dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changes for OWASP Standard build for 5.1

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@265 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64 2008-01-10 13:43:46 +00:00
parent aa62ffbb71
commit ef79edca0a
7 changed files with 108 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
webgoat/main/HOW TO create the WebGoat workspace.txt
View File

@ -1,3 +1,33 @@
***************************************
As of 5.1 the developer release contains the eclipse workspace
and project files.
Extract distribution to c:\
- It will create a WebGoat-x.x directory
Extract Eclipse-Workspace.zip to C:\WebGoat-x.x
Start eclipse using eclipse.bat
After eclipse starts
Top left - Project Explorer view
right click WebGoat refresh
right click Servers refresh
Bottom - Servers view
right click Tomcat… - start
Browse to http://localhost/WebGoat/attack
You're done. Changing files in eclipse will automatically rebuild
and redeploy the application.
Follow the instructions below to build the workspace from scratch
***************************************
***************************************
Eclipse startup and dependency removal

179
webgoat/main/build.xml
View File

@ -6,7 +6,7 @@
set to the current working directory.
-->
<project name="WebGoatClass-J2EE" default="Build_Class_Env" basedir=".">
<project name="WebGoat" default="Build_ALL_OWASP_Releases" basedir=".">
<!-- ===================== Property Definitions =========================== -->
@ -56,11 +56,11 @@
<property name="app.home" value="${basedir}/project"/>
<property name="app.name" value="WebGoat"/> <!-- MUST BE CONSISTENT WITH project/build.xml! -->
<property name="app.version" value="5.1_RC2"/> <!-- MUST BE CONSISTENT WITH project/build.xml! -->
<property name="app.version" value="5.1"/> <!-- MUST BE CONSISTENT WITH project/build.xml! -->
<property name="catalina.home" value="${basedir}/tomcat"/>
<property name="dist.home" value="${app.home}/dist"/>
<property name="dist.owasp" value="${app.home}/owasp_distributions"/>
<property name="install.home" value="WebGoatClassCD"/>
<property name="install.home" value="WebGoat-${app.version}"/>
<!-- ==================== Clean Target ==================================== -->
@ -166,108 +166,6 @@
</target>
<!-- =================== Prepare Distributions ========================== -->
<!-- Build unix Release -->
<!--
<target name="DELETE_ME_BuildUnixWar_release" depends="Compile-WebGoat-Unix"
description="Builds Unix release for OWASP">
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
<unzip src="${dist.home}/${app.name}-${app.version}.war" dest="${dist.home}/temp"/>
<delete file="${dist.home}/temp/WEB-INF/webgoat-class.properties"/>
<delete file="${dist.home}/temp/WEB-INF/webgoat-lab.properties"/>
<delete file="${dist.home}/temp/WEB-INF/web-windows.xml"/>
<move file="${dist.home}/temp/WEB-INF/web-unix.xml" tofile="${dist.home}/temp/WEB-INF/web.xml"/>
<move file="${dist.home}/temp/WEB-INF/webgoat-owasp.properties" tofile="${dist.home}/temp/WEB-INF/webgoat.properties"/>
<delete file="${dist.home}/${app.name}-${app.version}.war"/>
<zip destfile="${dist.home}/${app.name}-${app.version}.war" basedir="${dist.home}/temp"/>
-->
<!-- 1) A copy of the WAR file with WAR file instructions-->
<!--
<copy file="${basedir}/WAR Installation Instructions.txt" todir="${dist.home}"/>
<zip destfile="${dist.home}/Unix_${app.name}-${app.version}-Standalone.war.zip"
basedir="${dist.home}"
includes="WebGoat-*.war, WAR*.txt"/>
<delete file="${dist.home}/WAR Installation Instructions.txt"/>
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
-->
<!-- 2) The normal WAR file -->
<!--
<copy file="${dist.home}/${app.name}-${app.version}.war" tofile="${catalina.home}/webapps/${app.name}.war"/>
<zip destfile="${dist.home}/Unix_${app.name}-${app.version}_Release.zip"
basedir=""
includes="doc/, tomcat/, webgoat.sh, readme.txt"/>
-->
<!-- Add the WebGoat-x.x on the path -->
<!--
<unzip src="${dist.home}/Unix_${app.name}-${app.version}_Release.zip" dest="${dist.home}/temp/${app.name}-${app.version}"/>
<delete file="${dist.home}/Unix_${app.name}-${app.version}_Release.zip"/>
<zip destfile="${dist.home}/Unix_${app.name}-${app.version}_Release.zip"
basedir="${dist.home}/temp"/>
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
<move file="${dist.home}/${app.name}-${app.version}.war" tofile="${dist.home}/Unix_${app.name}-${app.version}.war"/>
<delete file="${catalina.home}/webapps/${app.name}.war"/>
</target>
-->
<!-- Build release -->
<target name="BuildWar_release" depends="Compile-WebGoat"
description="Builds the release for OWASP">
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
<unzip src="${dist.home}/${app.name}-${app.version}.war" dest="${dist.home}/temp"/>
<delete file="${dist.home}/temp/WEB-INF/webgoat-class.properties"/>
<delete file="${dist.home}/temp/WEB-INF/webgoat-lab.properties"/>
<!--
<delete file="${dist.home}/temp/WEB-INF/web-unix.xml"/>
-->
<move file="${dist.home}/temp/WEB-INF/web.xml" tofile="${dist.home}/temp/WEB-INF/web.xml"/>
<move file="${dist.home}/temp/WEB-INF/webgoat-owasp.properties" tofile="${dist.home}/temp/WEB-INF/webgoat.properties"/>
<delete file="${dist.home}/${app.name}-${app.version}.war"/>
<zip destfile="${dist.home}/${app.name}-${app.version}.war"
basedir="${dist.home}/temp"
excludes="JavaSource/org/owasp/webgoat/lessons/instructor/"/>
<!-- 1) A copy of the WAR file with WAR file instructions-->
<copy file="${basedir}/WAR Installation Instructions.txt" todir="${dist.home}"/>
<zip destfile="${dist.home}/${app.name}-${app.version}-Standalone.war.zip"
basedir="${dist.home}"
includes="WebGoat-*.war, WAR*.txt"/>
<delete file="${dist.home}/WAR Installation Instructions.txt"/>
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
<!-- 2) The normal WAR file -->
<copy file="${dist.home}/${app.name}-${app.version}.war" tofile="${catalina.home}/webapps/${app.name}.war"/>
<zip destfile="${dist.home}/${app.name}-${app.version}_Release.zip"
basedir=""
includes="doc/, java/, tomcat/, webgoat.bat, webgoat_8080.bat, readme.txt"/>
<!-- Add the WebGoat-x.x on the path -->
<unzip src="${dist.home}/${app.name}-${app.version}_Release.zip" dest="${dist.home}/temp/${app.name}-${app.version}"/>
<delete file="${dist.home}/${app.name}-${app.version}_Release.zip"/>
<zip destfile="${dist.home}/${app.name}-${app.version}_Release.zip"
basedir="${dist.home}/temp"/>
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
<move file="${dist.home}/${app.name}-${app.version}.war" tofile="${dist.home}/${app.name}-${app.version}.war"/>
<delete file="${catalina.home}/webapps/${app.name}.war"/>
</target>
<!--Build developer release -->
<target name="BuildDev_release" depends="clean"
description="Creates developer binary distribution for OWASP">
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
<zip destfile="${dist.home}/${app.name}-${app.version}_developer.zip"
basedir=""
includes="java/, eclipse/, tomcat/, project/JavaSource/, project/WebContent/, project/build.xml, project/doc, webgoat.bat, webgoat_8080.bat, webgoat.sh, eclipse.bat, readme.txt, HOW*"
excludes="project/JavaSource/org/owasp/webgoat/lessons/instructor/, project/.*, project/WebContent/WEB-INF/webgoat-lab.properties, project/WebContent/WEB-INF/webgoat-class.properties, project/build/WEB-INF/webgoat-lab.properties, project/build/WEB-INF/webgoat-class.properties"/>
<unzip src="${dist.home}/${app.name}-${app.version}_developer.zip" dest="${dist.home}/temp"/>
<move file="${dist.home}/temp/project/WebContent/WEB-INF/webgoat-owasp.properties" tofile="${dist.home}/temp/project/WebContent/WEB-INF/webgoat.properties"/>
<delete file="${dist.home}/${app.name}-${app.version}_developer.zip"/>
<zip destfile="${dist.home}/${app.name}-${app.version}_developer.zip"
basedir="${dist.home}/temp"/>
<delete dir="${dist.home}/temp" includeemptydirs="true"/>
</target>
<!--Build patch release -->
<target name="BuildPatch_release" depends="clean, compile"
@ -279,8 +177,8 @@
</target>
<!-- Build J2EE Lab Environment release -->
<target name="Build_DeveloperLab_Env" depends="clean"
description="Builds J2EE Course release">
<target name="Build_DeveloperLab_Release" depends="clean"
description="Builds J2EE Developer Course release">
<!-- Build the WebGoat WAR with the desired properties file -->
<ant dir="${app.home}" inheritAll="false">
@ -291,16 +189,16 @@
<antcall target="DeployWar"> </antcall>
<!-- Build the CD image -->
<zip destfile="${dist.home}/${ant.project.name}.zip">
<zip destfile="${dist.home}/${ant.project.name}-DeveloperLab-${app.version}.zip">
<zipfileset dir="." prefix="${install.home}"
includes="eclipse/, java/, project/, FirefoxPortable/, Paros/, tomcat/, webscarab/,
eclipse.bat, webgoat.bat, webgoat_8080.bat, webscarab.bat,
*.txt, Eclipse-Workspace.zip"
Read*.txt, HOW*.txt, eclipse.bat, webgoat.bat, webgoat_8080.bat, webscarab.bat,
Eclipse-Workspace.zip"
excludes="project/.*, project/.settings/**, project/dist/**, project/owasp_distributions/**, project/bin/**, project/build/**"/>
</zip>
</target>
<target name="Build_Class_Env" depends="clean"
<target name="Build_Class_Release" depends="clean"
description="Builds WebGoat Course release">
<!-- Build the WebGoat WAR with the desired properties file -->
@ -312,28 +210,59 @@
<antcall target="DeployWar"> </antcall>
<!-- Build the CD image -->
<zip destfile="${dist.home}/${ant.project.name}.zip">
<zip destfile="${dist.home}/${ant.project.name}-Class-${app.version}.zip">
<zipfileset dir="." prefix="${install.home}"
includes="java/, tomcat/, FirefoxPortable/, Paros/, webscarab/, webgoat.bat, webgoat_8080.bat, webscarab.bat"
excludes="project/.*, project/.settings/**, project/dist/**, project/owasp_distributions/**, project/bin/**, project/build/**"/>
</zip>
</target>
<!--Build all release -->
<target name="Build_OWASP_Release" depends="clean_all"
<!-- Build OWASP Developer Lab Environment release -->
<target name="Build_OWASP_DeveloperLab_release" depends="clean"
description="Builds OWASP Developer release">
<!-- Build the WebGoat WAR with the desired properties file -->
<ant dir="${app.home}" inheritAll="false">
<target name="WebGoatPropertiesOWASP"/>
<target name="BuildWar"/>
</ant>
<antcall target="DeployWar"> </antcall>
<!-- Build the CD image -->
<zip destfile="${dist.home}/${ant.project.name}-OWASP_Developer-${app.version}.zip">
<zipfileset dir="." prefix="${install.home}"
includes="eclipse/, java/, project/, tomcat/,
read*.txt, HOW*.txt, eclipse.bat, webgoat.bat, webgoat_8080.bat, webscarab.bat,
Eclipse-Workspace.zip"
excludes="project/.*, project/.settings/**, project/dist/**, project/owasp_distributions/**, project/bin/**, project/build/**"/>
</zip>
</target>
<target name="Build_OWASP_Standard_Release" depends="clean"
description="Builds WebGoat OWASP release">
<!-- Build the WebGoat WAR with the desired properties file -->
<ant dir="${app.home}" inheritAll="false">
<target name="WebGoatPropertiesOWASP"/>
<target name="BuildWar"/>
</ant>
<antcall target="DeployWar"> </antcall>
<!-- Build the CD image -->
<zip destfile="${dist.home}/${ant.project.name}-OWASP_Standard-${app.version}.zip">
<zipfileset dir="." prefix="${install.home}"
includes="java/, tomcat/, read*.txt, webgoat.bat, webgoat_8080.bat"
excludes="project/.*, project/.settings/**, project/dist/**, project/owasp_distributions/**, project/bin/**, project/build/**"/>
</zip>
</target>
<!--Build all OWASP release -->
<target name="Build_ALL_OWASP_Releases" depends="clean_all"
description="Creates all binary distributions for OWASP">
<copy file="${basedir}/readme.txt" tofile="${dist.owasp}/readme.txt"/>
<antcall target="BuildDev_release"> </antcall>
<antcall target="Build_OWASP_Standard_Release"> </antcall>
<copydir dest="${dist.owasp}" src="${dist.home}"/>
<!--
<antcall target="BuildUnixWar_release"> </antcall>
<antcall target="Build_OWASP_DeveloperLab_release"> </antcall>
<copydir dest="${dist.owasp}" src="${dist.home}"/>
-->
<antcall target="BuildWar_release"> </antcall>
<copydir dest="${dist.owasp}" src="${dist.home}"/>
</target>
<!-- ==================== Prepare Target ================================== -->
<!--
@ -348,14 +277,6 @@
<target name="prepare">
</target>
<target name="Start Tomcat"
description="start the Tomcat server">
<exec dir="${basedir}" executable="webgoat.bat" >
</exec>
</target>
</project>

BIN
webgoat/main/project/WebContent/images/header/header.jpg
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 21 KiB

After

Width:  |  Height:  |  Size: 21 KiB

2
webgoat/main/project/WebContent/webgoat.jsp
View File

@ -9,7 +9,7 @@ WebSession webSession = ((WebSession) session.getAttribute("websession"));
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>WebGoat V5.1RC2</title>
<title>WebGoat V5.1</title>
<link rel="stylesheet" href="css/webgoat.css" type="text/css" />
</head>

2
webgoat/main/project/WebContent/webgoat_challenge.jsp
View File

@ -7,7 +7,7 @@
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>WebGoat V5.1RC2</title>
<title>WebGoat V5.1</title>
<link rel="stylesheet" href="css/webgoat_challenge.css" type="text/css" />
</head>

32
webgoat/main/project/build.xml
View File

@ -74,7 +74,7 @@
<property name="app.name" value="WebGoat"/>
<property name="app.path" value="/${app.name}"/>
<property name="app.version" value="5.1_RC2"/> <!-- UPDATE THIS! -->
<property name="app.version" value="5.1"/> <!-- UPDATE THIS! -->
<property name="build.home" value="${basedir}/build"/>
<property name="catalina.home" value="${basedir}/../tomcat"/> <!-- UPDATE THIS! -->
<property name="dist.home" value="${basedir}/dist"/>
@ -228,30 +228,23 @@
app as it was deployed from the WAR. -->
<!-- We must also copy the doc dir into WebContent, for the "how to create a new lesson" lesson -->
<target name="-CopySourceToBuild" depends="prepare" >
<delete dir="${build.home}/JavaSource"/>
<copy todir="${build.home}/JavaSource">
<fileset dir="${basedir}/JavaSource"/>
</copy>
<delete dir="${web.home}/JavaSource"/>
<copy todir="${web.home}/JavaSource">
<fileset dir="${basedir}/JavaSource"/>
</copy>
<delete dir="${web.home}/doc"/>
<copy todir="${web.home}/doc">
<fileset dir="${basedir}/doc"/>
</copy>
</target>
<!-- Copying web-unix.xml to web.xml -->
<!--
<target name="-DELETE_ME_WebXMLunix">
<copy file="${web.home}/WEB-INF/web-unix.xml" tofile="${web.home}/WEB-INF/web.xml" overwrite="yes"/>
<copy file="${web.home}/WEB-INF/web.xml" todir="${web_inf.home}" overwrite="yes"/>
</target>
-->
<!-- Copying web.xml to web-inf/web.xml -->
<target name="-WebXML">
<!--
<copy file="${web.home}/WEB-INF/web-windows.xml" tofile="${web.home}/WEB-INF/web.xml" overwrite="yes"/>
-->
<copy file="${web.home}/WEB-INF/web.xml" todir="${web_inf.home}" overwrite="yes"/>
</target>
@ -287,12 +280,6 @@
<!-- =================== Prepare Distributions ========================== -->
<!-- Create unix WAR file -->
<!--
<target name="DELETE_ME_BuildUnixWar" depends="clean, prepare, compile, -WebXMLunix, -CopyWebToBuild, -CopySourceToBuild, -WarBuild"
description="Create ${app.name}.war binary distribution">
</target>
-->
<!-- Create WAR file -->
<target name="BuildWar" depends="clean, prepare, compile, -WebXML, -CopyWebToBuild, -CopySourceToBuild, -WarBuild"
description="Create ${app.name}.war binary distribution">
@ -313,23 +300,12 @@
<!-- Create build directories as needed -->
<mkdir dir="${build.home}/WEB-INF/classes"/>
<copy todir="${build.home}/doc">
<fileset dir="${basedir}/doc"/>
</copy>
<!-- Copy application resources -->
<copy todir="${build.home}/WEB-INF/classes">
<fileset dir="${src.home}" excludes="**/*.java"/>
</copy>
</target>
<target name="Start Tomcat"
description="start the Tomcat server">
<exec dir="${basedir}" executable="webgoat.bat" >
</exec>
</target>
</project>

30
webgoat/main/readme.txt
View File

@ -1,5 +1,5 @@
********** WebGoat 5.1_RC2
********** 10.09.2007
********** WebGoat 5.1
********** Jan/08/2008
**********
**
** Source Code: http://code.google.com/p/webgoat
@ -41,6 +41,7 @@ CREDITS (Latest release)
Erwin Geirnaert (http://www.zionsecurity.com)
The many people who have sent comments and suggestions...
WHAT'S NEW
* WebGoat is now current at Google code. (http://code.google.com/p/webgoat)
@ -49,11 +50,24 @@ WHAT'S NEW
* Lesson Solutions
* Many upgrades and minor fixes
RELEASES
WebGoat-OWASP_Standard-x.x.zip
- Unzip and run version
- Includes java and tomcat
WebGoat-OWASP_Developer-x.x.zip
- Includes standard version
- Developer version has eclipse and eclipse workspace
INSTALLATION
Windows - (Download, Extract, Double Click Release)
1. unzip the Windows_WebGoat-x.x_Release.zip to your working environment
1. unzip the WebGoat-OWASP_Standard-x.x.zip to your working environment
2. To start Tomcat, browse to the WebGoat directory unzipped above and
double click "webgoat.bat"
3. start your browser and browse to... (Notice the capital 'W' and 'G')
@ -73,7 +87,7 @@ Note: When intercepting requests via a proxy with IE7. You must add a '.' to th
Linux
1. Download and install Java JDK 1.5 from Sun (http://java.sun.com)
2. Unzip the Unix_WebGoat-x.x_Release.zip to your working directory
2. Unzip the WebGoat-OWASP_Standard-x.x.zip to your working directory
3. Set JAVA_HOME to point to your JDK1.5 installation
4. chmod +x webgoat.sh
5. Since the latest version runs on a privileged port, you will need to start/stop WebGoat as root.
@ -86,7 +100,7 @@ Linux
OS X (Tiger 10.4+)
1. Unzip the Unix_WebGoat-x.x_Release.zip to your working directory
1. Unzip the WebGoat-OWASP_Standard-x.x.zip to your working directory
2. chmod +x webgoat.sh
3. Since the latest version runs on a privileged port, you will need to start/stop WebGoat as root.
sudo sh webgoat.sh start
@ -98,8 +112,8 @@ OS X (Tiger 10.4+)
DEVELOPER INSTALLATION
1. Download WebGoat-x.x_developer.zip source distribution
2. Unzip the WebGoat-x.x_developer.zip to your working directory
1. Download WebGoat-OWASP_Developer-x.x.zip source distribution
2. Unzip the WebGoat-OWASP_Developer-x.x.zip to your working directory
3. Follow the directions in HOW TO create the WebGoat workspace.txt
@ -185,4 +199,4 @@ A. Subscribe to the WebGoat mailing list at owasp-webgoat@lists.owasp.org.
Please send questions, comments, suggestions, bugs, etc to webgoat@g2-inc.com
Please send questions, comments, suggestions, bugs, etc to webgoat@owasp.org