dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor grammar fixes.

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@97 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
esheri3
2007-01-25 20:35:06 +00:00
parent 08a56ce78c
commit f86af29210
3 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat/main/project/WebContent/lesson_plans/JSONInjection.html
View File

@ -17,7 +17,7 @@ However, JSON, like XML is prone to Injection attacks. A malicious attacker can
<p><b>General Goal(s):</b> </p>
<!-- Start Instructions -->
* You are traveling from Boston, MA- Airport code BOS to Seattle, WA - Airport code SEA.<br>
* Once you enter the three digits code of the airport, an AJAX request will be executed asking for the tickets price.<br>
* Once you enter the three digit code of the airport, an AJAX request will be executed asking for the ticket price.<br>
* You will notice that there are two flights available, an expensive one with no stops and another cheaper one with 2 stops.<br>
* Your goal is to try to get the one with no stops but for a cheaper price.
<!-- Stop Instructions -->

4
webgoat/main/project/WebContent/lesson_plans/NewLesson.html
View File

@ -11,10 +11,10 @@ for a new lesson, follow these few simple instructions to implement it:<br><br>
* You need to add two files for each new lesson: <br>
&nbsp;&nbsp;- YourLesson.java to org.owasp.webgoat.lessons<br>
&nbsp;&nbsp;- YourLesson.html to WebContent/lesson_plans<br><br>
* YourLesson class implmenet LessonAdapter and override the following methods:<br>
* YourLesson class must implement LessonAdapter and override the following methods:<br>
&nbsp;- createContent: Use the <a href="http://jakarta.apache.org/site/downloads/downloads_ecs.cgi">ECS package</a> to develop HTML presented to the user.<br>
&nbsp;- getCategory: Returns the category for which this lesson belongs (XSS, Injection flaws..etc)<br>
&nbsp;- getHints: List of hints you would like to pass on to the users to point them to right direction.<br>
&nbsp;- getHints: List of hints you would like to pass on to the users to point them in the right direction.<br>
&nbsp;- getTitle: The title for your new lesson.<br>
&nbsp;- getCredits: Your name goes here.<br><br>

4
webgoat/main/project/WebContent/lesson_plans/SilentTransactions.html
View File

@ -17,8 +17,8 @@ so an injected attack script may be able to steal money from the client without
</div>
<p><b>General Goal(s):</b> </p>
<!-- Start Instructions -->
* This is a sample internet banking application - money transfers page.<br>
* This is a sample internet banking application - money transfer page.<br>
* It shows below your balance, the account you are transferring to and amount you will transfer.<br>
* The application uses AJAX to submit the transaction after doing some basic client side validations.<br>
* Your goal is to try to bypass the user's authorization and silently execute the transaction<br>
* Your goal is to try to bypass the user's authorization and silently execute the transaction.<br>
<!-- Stop Instructions -->