dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

minor changes

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@256 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes 2008-01-10 10:48:01 +00:00
parent 489bff08f8
commit dd6a893f28
2 changed files with 73 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ClientSideValidation.java
View File

@ -370,7 +370,7 @@ public class ClientSideValidation extends SequentialLessonAdapter {
hints.add("Using Firebug, you can add breakpoints in the JavaScript."); hints.add("Using Firebug, you can add breakpoints in the JavaScript.");
hints.add("Use Firebug to find the array or encrypted coupon codes, and " + hints.add("Use Firebug to find the array of encrypted coupon codes, and " +
"step through the JavaScript to see the decrypted values."); "step through the JavaScript to see the decrypted values.");
hints.add("You can use Firebug to inspect (and modify) the HTML."); hints.add("You can use Firebug to inspect (and modify) the HTML.");

4
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMXSS.java
View File

@ -210,9 +210,9 @@ public class DOMXSS extends SequentialLessonAdapter {
if (getLessonTracker(s).getStage() == 1) { if (getLessonTracker(s).getStage() == 1) {
instructions = "STAGE 1:\tFor this exercise, your mission is to deface this website using the image at the following location: <a href = '/WebGoat/images/logos/owasp.jpg'>OWASP IMAGE</a>"; instructions = "STAGE 1:\tFor this exercise, your mission is to deface this website using the image at the following location: <a href = '/WebGoat/images/logos/owasp.jpg'>OWASP IMAGE</a>";
} else if (getLessonTracker(s).getStage() == 2) { } else if (getLessonTracker(s).getStage() == 2) {
instructions = "STAGE 2:\tNow, try to create a JavaScript alert up using the image tag"; instructions = "STAGE 2:\tNow, try to create a JavaScript alert using the image tag";
} else if (getLessonTracker(s).getStage() == 3) { } else if (getLessonTracker(s).getStage() == 3) {
instructions = "STAGE 3:\tNext, try to create a JavaScript alert up using the IFRAME tag."; instructions = "STAGE 3:\tNext, try to create a JavaScript alert using the IFRAME tag.";
} else if (getLessonTracker(s).getStage() == 4) { } else if (getLessonTracker(s).getStage() == 4) {
instructions = "STAGE 4:\tUse the following to create a fake login form:<br><br>" + "Please enter your password:&lt;BR&gt;&lt;input type = \"password\" name=\"pass\"/&gt;&lt;button " + instructions = "STAGE 4:\tUse the following to create a fake login form:<br><br>" + "Please enter your password:&lt;BR&gt;&lt;input type = \"password\" name=\"pass\"/&gt;&lt;button " +
"onClick=\"javascript:alert('I have your password: ' + pass.value);\"&gt;Submit&lt;/button&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;"; "onClick=\"javascript:alert('I have your password: ' + pass.value);\"&gt;Submit&lt;/button&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;";