dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

InsecureLogin solution edited

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@334 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel 2008-04-14 08:33:30 +00:00
parent 40a997f6be
commit efd77a001e
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webgoat/main/project/WebContent/lesson_solutions/InsecureLogin.html
View File

@ -34,10 +34,10 @@ is free: <a href="http://www.wireshark.org/"> Wireshark</a>. Make sure
you are capturing on the right interface. Click on you are capturing on the right interface. Click on
the submit button ans stop the capturing. Now analyze the captured data.</p> the submit button ans stop the capturing. Now analyze the captured data.</p>
<div align="center"> <div align="center">
<img src="stub"> <img src="lesson_solutions/InsecureLogin_files/wireshark1.png"><br>
<font size="2"> <b>Figure 1: Sniffed Traffic</b></font> <font size="2"> <b>Figure 1: Sniffed Traffic</b></font>
</div> </div>
<p>As you can see we are interested in the HTTP Post request (marked blue) as <p>As you can see we are interested in the HTTP Post request as
the password is transmitted there. The field for the password has the password is transmitted there. The field for the password has
the name clear_pass and has as value sniffy. Of course the name clear_pass and has as value sniffy. Of course
this is also the correct answer and you are done with stage 1.</p> this is also the correct answer and you are done with stage 1.</p>

BIN
webgoat/main/project/WebContent/lesson_solutions/InsecureLogin_files/wireshark1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 136 KiB