first step

This commit is contained in:
René Zubcevic
2020-07-05 09:31:32 +02:00
committed by Nanne Baars
parent 317573c897
commit db9e1c4c4f
6 changed files with 114 additions and 53 deletions

View File

@ -1,6 +1,7 @@
vulnerable-components.title=Vulnerable Components
EnterYourName=Enter your Name
Go!=Go!
vulnerable.hint=Here is some explanation of someone trying the exercise in an earlier version: https://www.youtube.com/watch?v=iWcRR2WcBFU
vulnerable-components.close=Trying to deserialize null object.
vulnerable-components.success=If you are not seeing the application you started; it may be minimized
vulnerable-components.success=You successfully tried to exploit the CVE-2013-7285 vulnerability
vulnerable-components.fromXML=You created contact {0}. This means you did not exploit the remote code execution.

View File

@ -12,3 +12,4 @@ WebGoat Sends an XML document to add contacts to a contacts database.
----
For this example, we will let you enter the xml directly versus intercepting the request and modifying the data. You provide the XML representation of a contact and WebGoat will convert it a Contact object using `XStream.fromXML(xml)`.
So find information about the CVE vulnerability and sends some payload that triggers the vulnerability.