dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
141 Commits 11 Branches 78 Tags
Commit Graph

73 Commits

Author SHA1 Message Date
rogan.dawes
51cc4fb0b4 Take a simple approach to add direct stage access. 
Make it a numerical stage indicator. This allows the person to skip a stage
if they choose to, but it will effectively be marked as completed.


git-svn-id: http://webgoat.googlecode.com/svn/trunk@145 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:53:54 +00:00
rogan.dawes
e6fcd4176c Make it possible to return per-stage hints 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@144 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:53:34 +00:00
rogan.dawes
d39975c299 Minor fixes - unused imports and generics 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@143 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:52:09 +00:00
rogan.dawes
eaf12c706c Create WebgoatContext in HammerHead, rather than WebSession 
Now webgoatContext should effectively be a singleton, shared across
all WebSession instances. WebSession now initialises from WebgoatContext.

WebSession methods that refer to static "site wide" properties are deeted
and references to them updated to point to WebgoatContext


git-svn-id: http://webgoat.googlecode.com/svn/trunk@141 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:51:26 +00:00
rogan.dawes
53487970f6 Unify DatabaseUtilities.makeConnection() 
Remove the hack to support Web services lessons that do not have a WebSession
Now that they have their own reference to WebgoatContext, they do not need one


git-svn-id: http://webgoat.googlecode.com/svn/trunk@140 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:51:01 +00:00
rogan.dawes
ada66dae10 Pass webgoatContext to AbstractLesson, so all lessons can know their environment 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@139 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:50:36 +00:00
rogan.dawes
294580983d Remove methods tagged DELETE_ME 
Also remove associated imports which are no longer used


git-svn-id: http://webgoat.googlecode.com/svn/trunk@131 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:48:43 +00:00
rogan.dawes
52f23a20f4 Move maintanance of lesson categories from AbstractLesson into Category class 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@130 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:48:20 +00:00
rogan.dawes
747319aab5 Move definition of standard Categories to Category class 
Also update all the referring classes


git-svn-id: http://webgoat.googlecode.com/svn/trunk@129 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-07-10 11:48:02 +00:00
esheri3
e19c3353e7 Added a catch block for the "ParameterNotFoundException". Failure to catch this exception lead to an error message when the DOS lesson is viewed. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@125 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-04-05 16:14:39 +00:00
mayhew64
e2e98574b5 Detailed new lesson instructions 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@120 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-03-19 19:07:00 +00:00
mayhew64
34fca43216 New Phishing Lesson 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@119 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-03-19 17:47:37 +00:00
sherif.fathy
30b00f969f git-svn-id: http://webgoat.googlecode.com/svn/trunk@117 4033779f-a91e-0410-96ef-6bf7bf53c507 2007-02-26 03:43:30 +00:00
mayhew64
a2abbfaf1e Changed tag case. removed unused import 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@116 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-02-25 18:39:38 +00:00
mayhew64
d8680dcfc3 Removed credit from New Lesson. Removed extra "." from start page 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@115 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-02-22 01:09:43 +00:00
mayhew64
81582162d3 Modified intro text to be consistent in size with new logos. Modified credits in BlindSqlInjection.java. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@114 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-02-06 15:32:12 +00:00
esheri3
6dc383b7b4 Modified all "Aspect" lessons to include the Aspect logo. The logo links to http://aspectsecurity.com. Moved the "OWASP" logo and added an Aspect logo on the main.jsp page. Adjusted the padding of the "warning" text to prevent "Start" button overlap. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@112 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-02-02 17:56:23 +00:00
esheri3
e735aea7b0 Modified getCustomCredits() to utilize "Element" instead of "IMG". This allows for more flexible control over the lovely credits. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@111 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-02-02 15:23:43 +00:00
esheri3
dda693f0ff Modified final hint to point to the correct mapping (/conf instead of /config). Minor code syntax cleanup 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@110 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-02-02 15:04:37 +00:00
mayhew64
e748aa0e90 Changed mac_Logo.gif to macadamian.gif. Added forced browsing servlet to the appropriate web.xml files. Enhanced readme files 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@109 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-31 15:44:38 +00:00
mayhew64
ca46354077 Minor Cleanup of imports and user guide url 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@105 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-30 23:36:21 +00:00
esheri3
404e3f8b19 Changed title to "How to Perform Cross Site Tracing (XST) Attacks" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@103 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-26 19:47:54 +00:00
esheri3
dce06730f9 minor grammar fix. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@101 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-26 19:36:52 +00:00
esheri3
ccd2f8cc33 added the Aspect logo 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@100 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-26 19:15:20 +00:00
esheri3
af66f4ff00 Minor grammar fixes. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@98 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 20:41:41 +00:00
esheri3
08a56ce78c Added Aspect logo. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@96 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 20:22:47 +00:00
esheri3
f9caf9b7c0 Added Aspect logo. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@95 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 20:22:07 +00:00
esheri3
bce99008fb Added Aspect logo. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@94 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 20:21:24 +00:00
esheri3
90f78d3730 Added Aspect logo. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@93 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 20:20:51 +00:00
esheri3
b2f13da6c4 Added another column for the pts. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@92 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 20:11:16 +00:00
esheri3
8c4d4d13b3 Added XST in the title. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@89 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 19:38:06 +00:00
esheri3
6581a2ab4e Minor grammar fix. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@88 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 19:35:30 +00:00
esheri3
5dbb0ca372 Minor Syntax cleanup. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@85 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 19:31:50 +00:00
sherif.fathy
9db0e6eeb3 Modified the logo again 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@84 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-25 02:08:28 +00:00
esheri3
e0354c1e25 Removed the "NewLessons" category. NewLesson is now the first in the "General" list. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@83 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-24 19:16:19 +00:00
esheri3
2266361186 Modified the default ranking such that CSRF can have its correct spot in the lesson ranking scheme. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@82 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-24 19:10:19 +00:00
esheri3
e121871396 Modified the ranking of the lessons. CSRF has been moved to "Broken Access Control" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@81 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-24 19:09:24 +00:00
sherif.fathy
38e9a8967b Added the AoC logo 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@80 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-24 05:10:43 +00:00
esheri3
16e1bfb9c5 changed from "WebGoat WSDL" to "WebGoat WSDL File" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@75 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-23 15:37:00 +00:00
esheri3
88553e25f2 Minor spelling issue in hint. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@71 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-22 20:14:43 +00:00
esheri3
edbd6446b6 Very minor spacing issue. Commented out a nbsp and modified the contact information to utilize two columns. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@66 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-22 18:45:32 +00:00
esheri3
f6d5fbfc50 I was getting an empty string and a ".svn" file in the "Help File" drop-down box. Modified parseResults() to ensure that the file is not an empty string and the file ends with ".help" 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@65 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-22 18:33:50 +00:00
mayhew64
8b51818508 Changed remaining contact information to reference an email address I receive (webgoat@g2-inc.com) 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@61 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-16 18:29:06 +00:00
mayhew64
fd9b60f98e Added some files required to build OWASP release. 
Modified License text and format to reflect GPL license.
Reformatted most of the code.

git-svn-id: http://webgoat.googlecode.com/svn/trunk@60 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-16 14:56:40 +00:00
sherif.fathy
036964495b Fixed comments by Bruce 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@59 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-11 05:14:09 +00:00
sherif.fathy
2fdf823259 Changed BackDoors lessons to be a little bit clearer, added more hints. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@58 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-31 07:35:58 +00:00
sherif.fathy
c469a8b0a1 Fixed HttpSplitting and CSRF per Bruce's requests 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@57 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-31 06:32:32 +00:00
sherif.fathy
ae225126ae Changed CSRF per Bruce's comments 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@56 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-30 17:30:30 +00:00
sherif.fathy
63043b0f34 Modified Silent Transactions and XML Injection lesson per Bruce's comments 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@55 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-30 08:07:48 +00:00
sherif.fathy
ba38b57a44 Modified DOMInjection per Bruce's comments 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@54 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-29 16:43:59 +00:00