +146,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN" id="csrf-feedback"
|
<form class="attack-form" accept-charset="UNKNOWN" id="csrf-feedback"
|
||||||
method="POST"
|
method="POST"
|
||||||
prepareData="feedback"
|
prepareData="feedback"
|
||||||
action="/WebGoat/csrf/feedback/message"
|
action="csrf/feedback/message"
|
||||||
contentType="application/json">
|
contentType="application/json">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
@ -212,7 +212,7 @@
|
|||||||
</div>
|
</div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" id="confirm-flag-feedback"
|
<form class="attack-form" accept-charset="UNKNOWN" id="confirm-flag-feedback"
|
||||||
method="POST" name="form2"
|
method="POST" name="form2"
|
||||||
action="/WebGoat/csrf/feedback">
|
action="csrf/feedback">
|
||||||
|
|
||||||
Confirm Flag Value:
|
Confirm Flag Value:
|
||||||
<input type="text" length="6" name="confirmFlagVal" value=""/>
|
<input type="text" length="6" name="confirmFlagVal" value=""/>
|
||||||
@ -236,7 +236,7 @@
|
|||||||
</div>
|
</div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" id="confirm-flag-login"
|
<form class="attack-form" accept-charset="UNKNOWN" id="confirm-flag-login"
|
||||||
method="POST" name="form2"
|
method="POST" name="form2"
|
||||||
action="/WebGoat/csrf/login">
|
action="csrf/login">
|
||||||
|
|
||||||
Press the button below when your are logged in as the other user<br/>
|
Press the button below when your are logged in as the other user<br/>
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/InsecureDeserialization/task">
|
action="InsecureDeserialization/task">
|
||||||
|
|
||||||
<input type="textarea" rows="4" cols="40" value="" name="token" placeholder="token"/>
|
<input type="textarea" rows="4" cols="40" value="" name="token" placeholder="token"/>
|
||||||
<input type="submit" value="Submit" />
|
<input type="submit" value="Submit" />
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" method="POST"
|
<form class="attack-form" accept-charset="UNKNOWN" method="POST"
|
||||||
action="/WebGoat/HijackSession/login">
|
action="HijackSession/login">
|
||||||
<div style="padding: 20px;" id="password-login">
|
<div style="padding: 20px;" id="password-login">
|
||||||
<h4 style="border-bottom: 1px solid #c5c5c5;">Account Access</h4>
|
<h4 style="border-bottom: 1px solid #c5c5c5;">Account Access</h4>
|
||||||
<fieldset>
|
<fieldset>
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" id="task" name="task"
|
<form class="attack-form" accept-charset="UNKNOWN" id="task" name="task"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/HtmlTampering/task">
|
action="HtmlTampering/task">
|
||||||
<script>
|
<script>
|
||||||
var regex = /^2999.99$/;
|
var regex = /^2999.99$/;
|
||||||
var price = 2999.99;
|
var price = 2999.99;
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
<!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
|
<!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/HttpBasics/attack1">
|
action="HttpBasics/attack1">
|
||||||
<div id="lessonContent">
|
<div id="lessonContent">
|
||||||
<form accept-charset="UNKNOWN" method="POST" name="form"
|
<form accept-charset="UNKNOWN" method="POST" name="form"
|
||||||
action="#attack/307/100">
|
action="#attack/307/100">
|
||||||
@ -51,7 +51,7 @@
|
|||||||
<!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
|
<!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/HttpBasics/attack2">
|
action="HttpBasics/attack2">
|
||||||
<script>
|
<script>
|
||||||
// sample custom javascript in the recommended way ...
|
// sample custom javascript in the recommended way ...
|
||||||
// a namespace has been assigned for it, but you can roll your own if you prefer
|
// a namespace has been assigned for it, but you can roll your own if you prefer
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" name="intercept-request"
|
<form class="attack-form" accept-charset="UNKNOWN" name="intercept-request"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/HttpProxies/intercept-request">
|
action="HttpProxies/intercept-request">
|
||||||
|
|
||||||
<input type="text" value="doesn't matter really" name="changeMe" />
|
<input type="text" value="doesn't matter really" name="changeMe" />
|
||||||
<input type="submit" value="Submit" />
|
<input type="submit" value="Submit" />
|
||||||
|
@ -22,7 +22,7 @@
|
|||||||
<!-- modify the action to point to the intended endpoint -->
|
<!-- modify the action to point to the intended endpoint -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/IDOR/login">
|
action="IDOR/login">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>user/pass</td>
|
<td>user/pass</td>
|
||||||
@ -57,7 +57,7 @@
|
|||||||
<!-- modify the action to point to the intended endpoint -->
|
<!-- modify the action to point to the intended endpoint -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="GET" name="form"
|
method="GET" name="form"
|
||||||
action="/WebGoat/IDOR/profile">
|
action="IDOR/profile">
|
||||||
<script th:src="@{/lesson_js/idor.js}" />
|
<script th:src="@{/lesson_js/idor.js}" />
|
||||||
|
|
||||||
<input name="View Profile" value="View Profile" type="button" onclick="onViewProfile();" />
|
<input name="View Profile" value="View Profile" type="button" onclick="onViewProfile();" />
|
||||||
@ -107,7 +107,7 @@
|
|||||||
<!-- modify the action to point to the intended endpoint -->
|
<!-- modify the action to point to the intended endpoint -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/IDOR/profile/alt-path">
|
action="IDOR/profile/alt-path">
|
||||||
<div class="adoc-content" th:replace="~{doc:lessons/idor/documentation/IDOR_inputAltPath.adoc}"></div>
|
<div class="adoc-content" th:replace="~{doc:lessons/idor/documentation/IDOR_inputAltPath.adoc}"></div>
|
||||||
<input name="url" value="WebGoat/" type="text"/>
|
<input name="url" value="WebGoat/" type="text"/>
|
||||||
<input name="submit" value="Submit" type="SUBMIT"/>
|
<input name="submit" value="Submit" type="SUBMIT"/>
|
||||||
@ -134,7 +134,7 @@
|
|||||||
<!-- modify the action to point to the intended endpoint -->
|
<!-- modify the action to point to the intended endpoint -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" id="view-other"
|
<form class="attack-form" accept-charset="UNKNOWN" id="view-other"
|
||||||
method="GET" name="view-other-profile"
|
method="GET" name="view-other-profile"
|
||||||
action="/WebGoat/IDOR/profile/{userId}">
|
action="IDOR/profile/{userId}">
|
||||||
<script th:src="@{/lesson_js/idor.js}" />
|
<script th:src="@{/lesson_js/idor.js}" />
|
||||||
|
|
||||||
<input name="View Profile" value="View Profile" type="submit" />
|
<input name="View Profile" value="View Profile" type="submit" />
|
||||||
@ -158,7 +158,7 @@
|
|||||||
<!-- modify the action to point to the intended endpoint -->
|
<!-- modify the action to point to the intended endpoint -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" id="edit-other"
|
<form class="attack-form" accept-charset="UNKNOWN" id="edit-other"
|
||||||
method="GET" name="edit-other-profile"
|
method="GET" name="edit-other-profile"
|
||||||
action="/WebGoat/IDOR/profile/{userId}">
|
action="IDOR/profile/{userId}">
|
||||||
<script th:src="@{/lesson_js/idor.js}" />
|
<script th:src="@{/lesson_js/idor.js}" />
|
||||||
|
|
||||||
<input name="View Profile" value="View Profile" type="submit" />
|
<input name="View Profile" value="View Profile" type="submit" />
|
||||||
|
@ -12,7 +12,7 @@ var onViewProfile = function () {
|
|||||||
console.warn("on view profile activated")
|
console.warn("on view profile activated")
|
||||||
webgoat.customjs.jquery.ajax({
|
webgoat.customjs.jquery.ajax({
|
||||||
method: "GET",
|
method: "GET",
|
||||||
url: "/WebGoat/IDOR/profile",
|
url: "IDOR/profile",
|
||||||
contentType: 'application/json; charset=UTF-8'
|
contentType: 'application/json; charset=UTF-8'
|
||||||
}).then(webgoat.customjs.idorViewProfile);
|
}).then(webgoat.customjs.idorViewProfile);
|
||||||
}
|
}
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
<script th:src="@{/lesson_js/credentials.js}"></script>
|
<script th:src="@{/lesson_js/credentials.js}"></script>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/InsecureLogin/task">
|
action="InsecureLogin/task">
|
||||||
|
|
||||||
<button onclick="javascript:submit_secret_credentials();return false;">Log in</button>
|
<button onclick="javascript:submit_secret_credentials();return false;">Log in</button>
|
||||||
|
|
||||||
@ -25,7 +25,7 @@
|
|||||||
<br></br>
|
<br></br>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/InsecureLogin/task">
|
action="InsecureLogin/task">
|
||||||
|
|
||||||
<input type="text" value="" name="username" placeholder="username"/>
|
<input type="text" value="" name="username" placeholder="username"/>
|
||||||
<input type="password" value="" name="password" placeholder="password" />
|
<input type="password" value="" name="password" placeholder="password" />
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
<div class="adoc-content" th:replace="~{doc:lessons/jwt/documentation/JWT_decode.adoc}"></div>
|
<div class="adoc-content" th:replace="~{doc:lessons/jwt/documentation/JWT_decode.adoc}"></div>
|
||||||
<div class="attack-container">
|
<div class="attack-container">
|
||||||
<img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
|
<img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
|
||||||
<form id="decode" class="attack-form" method="POST" name="form" action="/WebGoat/JWT/decode">
|
<form id="decode" class="attack-form" method="POST" name="form" action="JWT/decode">
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<br>
|
<br>
|
||||||
<div class="row">
|
<div class="row">
|
||||||
@ -53,7 +53,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST"
|
method="POST"
|
||||||
successCallback="jwtSigningCallback"
|
successCallback="jwtSigningCallback"
|
||||||
action="/WebGoat/JWT/votings">
|
action="JWT/votings">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
@ -124,7 +124,7 @@
|
|||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<form id="quiz-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="quiz-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/JWT/quiz"
|
action="JWT/quiz"
|
||||||
role="form">
|
role="form">
|
||||||
<div id="q_container"></div>
|
<div id="q_container"></div>
|
||||||
<br/>
|
<br/>
|
||||||
@ -155,7 +155,7 @@
|
|||||||
|
|
||||||
<div class="attack-container">
|
<div class="attack-container">
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/JWT/secret">
|
<form class="attack-form" method="POST" name="form" action="JWT/secret">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
<div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
|
||||||
@ -192,7 +192,7 @@
|
|||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST"
|
method="POST"
|
||||||
additionalHeaders="addBearerToken"
|
additionalHeaders="addBearerToken"
|
||||||
action="/WebGoat/JWT/refresh/checkout">
|
action="JWT/refresh/checkout">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-sm-12 col-md-10 col-md-offset-1">
|
<div class="col-sm-12 col-md-10 col-md-offset-1">
|
||||||
@ -319,7 +319,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/JWT/final/delete?token=eyJ0eXAiOiJKV1QiLCJqa3UiOiJodHRwczovL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3dlYmdvYXQvLndlbGwta25vd24vandrcy5qc29uIiwiYWxnIjoiUlMyNTYifQ.eyJpc3MiOiJXZWJHb2F0IFRva2VuIEJ1aWxkZXIiLCJpYXQiOjE1MjQyMTA5MDQsImV4cCI6MTYxODkwNTMwNCwiYXVkIjoid2ViZ29hdC5vcmciLCJzdWIiOiJqZXJyeUB3ZWJnb2F0LmNvbSIsInVzZXJuYW1lIjoiSmVycnkiLCJFbWFpbCI6ImplcnJ5QHdlYmdvYXQuY29tIiwiUm9sZSI6WyJDYXQiXX0.SabvRaYSCW7xI0ueca19TL1e66cJIJaxRiydK2G5lgFMIbL5gQQjE6022HEha9HcprqFXyHbtXrQWRXAp6Gjaf5zs8LUMBMARWjEr8TS43ihguarmLLmvBCoqjiZY39o4EcEjEH9xAoyIYR_Trh7kXn6JVU-8MM76l9IOcYIJ9c8LqT1ERNmbCqtI4PP0tdqCy99nHhqlxSCVXaGDF0jMHV5kjCDSHNYib9riy9xZ63Sztify-bwPqRvxmaShPYtG4BBM_wOGlg-BYTTuws-6yISMfTB5U1WBDwLr6dLU123TGO26wCVBgTKbA0KKG94-ToOcneWLOTEacEfQQOlIQ">
|
action="JWT/final/delete?token=eyJ0eXAiOiJKV1QiLCJqa3UiOiJodHRwczovL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3dlYmdvYXQvLndlbGwta25vd24vandrcy5qc29uIiwiYWxnIjoiUlMyNTYifQ.eyJpc3MiOiJXZWJHb2F0IFRva2VuIEJ1aWxkZXIiLCJpYXQiOjE1MjQyMTA5MDQsImV4cCI6MTYxODkwNTMwNCwiYXVkIjoid2ViZ29hdC5vcmciLCJzdWIiOiJqZXJyeUB3ZWJnb2F0LmNvbSIsInVzZXJuYW1lIjoiSmVycnkiLCJFbWFpbCI6ImplcnJ5QHdlYmdvYXQuY29tIiwiUm9sZSI6WyJDYXQiXX0.SabvRaYSCW7xI0ueca19TL1e66cJIJaxRiydK2G5lgFMIbL5gQQjE6022HEha9HcprqFXyHbtXrQWRXAp6Gjaf5zs8LUMBMARWjEr8TS43ihguarmLLmvBCoqjiZY39o4EcEjEH9xAoyIYR_Trh7kXn6JVU-8MM76l9IOcYIJ9c8LqT1ERNmbCqtI4PP0tdqCy99nHhqlxSCVXaGDF0jMHV5kjCDSHNYib9riy9xZ63Sztify-bwPqRvxmaShPYtG4BBM_wOGlg-BYTTuws-6yISMfTB5U1WBDwLr6dLU123TGO26wCVBgTKbA0KKG94-ToOcneWLOTEacEfQQOlIQ">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div id="toast"></div>
|
<div id="toast"></div>
|
||||||
<div class="col-sm-6 col-md-4 col-lg-3 mt-4">
|
<div class="col-sm-6 col-md-4 col-lg-3 mt-4">
|
||||||
@ -385,7 +385,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/JWT/kid/delete?token=eyJ0eXAiOiJKV1QiLCJraWQiOiJ3ZWJnb2F0X2tleSIsImFsZyI6IkhTMjU2In0.eyJpc3MiOiJXZWJHb2F0IFRva2VuIEJ1aWxkZXIiLCJpYXQiOjE1MjQyMTA5MDQsImV4cCI6MTYxODkwNTMwNCwiYXVkIjoid2ViZ29hdC5vcmciLCJzdWIiOiJqZXJyeUB3ZWJnb2F0LmNvbSIsInVzZXJuYW1lIjoiSmVycnkiLCJFbWFpbCI6ImplcnJ5QHdlYmdvYXQuY29tIiwiUm9sZSI6WyJDYXQiXX0.CgZ27DzgVW8gzc0n6izOU638uUCi6UhiOJKYzoEZGE8">
|
action="JWT/kid/delete?token=eyJ0eXAiOiJKV1QiLCJraWQiOiJ3ZWJnb2F0X2tleSIsImFsZyI6IkhTMjU2In0.eyJpc3MiOiJXZWJHb2F0IFRva2VuIEJ1aWxkZXIiLCJpYXQiOjE1MjQyMTA5MDQsImV4cCI6MTYxODkwNTMwNCwiYXVkIjoid2ViZ29hdC5vcmciLCJzdWIiOiJqZXJyeUB3ZWJnb2F0LmNvbSIsInVzZXJuYW1lIjoiSmVycnkiLCJFbWFpbCI6ImplcnJ5QHdlYmdvYXQuY29tIiwiUm9sZSI6WyJDYXQiXX0.CgZ27DzgVW8gzc0n6izOU638uUCi6UhiOJKYzoEZGE8">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div id="toast"></div>
|
<div id="toast"></div>
|
||||||
<div class="col-sm-6 col-md-4 col-lg-3 mt-4">
|
<div class="col-sm-6 col-md-4 col-lg-3 mt-4">
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
$(document).ready(
|
$(document).ready(
|
||||||
function(){
|
function(){
|
||||||
$("#secrettoken").load('/WebGoat/JWT/secret/gettoken');
|
$("#secrettoken").load('JWT/secret/gettoken');
|
||||||
}
|
}
|
||||||
);
|
);
|
@ -87,7 +87,7 @@ green when the user solves the assignment. To make this work we need to add to t
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/lesson-template/sample-attack">
|
action="lesson-template/sample-attack">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>two random params</td>
|
<td>two random params</td>
|
||||||
|
@ -47,7 +47,7 @@
|
|||||||
<!-- modify the action to point to the intended endpoint and set other attributes as desired -->
|
<!-- modify the action to point to the intended endpoint and set other attributes as desired -->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/lesson-template/sample-attack">
|
action="lesson-template/sample-attack">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>two random params</td>
|
<td>two random params</td>
|
||||||
|
@ -12,7 +12,7 @@ var onViewProfile = function () {
|
|||||||
console.warn("on view profile activated")
|
console.warn("on view profile activated")
|
||||||
webgoat.customjs.jquery.ajax({
|
webgoat.customjs.jquery.ajax({
|
||||||
method: "GET",
|
method: "GET",
|
||||||
url: "/WebGoat/IDOR/profile",
|
url: "IDOR/profile",
|
||||||
contentType: 'application/json; charset=UTF-8'
|
contentType: 'application/json; charset=UTF-8'
|
||||||
}).then(webgoat.customjs.idorViewProfile);
|
}).then(webgoat.customjs.idorViewProfile);
|
||||||
}
|
}
|
||||||
|
@ -16,7 +16,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/LogSpoofing/log-spoofing">
|
action="LogSpoofing/log-spoofing">
|
||||||
|
|
||||||
<input type="text" value="" name="username" placeholder="username"/>
|
<input type="text" value="" name="username" placeholder="username"/>
|
||||||
<input type="password" value="" name="password" placeholder="password"/>
|
<input type="password" value="" name="password" placeholder="password"/>
|
||||||
@ -38,7 +38,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
<form class="attack-form" accept-charset="UNKNOWN" name="task"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/LogSpoofing/log-bleeding">
|
action="LogSpoofing/log-bleeding">
|
||||||
|
|
||||||
<input type="text" value="" name="username" placeholder="username"/>
|
<input type="text" value="" name="username" placeholder="username"/>
|
||||||
<input type="password" value="" name="password" placeholder="password"/>
|
<input type="password" value="" name="password" placeholder="password"/>
|
||||||
|
@ -53,7 +53,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/access-control/hidden-menu">
|
action="access-control/hidden-menu">
|
||||||
|
|
||||||
<p>Hidden item 1 <input name="hiddenMenu1" value="" type="TEXT"/></p>
|
<p>Hidden item 1 <input name="hiddenMenu1" value="" type="TEXT"/></p>
|
||||||
<p>Hidden item 2 <input name="hiddenMenu2" value="" type="TEXT"/></p>
|
<p>Hidden item 2 <input name="hiddenMenu2" value="" type="TEXT"/></p>
|
||||||
@ -76,7 +76,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/access-control/user-hash">
|
action="access-control/user-hash">
|
||||||
|
|
||||||
<p>Your Hash: <input name="userHash" value="" type="TEXT"/></p>
|
<p>Your Hash: <input name="userHash" value="" type="TEXT"/></p>
|
||||||
<br/>
|
<br/>
|
||||||
@ -98,7 +98,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/access-control/user-hash-fix">
|
action="access-control/user-hash-fix">
|
||||||
|
|
||||||
<p>Your Hash: <input name="userHash" value="" type="TEXT"/></p>
|
<p>Your Hash: <input name="userHash" value="" type="TEXT"/></p>
|
||||||
<br/>
|
<br/>
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
|
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
|
<form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/PasswordReset/simple-mail/reset">
|
action="PasswordReset/simple-mail/reset">
|
||||||
<div style="display: none;" id="password-reset-2">
|
<div style="display: none;" id="password-reset-2">
|
||||||
<h4 class="">Forgot your password?</h4>
|
<h4 class="">Forgot your password?</h4>
|
||||||
|
|
||||||
@ -31,7 +31,7 @@
|
|||||||
<span class="help-block">Please type your e-mail address</span>
|
<span class="help-block">Please type your e-mail address</span>
|
||||||
<div class="form-group input-group">
|
<div class="form-group input-group">
|
||||||
<span class="input-group-addon">@</span>
|
<span class="input-group-addon">@</span>
|
||||||
<input class="form-control" placeholder="test1233@webgoat.org" name="emailReset"
|
<input class="form-control" th:attr="placeholder=${username + '@webgoat.org'}" name="emailReset"
|
||||||
type="email"/>
|
type="email"/>
|
||||||
</div>
|
</div>
|
||||||
<button type="submit" class="btn btn-primary btn-block" id="btn-olvidado">Continue
|
<button type="submit" class="btn btn-primary btn-block" id="btn-olvidado">Continue
|
||||||
@ -47,7 +47,7 @@
|
|||||||
</form>
|
</form>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
|
<form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/PasswordReset/simple-mail">
|
action="PasswordReset/simple-mail">
|
||||||
<div style="padding: 20px;" id="password-login-2">
|
<div style="padding: 20px;" id="password-login-2">
|
||||||
<h4 style="border-bottom: 1px solid #c5c5c5;"><i class="glyphicon glyphicon-user"></i>
|
<h4 style="border-bottom: 1px solid #c5c5c5;"><i class="glyphicon glyphicon-user"></i>
|
||||||
Account
|
Account
|
||||||
@ -103,7 +103,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/PasswordReset/questions">
|
action="PasswordReset/questions">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
<article class="card-body">
|
<article class="card-body">
|
||||||
@ -143,7 +143,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/PasswordReset/SecurityQuestions">
|
action="PasswordReset/SecurityQuestions">
|
||||||
<select name="question">
|
<select name="question">
|
||||||
<option>What is your favorite animal?</option>
|
<option>What is your favorite animal?</option>
|
||||||
<option>In what year was your mother born?</option>
|
<option>In what year was your mother born?</option>
|
||||||
@ -175,7 +175,7 @@
|
|||||||
|
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST"
|
method="POST"
|
||||||
action="/WebGoat/PasswordReset/reset/login">
|
action="PasswordReset/reset/login">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
@ -186,7 +186,7 @@
|
|||||||
<div style="padding: 20px;" id="password-login">
|
<div style="padding: 20px;" id="password-login">
|
||||||
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/PasswordReset/reset/login"
|
action="PasswordReset/reset/login"
|
||||||
role="form">
|
role="form">
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<div class="form-group input-group">
|
<div class="form-group input-group">
|
||||||
@ -222,7 +222,7 @@
|
|||||||
</h4>
|
</h4>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/PasswordReset/ForgotPassword/create-password-reset-link"
|
action="PasswordReset/ForgotPassword/create-password-reset-link"
|
||||||
role="form">
|
role="form">
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<span class="help-block">
|
<span class="help-block">
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
|
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
|
||||||
<form role="form" method="POST" action="/WebGoat/PasswordReset/reset/change-password" th:object="${form}" novalidate="novalidate">
|
<form role="form" method="POST" action="PasswordReset/reset/change-password" th:object="${form}" novalidate="novalidate">
|
||||||
<h2 class="sign_up_title">Reset your password</h2>
|
<h2 class="sign_up_title">Reset your password</h2>
|
||||||
<div class="form-group" th:classappend="${#fields.hasErrors('password')}? 'has-error'">
|
<div class="form-group" th:classappend="${#fields.hasErrors('password')}? 'has-error'">
|
||||||
<input type="hidden" name="resetLink" th:field="*{resetLink}" />
|
<input type="hidden" name="resetLink" th:field="*{resetLink}" />
|
||||||
|
@ -22,7 +22,7 @@
|
|||||||
informationalCallback="profileUploadCallback"
|
informationalCallback="profileUploadCallback"
|
||||||
prepareData="profileUpload"
|
prepareData="profileUpload"
|
||||||
enctype="multipart/form-data"
|
enctype="multipart/form-data"
|
||||||
action="/WebGoat/PathTraversal/profile-upload">
|
action="PathTraversal/profile-upload">
|
||||||
<div class="preview text-center">
|
<div class="preview text-center">
|
||||||
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
||||||
height="200" id="preview"/>
|
height="200" id="preview"/>
|
||||||
@ -76,7 +76,7 @@
|
|||||||
informationalCallback="profileUploadCallbackFix"
|
informationalCallback="profileUploadCallbackFix"
|
||||||
prepareData="profileUploadFix"
|
prepareData="profileUploadFix"
|
||||||
enctype="multipart/form-data"
|
enctype="multipart/form-data"
|
||||||
action="/WebGoat/PathTraversal/profile-upload-fix">
|
action="PathTraversal/profile-upload-fix">
|
||||||
<div class="preview text-center">
|
<div class="preview text-center">
|
||||||
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
||||||
height="200" id="previewFix"/>
|
height="200" id="previewFix"/>
|
||||||
@ -131,7 +131,7 @@
|
|||||||
informationalCallback="profileUploadCallbackRemoveUserInput"
|
informationalCallback="profileUploadCallbackRemoveUserInput"
|
||||||
prepareData="profileUploadRemoveUserInput"
|
prepareData="profileUploadRemoveUserInput"
|
||||||
enctype="multipart/form-data"
|
enctype="multipart/form-data"
|
||||||
action="/WebGoat/PathTraversal/profile-upload-remove-user-input">
|
action="PathTraversal/profile-upload-remove-user-input">
|
||||||
<div class="preview text-center">
|
<div class="preview text-center">
|
||||||
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
||||||
height="200" id="previewRemoveUserInput"/>
|
height="200" id="previewRemoveUserInput"/>
|
||||||
@ -189,7 +189,7 @@
|
|||||||
|
|
||||||
|
|
||||||
<br/>
|
<br/>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/PathTraversal/random">
|
<form class="attack-form" method="POST" name="form" action="PathTraversal/random">
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
@ -227,7 +227,7 @@
|
|||||||
|
|
||||||
prepareData="profileZipSlip"
|
prepareData="profileZipSlip"
|
||||||
enctype="multipart/form-data"
|
enctype="multipart/form-data"
|
||||||
action="/WebGoat/PathTraversal/zip-slip">
|
action="PathTraversal/zip-slip">
|
||||||
<div class="preview text-center">
|
<div class="preview text-center">
|
||||||
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
<img class="preview-img" th:src="@{/images/account.png}" alt="Preview Image" width="200"
|
||||||
height="200" id="previewZipSlip"/>
|
height="200" id="previewZipSlip"/>
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SecurePasswords/assignment"
|
action="SecurePasswords/assignment"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
|
|
||||||
<div class="input-group input-group">
|
<div class="input-group input-group">
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" method="POST"
|
<form class="attack-form" accept-charset="UNKNOWN" method="POST"
|
||||||
action="/WebGoat/SpoofCookie/login">
|
action="SpoofCookie/login">
|
||||||
<div style="padding: 20px;" id="password-login">
|
<div style="padding: 20px;" id="password-login">
|
||||||
<h4 style="border-bottom: 1px solid #c5c5c5;">Account Access</h4>
|
<h4 style="border-bottom: 1px solid #c5c5c5;">Account Access</h4>
|
||||||
<fieldset>
|
<fieldset>
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/attack2"
|
action="SqlInjection/attack2"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -39,7 +39,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/attack3"
|
action="SqlInjection/attack3"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -63,7 +63,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/attack4"
|
action="SqlInjection/attack4"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -87,7 +87,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/attack5"
|
action="SqlInjection/attack5"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -143,7 +143,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/assignment5a">
|
action="SqlInjection/assignment5a">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>SELECT * FROM user_data WHERE first_name = 'John' AND last_name = '</td>
|
<td>SELECT * FROM user_data WHERE first_name = 'John' AND last_name = '</td>
|
||||||
@ -188,7 +188,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/assignment5b">
|
action="SqlInjection/assignment5b">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>Login_Count:</td>
|
<td>Login_Count:</td>
|
||||||
@ -216,7 +216,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/attack8"
|
action="SqlInjection/attack8"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -244,7 +244,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/attack9"
|
action="SqlInjection/attack9"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -273,7 +273,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjection/attack10"
|
action="SqlInjection/attack10"
|
||||||
autocomplete="off">
|
autocomplete="off">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjectionAdvanced/attack6a">
|
action="SqlInjectionAdvanced/attack6a">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>Name:</td>
|
<td>Name:</td>
|
||||||
@ -33,7 +33,7 @@
|
|||||||
</form>
|
</form>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjectionAdvanced/attack6b">
|
action="SqlInjectionAdvanced/attack6b">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td>Password:</td>
|
<td>Password:</td>
|
||||||
@ -79,7 +79,7 @@
|
|||||||
<div class="col-lg-12">
|
<div class="col-lg-12">
|
||||||
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="login-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjectionAdvanced/challenge_Login"
|
action="SqlInjectionAdvanced/challenge_Login"
|
||||||
role="form">
|
role="form">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="text" name="username_login" id="username4" tabindex="1"
|
<input type="text" name="username_login" id="username4" tabindex="1"
|
||||||
@ -115,7 +115,7 @@
|
|||||||
</form>
|
</form>
|
||||||
<form id="register-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="register-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="PUT" name="form"
|
method="PUT" name="form"
|
||||||
action="/WebGoat/SqlInjectionAdvanced/challenge"
|
action="SqlInjectionAdvanced/challenge"
|
||||||
style="display: none;" role="form">
|
style="display: none;" role="form">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="text" name="username_reg" id="username" tabindex="1"
|
<input type="text" name="username_reg" id="username" tabindex="1"
|
||||||
@ -168,7 +168,7 @@
|
|||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<form id="quiz-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="quiz-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjectionAdvanced/quiz"
|
action="SqlInjectionAdvanced/quiz"
|
||||||
role="form">
|
role="form">
|
||||||
<div id="q_container"></div>
|
<div id="q_container"></div>
|
||||||
<br />
|
<br />
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
<div class="adoc-content" th:replace="~{doc:lessons/sqlinjection/documentation/SqlInjection_jdbc_completion.adoc}"></div>
|
<div class="adoc-content" th:replace="~{doc:lessons/sqlinjection/documentation/SqlInjection_jdbc_completion.adoc}"></div>
|
||||||
<div class="attack-container">
|
<div class="attack-container">
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="/WebGoat/SqlInjectionMitigations/attack10a">
|
<form class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="SqlInjectionMitigations/attack10a">
|
||||||
<div>
|
<div>
|
||||||
<p>Connection conn = DriverManager.<input type="text" name="field1" id="field1" />(DBURL, DBUSER, DBPW);</p>
|
<p>Connection conn = DriverManager.<input type="text" name="field1" id="field1" />(DBURL, DBUSER, DBPW);</p>
|
||||||
<p><input type="text" name="field2" id="field2" /> = conn.<input type="text" name="field3" id="field3" />("SELECT status FROM users WHERE name=<input type="text" name="field4" id="field4" /> AND mail=<input type="text" name="field5" id="field5" />");</p>
|
<p><input type="text" name="field2" id="field2" /> = conn.<input type="text" name="field3" id="field3" />("SELECT status FROM users WHERE name=<input type="text" name="field4" id="field4" /> AND mail=<input type="text" name="field5" id="field5" />");</p>
|
||||||
@ -42,7 +42,7 @@
|
|||||||
<div class="lesson-page-wrapper">
|
<div class="lesson-page-wrapper">
|
||||||
<div class="adoc-content" th:replace="~{doc:lessons/sqlinjection/documentation/SqlInjection_jdbc_newcode.adoc}"></div>
|
<div class="adoc-content" th:replace="~{doc:lessons/sqlinjection/documentation/SqlInjection_jdbc_newcode.adoc}"></div>
|
||||||
<div class="attack-container" style="border: none !important; height: 100%; min-height: 300px;">
|
<div class="attack-container" style="border: none !important; height: 100%; min-height: 300px;">
|
||||||
<form id="codesubmit" style="height: 100%; min-height: 300px;" class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="/WebGoat/SqlInjectionMitigations/attack10b">
|
<form id="codesubmit" style="height: 100%; min-height: 300px;" class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="SqlInjectionMitigations/attack10b">
|
||||||
<div>
|
<div>
|
||||||
<div id="editor" style="position: absolute; top: 0; right: 0; bottom: 0; left: 0; height: 300px;" name="editor"></div>
|
<div id="editor" style="position: absolute; top: 0; right: 0; bottom: 0; left: 0; height: 300px;" name="editor"></div>
|
||||||
<script th:src="@{/js/libs/ace.js}" type="text/javascript" charset="utf-8"></script>
|
<script th:src="@{/js/libs/ace.js}" type="text/javascript" charset="utf-8"></script>
|
||||||
@ -72,7 +72,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlOnlyInputValidation/attack"
|
action="SqlOnlyInputValidation/attack"
|
||||||
enctype="application/json;charset=UTF-8">
|
enctype="application/json;charset=UTF-8">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -95,7 +95,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlOnlyInputValidationOnKeywords/attack"
|
action="SqlOnlyInputValidationOnKeywords/attack"
|
||||||
enctype="application/json;charset=UTF-8">
|
enctype="application/json;charset=UTF-8">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
@ -124,7 +124,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SqlInjectionMitigations/attack12a">
|
action="SqlInjectionMitigations/attack12a">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="panel panel-primary">
|
<div class="panel panel-primary">
|
||||||
@ -173,7 +173,7 @@
|
|||||||
<br/>
|
<br/>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
<form class="attack-form" method="POST" name="form" action="/WebGoat/SqlInjectionMitigations/attack12a">
|
<form class="attack-form" method="POST" name="form" action="SqlInjectionMitigations/attack12a">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-addon">IP address webgoat-prd server:</div>
|
<div class="input-group-addon">IP address webgoat-prd server:</div>
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SSRF/task1">
|
action="SSRF/task1">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td><input type="hidden" id="url1" name="url" value="images/tom.png"/></td>
|
<td><input type="hidden" id="url1" name="url" value="images/tom.png"/></td>
|
||||||
@ -34,7 +34,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/SSRF/task2">
|
action="SSRF/task2">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td><input type="hidden" id="url2" name="url" value="images/cat.png"/></td>
|
<td><input type="hidden" id="url2" name="url" value="images/cat.png"/></td>
|
||||||
|
@ -99,7 +99,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/VulnerableComponents/attack1">
|
action="VulnerableComponents/attack1">
|
||||||
<div id="lessonContent">
|
<div id="lessonContent">
|
||||||
<form accept-charset="UNKNOWN" method="POST" name="form"
|
<form accept-charset="UNKNOWN" method="POST" name="form"
|
||||||
action="#attack/307/100">
|
action="#attack/307/100">
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
|
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" style="position:relative;top:150px"
|
<form class="attack-form" accept-charset="UNKNOWN" style="position:relative;top:150px"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/WebWolf/mail">
|
action="WebWolf/mail">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
@ -39,7 +39,7 @@
|
|||||||
<!-- <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>-->
|
<!-- <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>-->
|
||||||
<form class="attack-form" accept-charset="UNKNOWN" style="position:relative;top:-50px"
|
<form class="attack-form" accept-charset="UNKNOWN" style="position:relative;top:-50px"
|
||||||
method="POST" name="secondform"
|
method="POST" name="secondform"
|
||||||
action="/WebGoat/WebWolf/mail/send">
|
action="WebWolf/mail/send">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
@ -47,7 +47,7 @@
|
|||||||
<span class="input-group-addon">
|
<span class="input-group-addon">
|
||||||
@
|
@
|
||||||
</span>
|
</span>
|
||||||
<input class="form-control" placeholder="test1233@webgoat.org" name="email" type="email"
|
<input class="form-control" th:attr="placeholder=${username + '@webgoat.org'}" name="email" type="email"
|
||||||
required=""/>
|
required=""/>
|
||||||
</div>
|
</div>
|
||||||
<button type="submit" class="btn btn-primary btn-block" id="btn-login">
|
<button type="submit" class="btn btn-primary btn-block" id="btn-login">
|
||||||
@ -70,13 +70,13 @@
|
|||||||
<div class="attack-container">
|
<div class="attack-container">
|
||||||
<img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
|
<img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
|
||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<a href="/WebGoat/WebWolf/landing/password-reset" target="_blank">Click here to reset your password</a>
|
<a href="WebWolf/landing/password-reset" target="_blank">Click here to reset your password</a>
|
||||||
|
|
||||||
<br/>
|
<br/>
|
||||||
<br/>
|
<br/>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/WebWolf/landing">
|
action="WebWolf/landing">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
|
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
|
||||||
<form role="form" method="GET" th:action="${webwolfUrl}">
|
<form role="form" method="GET" th:action="${webwolfLandingPageUrl}">
|
||||||
<h2 class="sign_up_title">Reset your password</h2>
|
<h2 class="sign_up_title">Reset your password</h2>
|
||||||
<input type="hidden" name="uniqueCode" th:value="${uniqueCode}"/>
|
<input type="hidden" name="uniqueCode" th:value="${uniqueCode}"/>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
@ -23,7 +23,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div>
|
<div>
|
||||||
<a href="https://github.com/WebGoat">(c) 2017 WebGoat Company</a>
|
<a href="https://github.com/WebGoat">(c) 2023 WebGoat Company</a>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
<div id="lessonContent">
|
<div id="lessonContent">
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/CrossSiteScripting/attack1">
|
action="CrossSiteScripting/attack1">
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<td><input type="checkbox" name="checkboxAttack1"> The cookies are the same on each tab </td>
|
<td><input type="checkbox" name="checkboxAttack1"> The cookies are the same on each tab </td>
|
||||||
@ -46,7 +46,7 @@
|
|||||||
<div id="lessonContent">
|
<div id="lessonContent">
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="GET" name="xss-5a"
|
method="GET" name="xss-5a"
|
||||||
action="/WebGoat/CrossSiteScripting/attack5a">
|
action="CrossSiteScripting/attack5a">
|
||||||
<center>
|
<center>
|
||||||
<h4>Shopping Cart</h4>
|
<h4>Shopping Cart</h4>
|
||||||
</center>
|
</center>
|
||||||
@ -133,7 +133,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="DOMTestRoute"
|
method="POST" name="DOMTestRoute"
|
||||||
action="/WebGoat/CrossSiteScripting/attack6a">
|
action="CrossSiteScripting/attack6a">
|
||||||
<input name="DOMTestRoute" value="" type="TEXT" />
|
<input name="DOMTestRoute" value="" type="TEXT" />
|
||||||
<input name="SubmitTestRoute" value="Submit" type="SUBMIT"/>
|
<input name="SubmitTestRoute" value="Submit" type="SUBMIT"/>
|
||||||
</form>
|
</form>
|
||||||
@ -148,7 +148,7 @@
|
|||||||
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="DOMFollowUp"
|
method="POST" name="DOMFollowUp"
|
||||||
action="/WebGoat/CrossSiteScripting/dom-follow-up">
|
action="CrossSiteScripting/dom-follow-up">
|
||||||
<input name="successMessage" value="" type="TEXT" />
|
<input name="successMessage" value="" type="TEXT" />
|
||||||
<input name="submitMessage" value="Submit" type="SUBMIT"/>
|
<input name="submitMessage" value="Submit" type="SUBMIT"/>
|
||||||
</form>
|
</form>
|
||||||
@ -168,7 +168,7 @@
|
|||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<form id="quiz-form" class="attack-form" accept-charset="UNKNOWN"
|
<form id="quiz-form" class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="form"
|
method="POST" name="form"
|
||||||
action="/WebGoat/CrossSiteScripting/quiz" role="form">
|
action="CrossSiteScripting/quiz" role="form">
|
||||||
<div id="q_container"></div>
|
<div id="q_container"></div>
|
||||||
<br />
|
<br />
|
||||||
<input name="Quiz_solutions" value="Submit answers" type="SUBMIT"/>
|
<input name="Quiz_solutions" value="Submit answers" type="SUBMIT"/>
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
<div class="lesson-page-wrapper">
|
<div class="lesson-page-wrapper">
|
||||||
<div class="adoc-content" th:replace="~{doc:lessons/xss/documentation/CrossSiteScripting_content8b.adoc}"></div>
|
<div class="adoc-content" th:replace="~{doc:lessons/xss/documentation/CrossSiteScripting_content8b.adoc}"></div>
|
||||||
<div class="attack-container" style="height: 100%; border: none !important;min-height: 450px;">
|
<div class="attack-container" style="height: 100%; border: none !important;min-height: 450px;">
|
||||||
<form id="codesubmit" style="height: 100%; min-height: 350px;" class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="/WebGoat/CrossSiteScripting/attack3">
|
<form id="codesubmit" style="height: 100%; min-height: 350px;" class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="CrossSiteScripting/attack3">
|
||||||
<div>
|
<div>
|
||||||
<div id="editor" style="position: absolute; top: 0; right: 0; bottom: 0; left: 0; height: 350px;" name="editor"></div>
|
<div id="editor" style="position: absolute; top: 0; right: 0; bottom: 0; left: 0; height: 350px;" name="editor"></div>
|
||||||
<script th:src="@{/js/libs/ace.js}" type="text/javascript" charset="utf-8"></script>
|
<script th:src="@{/js/libs/ace.js}" type="text/javascript" charset="utf-8"></script>
|
||||||
@ -41,7 +41,7 @@
|
|||||||
<div class="lesson-page-wrapper">
|
<div class="lesson-page-wrapper">
|
||||||
<div class="adoc-content" th:replace="~{doc:lessons/xss/documentation/CrossSiteScripting_content8c.adoc}"></div>
|
<div class="adoc-content" th:replace="~{doc:lessons/xss/documentation/CrossSiteScripting_content8c.adoc}"></div>
|
||||||
<div class="attack-container" style="height: 100%; border: none !important;min-height: 450px;">
|
<div class="attack-container" style="height: 100%; border: none !important;min-height: 450px;">
|
||||||
<form id="codesubmit2" style="height: 100%; min-height: 350px;" class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="/WebGoat/CrossSiteScripting/attack4">
|
<form id="codesubmit2" style="height: 100%; min-height: 350px;" class="attack-form" accept-charset="UNKNOWN" method="POST" name="form" action="CrossSiteScripting/attack4">
|
||||||
<div>
|
<div>
|
||||||
<div id="editor2" style="position: absolute; top: 0; right: 0; bottom: 0; left: 0; height: 350px;" name="editor2"></div>
|
<div id="editor2" style="position: absolute; top: 0; right: 0; bottom: 0; left: 0; height: 350px;" name="editor2"></div>
|
||||||
<script th:src="@{/js/libs/ace.js}" type="text/javascript" charset="utf-8"></script>
|
<script th:src="@{/js/libs/ace.js}" type="text/javascript" charset="utf-8"></script>
|
||||||
|
@ -67,7 +67,7 @@
|
|||||||
|
|
||||||
<form class="attack-form" accept-charset="UNKNOWN"
|
<form class="attack-form" accept-charset="UNKNOWN"
|
||||||
method="POST" name="DOMFollowUp"
|
method="POST" name="DOMFollowUp"
|
||||||
action="/WebGoat/CrossSiteScriptingStored/stored-xss-follow-up">
|
action="CrossSiteScriptingStored/stored-xss-follow-up">
|
||||||
<input name="successMessage" value="" type="TEXT" />
|
<input name="successMessage" value="" type="TEXT" />
|
||||||
<input name="submitMessage" value="Submit" type="SUBMIT"/>
|
<input name="submitMessage" value="Submit" type="SUBMIT"/>
|
||||||
</form>
|
</form>
|
||||||
|
@ -17,7 +17,7 @@ xss-reflected-6a-failure=Sorry that is not correct. Look at the example again to
|
|||||||
xss-reflected-6a-hint-1=To search through the client side code, use the developer tools of your browser. (If you don't know how to use them, check the <i>Developer Tools</i> Lesson in the general category.)
|
xss-reflected-6a-hint-1=To search through the client side code, use the developer tools of your browser. (If you don't know how to use them, check the <i>Developer Tools</i> Lesson in the general category.)
|
||||||
xss-reflected-6a-hint-2=Since you are looking for application code, check the WebGoat/js/goatApp folder for a file that could handle the routes.
|
xss-reflected-6a-hint-2=Since you are looking for application code, check the WebGoat/js/goatApp folder for a file that could handle the routes.
|
||||||
xss-reflected-6a-hint-3=Make sure you add the base route at the start, when submitting your solution.
|
xss-reflected-6a-hint-3=Make sure you add the base route at the start, when submitting your solution.
|
||||||
xss-reflected-6a-hint-4=Still did not find it? Check the <a href="/WebGoat/js/goatApp/view/GoatRouter.js" target="_blank">GoatRouter.js</a> file. It should be pretty easy to determine.
|
xss-reflected-6a-hint-4=Still did not find it? Check the <a href="js/goatApp/view/GoatRouter.js" target="_blank">GoatRouter.js</a> file. It should be pretty easy to determine.
|
||||||
xss.lesson1.failure=The cookies should be the same on both tabs. Ensure that the tabs are from the same site.
|
xss.lesson1.failure=The cookies should be the same on both tabs. Ensure that the tabs are from the same site.
|
||||||
xss-dom-message-success=Correct, I hope you did not cheat, using the console!
|
xss-dom-message-success=Correct, I hope you did not cheat, using the console!
|
||||||
xss-dom-message-failure=Incorrect, keep trying. It should be obvious in the log when you are successful.
|
xss-dom-message-failure=Incorrect, keep trying. It should be obvious in the log when you are successful.
|
||||||
|
@ -3,7 +3,7 @@ $(document).ready(function () {
|
|||||||
var commentInput = $("#commentInput").val();
|
var commentInput = $("#commentInput").val();
|
||||||
$.ajax({
|
$.ajax({
|
||||||
type: 'POST',
|
type: 'POST',
|
||||||
url: '/WebGoat/CrossSiteScriptingStored/stored-xss',
|
url: 'CrossSiteScriptingStored/stored-xss',
|
||||||
data: JSON.stringify({text: commentInput}),
|
data: JSON.stringify({text: commentInput}),
|
||||||
contentType: "application/json",
|
contentType: "application/json",
|
||||||
dataType: 'json'
|
dataType: 'json'
|
||||||
@ -32,7 +32,7 @@ $(document).ready(function () {
|
|||||||
|
|
||||||
function getChallenges() {
|
function getChallenges() {
|
||||||
$("#list").empty();
|
$("#list").empty();
|
||||||
$.get('/WebGoat/CrossSiteScriptingStored/stored-xss', function (result, status) {
|
$.get('CrossSiteScriptingStored/stored-xss', function (result, status) {
|
||||||
for (var i = 0; i < result.length; i++) {
|
for (var i = 0; i < result.length; i++) {
|
||||||
var comment = html.replace('USER', result[i].user);
|
var comment = html.replace('USER', result[i].user);
|
||||||
comment = comment.replace('DATETIME', result[i].dateTime);
|
comment = comment.replace('DATETIME', result[i].dateTime);
|
||||||
|
@ -28,7 +28,7 @@
|
|||||||
successCallback="simpleXXECallback"
|
successCallback="simpleXXECallback"
|
||||||
failureCallback="simpleXXECallback"
|
failureCallback="simpleXXECallback"
|
||||||
contentType="application/xml"
|
contentType="application/xml"
|
||||||
action="/WebGoat/xxe/simple">
|
action="xxe/simple">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="panel post">
|
<div class="panel post">
|
||||||
<div class="post-heading">
|
<div class="post-heading">
|
||||||
@ -166,7 +166,7 @@
|
|||||||
prepareData="blindXXE"
|
prepareData="blindXXE"
|
||||||
successCallback="blindXXECallback"
|
successCallback="blindXXECallback"
|
||||||
failureCallback="blindXXECallback"
|
failureCallback="blindXXECallback"
|
||||||
action="/WebGoat/xxe/blind"
|
action="xxe/blind"
|
||||||
contentType="application/xml">
|
contentType="application/xml">
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="panel post">
|
<div class="panel post">
|
||||||
@ -221,7 +221,7 @@
|
|||||||
<div class="lesson-page-wrapper">
|
<div class="lesson-page-wrapper">
|
||||||
<div class="adoc-content" th:replace="~{doc:lessons/xxe/documentation/XXE_static_code_analysis.adoc}"></div>
|
<div class="adoc-content" th:replace="~{doc:lessons/xxe/documentation/XXE_static_code_analysis.adoc}"></div>
|
||||||
<br/>
|
<br/>
|
||||||
<a id="submitlink" class="btn btn-primary" href="" onclick="javascript:$('#patchbutton').load('/WebGoat/service/enable-security.mvc');return false;"><span id="patchbutton">Apply XXE security patch</span></a>
|
<a id="submitlink" class="btn btn-primary" href="" onclick="javascript:$('#patchbutton').load('service/enable-security.mvc');return false;"><span id="patchbutton">Apply XXE security patch</span></a>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
|
@ -7,7 +7,7 @@ define(['jquery',
|
|||||||
Backbone,
|
Backbone,
|
||||||
FlagModel) {
|
FlagModel) {
|
||||||
return Backbone.Collection.extend({
|
return Backbone.Collection.extend({
|
||||||
url:'/WebGoat/scoreboard-data',
|
url:'scoreboard-data',
|
||||||
model:FlagModel
|
model:FlagModel
|
||||||
});
|
});
|
||||||
});
|
});
|
@ -3,7 +3,7 @@
|
|||||||
define(['jquery','underscore','backbone'], function($,_,Backbone) {
|
define(['jquery','underscore','backbone'], function($,_,Backbone) {
|
||||||
|
|
||||||
var menuData = Backbone.Model.extend({
|
var menuData = Backbone.Model.extend({
|
||||||
urlRoot:'/webgoat/service/lessonmenu.mvc',
|
urlRoot:'service/lessonmenu.mvc',
|
||||||
defaults: {
|
defaults: {
|
||||||
items:null,
|
items:null,
|
||||||
selectedItem:null
|
selectedItem:null
|
||||||
|
@ -1,17 +1,16 @@
|
|||||||
define(['jquery',
|
define(['underscore',
|
||||||
'underscore',
|
|
||||||
'backbone',
|
|
||||||
'goatApp/support/goatAsyncErrorHandler',
|
'goatApp/support/goatAsyncErrorHandler',
|
||||||
'goatApp/view/ScoreboardView'],
|
'goatApp/view/ScoreboardView'],
|
||||||
function ($,
|
function (
|
||||||
_,
|
_,
|
||||||
Backbone,
|
|
||||||
asyncErrorHandler,
|
asyncErrorHandler,
|
||||||
ScoreboardView) {
|
ScoreboardView) {
|
||||||
'use strict'
|
'use strict'
|
||||||
return {
|
class ScoreboardApp {
|
||||||
initApp: function () {
|
initApp() {
|
||||||
scoreboard = new ScoreboardView();
|
asyncErrorHandler.init();
|
||||||
|
this.scoreboard = new ScoreboardView();
|
||||||
}
|
}
|
||||||
};
|
}
|
||||||
|
return new ScoreboardApp();
|
||||||
});
|
});
|
@ -5,7 +5,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
define(['jquery',
|
define(['jquery',
|
||||||
'libs/jquery-vuln',
|
'jqueryvuln',
|
||||||
'jqueryuivuln',
|
'jqueryuivuln',
|
||||||
'underscore',
|
'underscore',
|
||||||
'backbone',
|
'backbone',
|
||||||
@ -66,7 +66,7 @@ define(['jquery',
|
|||||||
console.log('phoneHome invoked');
|
console.log('phoneHome invoked');
|
||||||
webgoat.customjs.jquery.ajax({
|
webgoat.customjs.jquery.ajax({
|
||||||
method: "POST",
|
method: "POST",
|
||||||
url: "/WebGoat/CrossSiteScripting/phone-home-xss",
|
url: "CrossSiteScripting/phone-home-xss",
|
||||||
data: {param1: 42, param2: 24},
|
data: {param1: 42, param2: 24},
|
||||||
headers: {
|
headers: {
|
||||||
"webgoat-requested-by": "dom-xss-vuln"
|
"webgoat-requested-by": "dom-xss-vuln"
|
||||||
|
@ -53,7 +53,7 @@ function($,
|
|||||||
},
|
},
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Select the hints, we get '/WebGoat/HttpBasics/attack1' in the json (nav) we need to select all the hints
|
* Select the hints, we get 'HttpBasics/attack1' in the json (nav) we need to select all the hints
|
||||||
* from the model where the assignment name is contained in the assignmentPath. We do this not to mess
|
* from the model where the assignment name is contained in the assignmentPath. We do this not to mess
|
||||||
* with contextRoots etc and try to select the name from the url.
|
* with contextRoots etc and try to select the name from the url.
|
||||||
*
|
*
|
||||||
|
@ -57,8 +57,8 @@ define(['jquery',
|
|||||||
|
|
||||||
isAttackSolved = function (path) {
|
isAttackSolved = function (path) {
|
||||||
//strip
|
//strip
|
||||||
var newPath = path.replace(/^\/WebGoat/,'');
|
//var newPath = path.replace(/^\/WebGoat/,'');
|
||||||
var newPath = newPath.replace(/\//g,'');
|
var newPath = path.replace(/\//g,'');
|
||||||
if (typeof solvedMap[newPath] !== 'undefined') {
|
if (typeof solvedMap[newPath] !== 'undefined') {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -82,9 +82,9 @@ define(['jquery',
|
|||||||
for (var i=0; i< $assignmentForms.length; i++) {
|
for (var i=0; i< $assignmentForms.length; i++) {
|
||||||
//normalize path
|
//normalize path
|
||||||
var action = $assignmentForms.attr('action');
|
var action = $assignmentForms.attr('action');
|
||||||
if (action.endsWith("/WebGoat/WebWolf/mail/")) {
|
if (action.endsWith("WebWolf/mail/")) {
|
||||||
//fix for now. the find does not seem to work properly and gets confused with two /mail
|
//fix for now. the find does not seem to work properly and gets confused with two /mail
|
||||||
action = "/WebGoat/WebWolf/mail/send";
|
action = "WebWolf/mail/send";
|
||||||
}
|
}
|
||||||
if (action.indexOf("?")>-1) {
|
if (action.indexOf("?")>-1) {
|
||||||
//used to also mark forms like JWT assignment 8 complete
|
//used to also mark forms like JWT assignment 8 complete
|
||||||
|
@ -1,9 +0,0 @@
|
|||||||
// AMD (Asynchronous Module Definition) wrapper for jQuery 1.8
|
|
||||||
define([
|
|
||||||
// Load the jQuery source file
|
|
||||||
'/WebGoat/js/libs/jquery.min.js'
|
|
||||||
],
|
|
||||||
function(){
|
|
||||||
// Tell Require.js that this module returns a reference to jQuery
|
|
||||||
return $; // Return the global scope object
|
|
||||||
});
|
|
@ -1,4 +1,4 @@
|
|||||||
var jQuery = require('libs/jquery-vuln');
|
var jQuery = require('jqueryvuln');
|
||||||
|
|
||||||
/*! jQuery UI - v1.10.3 - 2013-05-03
|
/*! jQuery UI - v1.10.3 - 2013-05-03
|
||||||
* http://jqueryui.com
|
* http://jqueryui.com
|
||||||
|
@ -1,9 +0,0 @@
|
|||||||
// AMD (Asynchronous Module Definition) wrapper for jQuery 1.8
|
|
||||||
define([
|
|
||||||
// Load the jQuery source file
|
|
||||||
'/WebGoat/js/libs/jquery-2.1.4.min.js'
|
|
||||||
],
|
|
||||||
function(){
|
|
||||||
// Tell Require.js that this module returns a reference to jQuery
|
|
||||||
return $.noConflict(true); // Return the global scope object
|
|
||||||
});
|
|
@ -25,6 +25,7 @@ require.config({
|
|||||||
baseUrl: "js/",
|
baseUrl: "js/",
|
||||||
paths: {
|
paths: {
|
||||||
jquery: 'libs/jquery.min',
|
jquery: 'libs/jquery.min',
|
||||||
|
jqueryvuln: 'libs/jquery-2.1.4.min',
|
||||||
jqueryuivuln: 'libs/jquery-ui-1.10.4',
|
jqueryuivuln: 'libs/jquery-ui-1.10.4',
|
||||||
jqueryui: 'libs/jquery-ui.min',
|
jqueryui: 'libs/jquery-ui.min',
|
||||||
underscore: 'libs/underscore-min',
|
underscore: 'libs/underscore-min',
|
||||||
@ -35,16 +36,10 @@ require.config({
|
|||||||
polyglot: 'libs/polyglot.min'
|
polyglot: 'libs/polyglot.min'
|
||||||
},
|
},
|
||||||
|
|
||||||
map: {
|
|
||||||
'libs/jquery-base' : {'jquery':'libs/jquery.min'},
|
|
||||||
'libs/jquery-vuln' : {'jquery':'libs/jquery-2.1.4.min'}
|
|
||||||
},
|
|
||||||
|
|
||||||
|
|
||||||
shim: {
|
shim: {
|
||||||
"jqueryui": {
|
"jqueryui": {
|
||||||
exports:"$",
|
exports:"$",
|
||||||
deps: ['libs/jquery-base']
|
deps: ['jquery']
|
||||||
},
|
},
|
||||||
underscore: {
|
underscore: {
|
||||||
exports: "_"
|
exports: "_"
|
||||||
@ -65,12 +60,11 @@ require.config({
|
|||||||
*/
|
*/
|
||||||
require([
|
require([
|
||||||
'jquery',
|
'jquery',
|
||||||
'libs/jquery-base',
|
'jqueryvuln',
|
||||||
'libs/jquery-vuln',
|
|
||||||
'jqueryui',
|
'jqueryui',
|
||||||
'underscore',
|
'underscore',
|
||||||
'backbone',
|
'backbone',
|
||||||
'bootstrap',
|
'bootstrap',
|
||||||
'goatApp/goatApp'], function($,jqueryBase,jqueryVuln,jqueryui,_,Backbone,Bootstrap,Goat){
|
'goatApp/goatApp'], function($,jqueryVuln,jqueryui,_,Backbone,Bootstrap,Goat){
|
||||||
Goat.initApp();
|
Goat.initApp();
|
||||||
});
|
});
|
@ -12,7 +12,7 @@ $(function () {
|
|||||||
var json = "";
|
var json = "";
|
||||||
var client = new XMLHttpRequest();
|
var client = new XMLHttpRequest();
|
||||||
var quiz_id = document.getElementById("quiz_id").getAttribute("data-quiz_id");
|
var quiz_id = document.getElementById("quiz_id").getAttribute("data-quiz_id");
|
||||||
client.open('GET', '/WebGoat/lesson_js/questions_' + quiz_id + '.json');
|
client.open('GET', 'lesson_js/questions_' + quiz_id + '.json');
|
||||||
client.onreadystatechange = function() {
|
client.onreadystatechange = function() {
|
||||||
if (this.readyState == 4 && this.status == 200) {
|
if (this.readyState == 4 && this.status == 200) {
|
||||||
json += client.responseText;
|
json += client.responseText;
|
||||||
|
@ -14,6 +14,7 @@ require.config({
|
|||||||
baseUrl: "js/",
|
baseUrl: "js/",
|
||||||
paths: {
|
paths: {
|
||||||
jquery: 'libs/jquery.min',
|
jquery: 'libs/jquery.min',
|
||||||
|
jqueryvuln: 'libs/jquery-2.1.4.min',
|
||||||
jqueryuivuln: 'libs/jquery-ui-1.10.4',
|
jqueryuivuln: 'libs/jquery-ui-1.10.4',
|
||||||
jqueryui: 'libs/jquery-ui.min',
|
jqueryui: 'libs/jquery-ui.min',
|
||||||
underscore: 'libs/underscore-min',
|
underscore: 'libs/underscore-min',
|
||||||
@ -23,11 +24,6 @@ require.config({
|
|||||||
polyglot: 'libs/polyglot.min'
|
polyglot: 'libs/polyglot.min'
|
||||||
},
|
},
|
||||||
|
|
||||||
map: {
|
|
||||||
'libs/jquery-base' : {'jquery':'libs/jquery.min'},
|
|
||||||
'libs/jquery-vuln' : {'jquery':'libs/jquery-2.1.4.min'}
|
|
||||||
},
|
|
||||||
|
|
||||||
shim: {
|
shim: {
|
||||||
"jqueryui": {
|
"jqueryui": {
|
||||||
exports:"$",
|
exports:"$",
|
||||||
@ -43,6 +39,6 @@ require.config({
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
require(['jquery','libs/jquery-base','libs/jquery-vuln','jqueryui', 'underscore','backbone','goatApp/scoreboardApp'], function($,jqueryBase,jqueryVuln,jqueryui,_,Backbone,ScoreboardApp){
|
require(['underscore','backbone','goatApp/scoreboardApp'], function(_,Backbone,ScoreboardApp){
|
||||||
ScoreboardApp.initApp();
|
ScoreboardApp.initApp();
|
||||||
});
|
});
|
@ -43,6 +43,12 @@
|
|||||||
<div class="text-center"><a th:href="@{/registration}" th:text="#{register.new}"></a></div>
|
<div class="text-center"><a th:href="@{/registration}" th:text="#{register.new}"></a></div>
|
||||||
</form>
|
</form>
|
||||||
<br/><br/>
|
<br/><br/>
|
||||||
|
<div th:if="${oauth}">
|
||||||
|
<h3 class="form-signin-heading">Login with OAuth 2.0</h3>
|
||||||
|
<table class="table table-striped">
|
||||||
|
<tr><td></tr><a href="oauth2/authorization/github">GitHub</a></td></tr>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
</section>
|
</section>
|
||||||
</section>
|
</section>
|
||||||
</section>
|
</section>
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user