dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
145 Commits 11 Branches 78 Tags
Commit Graph

145 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
deige101@gmail.com
1477c99bc2 Updated the Aspect logo 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@438 4033779f-a91e-0410-96ef-6bf7bf53c507
 2012-01-02 18:40:31 +00:00
sherif.fathy@gmail.com
ba97e884a4 Corrected information related to credits. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@437 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-09-29 00:32:56 +00:00
x71c4l@gmail.com
4059bb5d33 Added Buffer Overflow lesson, added and updated solutions, fixed errors in lessons preventing them from being completed correctly 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@436 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-08-12 03:00:27 +00:00
x71c4l@gmail.com
be8b4311e0 Fixed source code installation problem where default language didn't set correctly. Also updated the readme 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@435 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-07-27 04:15:58 +00:00
x71c4l
1a1e7125be Updated readme to clarify build instructions. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@434 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-07-15 14:09:18 +00:00
white.tiger.russia@gmail.com
c30d4650fd Web Services 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@433 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-06-02 12:17:37 +00:00
white.tiger.russia@gmail.com
312a10d577 Translated plans for chapter "Session Management Flaws" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@432 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-06-02 11:20:26 +00:00
white.tiger.russia@gmail.com
f35779571c Translated plans for chapter "Parameter Tampering" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@431 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-06-02 04:34:00 +00:00
white.tiger.russia@gmail.com
4ac799c702 Translated plans for chapters "Insecure Communication", "Insecure Configuration", "Insecure Storage" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@430 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-31 14:42:58 +00:00
white.tiger.russia@gmail.com
d10e7bdf00 Translated plans for chapters "Denial of service", "Improper Error Handling", "Injection Flaws" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@429 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-31 13:33:49 +00:00
white.tiger.russia@gmail.com
22a8385c77 Translated plans from chapter 'Cross-Site scriptiong' 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@428 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-25 14:01:58 +00:00
white.tiger.russia@gmail.com
a66e8d4c78 Translated materials from chapters 'Buffer Overflows','CodeQuality','Concurrency' 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@427 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-24 13:59:24 +00:00
white.tiger.russia@gmail.com
17c1c68525 Translated chapter 'Authentification flaws' 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@426 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-24 11:02:50 +00:00
white.tiger.russia@gmail.com
443f7e7e75 Translated chapter 'AJAX Security' 
Fixed small error in Http Basics lesson

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@425 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-23 14:58:39 +00:00
white.tiger.russia@gmail.com
f0978e6422 Russian translate of labels (UTF-8) 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@424 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-22 18:41:10 +00:00
white.tiger.russia@gmail.com
f119ac120d Chapter "Access control flaws" translated on Russian (UTF-8) 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@423 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-22 12:27:37 +00:00
white.tiger.russia@gmail.com
23f0a2ef33 Translated chapters "Introduction" and "General" on Russian language 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@422 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-22 11:32:12 +00:00
white.tiger.russia@gmail.com
06a0e50dfe Create directories ru/en/de and copy there plans of lessons. In ru-directory i put english files for translate them in future. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@421 4033779f-a91e-0410-96ef-6bf7bf53c507
 2011-05-22 11:22:28 +00:00
mayhew64@gmail.com
b306d4a20c Changed google checkout text 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@420 4033779f-a91e-0410-96ef-6bf7bf53c507
 2010-11-17 18:03:06 +00:00
mariethuynh
4aef25a58d typo 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@419 4033779f-a91e-0410-96ef-6bf7bf53c507
 2010-03-28 02:08:12 +00:00
mariethuynh
39d99eb5d7 fixed URL, typos 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@418 4033779f-a91e-0410-96ef-6bf7bf53c507
 2010-03-23 00:31:43 +00:00
mayhew64@gmail.com
26a90ec2be Added a step to add the lesson plan for new lessons 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@417 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-11 19:42:29 +00:00
mayhew64@gmail.com
7e200c921d Fixed new lesson instructions location to match new file structure 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@416 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-11 18:45:30 +00:00
mayhew64@gmail.com
c3908e8700 More readme tweaks, fixed the delete command in the SQL Server startup 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@413 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-11 04:04:25 +00:00
mayhew64@gmail.com
0f3cc19b11 Slight mods to add unzip and click to run instructions 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@412 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-11 03:58:29 +00:00
mayhew64@gmail.com
e78ea07b3f Minor changes to missing internationalization text and startup scripts. Removed internationalization choices for lessons that don't support it 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@411 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-11 03:34:14 +00:00
mayhew64@gmail.com
d48519d1ec Fixed some broken formatting on screen layout, added the Malicious code to the hidden lessons until real lessons can be built 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@410 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-09 03:58:08 +00:00
mayhew64@gmail.com
5394b0d8a1 General cleanup of lesson, removed sub credit from csrf lesson, add cam credit as lesson contributor 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@409 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-09 01:49:41 +00:00
mayhew64@gmail.com
c35169291b Added some detail to the readme and moved some docs that are no longer relevant to the attic. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@408 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-09 01:07:55 +00:00
ch.ko123
34abecdbe5 added configuration for starting Tomcat from Maven 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@407 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-08 16:43:00 +00:00
ch.ko123
98fe279dc7 moved scripts to main/scrips and remaining stuff to doc 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@406 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-05 21:03:36 +00:00
ch.ko123
c46d490726 removed jars, as dependencies are now pulled from the maven repo 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@405 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-05 20:30:23 +00:00
ch.ko123
b1d23b4140 make webgoat run on tomcat 5.5 again 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@404 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-05 20:00:55 +00:00
ch.ko123
a4e0b6b101 added paragraph about tomcat to README.txt 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@403 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-02 22:40:20 +00:00
ch.ko123
01bf6ea303 added wtp configuration to pom 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@402 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-02 22:20:12 +00:00
ch.ko123
01e5cf37d9 moved doco 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@401 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 21:12:40 +00:00
ch.ko123
68ba7cab13 moved doc folder 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@400 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 20:06:23 +00:00
ch.ko123
5b56b4f15d updated readme 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@399 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 19:44:33 +00:00
ch.ko123
aa49ad4cd6 removed xml-apis from pon 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@398 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 18:45:25 +00:00
ch.ko123
7d2327dfd9 README.txt for Maven build added 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@397 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 16:01:47 +00:00
ch.ko123
e3d3946862 moved property files to src/main/resources 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@396 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 15:08:35 +00:00
ch.ko123
adad8cf836 added resources dir, removed catalina.jar which is only a build dependency 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@395 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 12:51:57 +00:00
ch.ko123
5119e65791 renamed main->src regarding to Maven conventions 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@394 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 11:54:43 +00:00
ch.ko123
c1f2360a35 renamed project->main regarding to Maven conventions 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@393 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 11:16:30 +00:00
ch.ko123
f99fad493c renamed JavaSource -> java, WebContent -> webapp regarding to Maven convention 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@392 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 11:04:59 +00:00
ch.ko123
6cc4a44d86 restored setAdmin method removed in r389 to make the trunk compile again 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@391 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-11-01 10:39:29 +00:00
chuck@securityfoundry.com
1c02094545 Added 3 new lessons. Some strings are in the properties files, but not all. Modified CreateDB.java in order to create a new salaries table used by the new SQL injection lessons. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@390 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-10-30 04:53:19 +00:00
mjawurek
1dc6c799a7 A first attempt at internationalization of WebGoat. For complete internationalization WebGoat needs two things: 
1. Every text passage/label that appears in lessons must independent of the current language set for WebGoat.
2. Every lesson plan and solutions must be translated for each supported language.
Number 1 is achieved by using webgoat/util/WebgoatI18N.java and by having every output routed through this piece of code. You no longer say hints.add("Lesson Hint 1"); or ....addElement("Shopping Cart")) but you in the lesson you say hints.add(WebGoatI18N.get("Lesson Hint1")) or ....addElement(WebGoatI18N.get("Shopping Cart"). Then WebGoatI18N looks up the corresponding string for the language set as the current lanuage and returns it.
Number 2 is achieved by having subdirectories in lesson_plans corresponding to every language. That means, a lesson that has been translated to Spanish and German will be found in lesson_plans/English and lesson_plans/Spanish and lesson_plans/German.

This is how WebGoat finds out about available languages: in Course.java in loadResources() it looks for lesson plans.
Unlike before, now a lesson plan can be found multiple times in different "language" directories. So for every directory the lesson plan is found in, WebGoat associates this language with the lesson and also lets WebGoatI18N load the appropriate WebGoatLabels_$LANGAUGE$.properties file which contains the translations of labels.
So this is what you have to do for a new language:
First of all, you have to copy and translate every lesson plan that you need in the new language, and then you also have to create a WebGoatLabels_$LANGUAGE$.properties file with that labels that will be used in these lessons. Atm WebGoat crashes throws an exception when a label is missing but this can be sorted out quickly. 

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@389 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-10-26 15:58:15 +00:00
mayhew64@gmail.com
59abed1dde Malcode samples - need to turn into lessons 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@388 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-10-26 11:24:12 +00:00
cam.morris
c3fe7cece9 Including one small documentation change: giving credit to Sherif Koussa's original CSRF lesson 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@387 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-10-23 21:29:42 +00:00