dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
347 Commits 11 Branches 78 Tags
5506f1c27906ba8b704a41ed4fdcf36e1a29a05b
Commit Graph

51 Commits

Author SHA1 Message Date
soylentmean
5506f1c279 Fixing wording a smidge. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@372 4033779f-a91e-0410-96ef-6bf7bf53c507
 2009-01-06 20:19:22 +00:00
mayhew64
9331ef0d9a Changes by Chris Roe to fix lesson issues with FireFox. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@371 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-12-17 13:06:29 +00:00
soylentmean
6d1158c40c fixed a typo 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@370 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-12-11 21:15:20 +00:00
mayhew64
f6e994b14e Minor syntax issue with the word prename in the instructions - reported by April King 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@368 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-12-10 23:52:04 +00:00
mayhew64
9d8c58bef3 Removed hardcoded webgoat path for URLs 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@367 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-11-21 16:57:23 +00:00
mayhew64
bab1f6aeb7 Reported by dwpoon, Yesterday (17 hours ago) 
I would like to submit the attached patch to avoid hard-coding
"/WebGoat" as the webapp's context path, at least for the HTTP splitting
lesson.  This issue has also been reported in July 2007; see
https://lists.owasp.org/pipermail/owasp-webgoat/2007-July/000432.html

Also see Issue 15 http://code.google.com/p/webgoat/issues/detail?id=15


git-svn-id: http://webgoat.googlecode.com/svn/trunk@366 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-11-21 12:57:14 +00:00
brandon.devries
5337ef31ff minor bug fixes and enhancements, including proper dollar value formatting 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@364 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-08-14 14:31:17 +00:00
brandon.devries
4c242f52dc minor changes and improving display issues 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@362 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-08-12 17:36:30 +00:00
brandon.devries
a3990f549e some cleanup, and removing unneeded ClassNotFoundExceptions 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@361 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-08-12 14:33:22 +00:00
brandon.devries
2203a1ebd2 corrected spelling and some formatting 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@360 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-08-11 14:39:09 +00:00
brandon.devries
ba6560b24a Formatting according to OWASP WebGoat Java Style 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@359 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-08-05 17:32:17 +00:00
mayhew64
d849168ce1 Smaller eclipse workspace 
Changed workspace name to reflect WebGoat 
Added the video solutions link
Update readmen to reflect contributions and new stuff

git-svn-id: http://webgoat.googlecode.com/svn/trunk@355 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-07-12 15:40:13 +00:00
sherif.fathy
c8908f6911 Actually, I think the problem was happening because the lesson was returning the lesson HTML again incase of incorrect key to eval was throwing an error trying to evaluate a whole bunch of HTML. Fixed this by catching the exception and showing an appropriate message. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@354 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-07-12 05:56:41 +00:00
mayhew64
fbf2a079c8 Added bug report 
Added message for missing solutions
Minor edits to lesson plans

git-svn-id: http://webgoat.googlecode.com/svn/trunk@353 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-07-11 00:05:05 +00:00
mayhew64
ec95ba4089 Separated DB usage for messages in CSRF and Stored XSS 
Many cosmetic english changes
Fixed IE rendering for Challenge
 

git-svn-id: http://webgoat.googlecode.com/svn/trunk@350 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-07-09 00:17:20 +00:00
mayhew64
b0ade9782e Minor 5.2 changes. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@349 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-05-13 03:44:40 +00:00
mayhew64
429fd7b0a9 Alphabetized categories 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@347 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-05-12 13:10:17 +00:00
mayhew64
9071b86a59 Reorder categories to be alphabetized 
Changed unvalidated input to parameter tampering

git-svn-id: http://webgoat.googlecode.com/svn/trunk@346 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-22 16:45:29 +00:00
mayhew64
243f8ca360 Minor fixes 
removed many System.out.printlns
delete extra solutions directory - wrong location
added 5.2 credits

git-svn-id: http://webgoat.googlecode.com/svn/trunk@344 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-22 15:34:54 +00:00
wirth.marcel
314c350079 Minor changes... Tan gets now only updatet after it was correct 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@341 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-18 08:38:51 +00:00
wirth.marcel
2649bcb086 Session Fixation instructions altered 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@340 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-15 09:43:34 +00:00
wirth.marcel
e2ca7f9a33 Minor Bugfixes 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@338 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-14 13:28:25 +00:00
wirth.marcel
80d07fb62c Minor fixes 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@337 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-14 12:03:55 +00:00
wirth.marcel
8182db6dc4 InsecureLogin Credits added. Instructions changed 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@335 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-14 08:35:33 +00:00
wirth.marcel
40a997f6be SessionFixation and TomcatSetup edited 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@333 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-14 07:50:12 +00:00
wirth.marcel
55b36e911b InsecureLogin finished 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@327 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-13 22:17:07 +00:00
wirth.marcel
b24d805e93 Minor changes 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@326 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-13 22:16:35 +00:00
wirth.marcel
67f2783430 CreateDB altered for insecure_communication altered 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@325 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-13 17:18:36 +00:00
wirth.marcel
053112e7e0 Insecure Communication added 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@324 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-13 17:05:51 +00:00
wirth.marcel
1fca79e494 Warnings fixed: 
Unneded imports deleted
Never read variables deleted

git-svn-id: http://webgoat.googlecode.com/svn/trunk@323 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-13 15:15:09 +00:00
wirth.marcel
265475391e Tomcat Setup instructions added 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@318 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-13 09:26:15 +00:00
wirth.marcel
dc9daba1c0 SessionFixation completed 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@317 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-12 08:28:54 +00:00
wirth.marcel
acaccaa9b9 Minor fixes 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@316 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-12 08:20:46 +00:00
wirth.marcel
789d72e589 Session Fixation bugfix 
MultiLevelLogin2 bugfix

git-svn-id: http://webgoat.googlecode.com/svn/trunk@315 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-10 08:52:11 +00:00
wirth.marcel
7a0f43ca56 Session Fixation 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@311 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-09 14:09:31 +00:00
wirth.marcel
361e142442 MultiLevelLogin2 database 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@310 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-09 12:05:28 +00:00
wirth.marcel
fa0c7eff8a MultiLevelLogin1 database changes 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@309 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-09 12:02:15 +00:00
wirth.marcel
aa23f8169b Hint 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@308 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-09 11:54:02 +00:00
wirth.marcel
6119e33ccc Hint 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@307 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-09 11:52:03 +00:00
wirth.marcel
c4092d2669 Session Fixation 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@306 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-09 11:51:04 +00:00
wirth.marcel
ee6d8ad2d5 MultiLevel Login1 fix 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@305 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-09 11:49:56 +00:00
wirth.marcel
db7994052f Hints are declared now 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@304 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-08 11:40:36 +00:00
wirth.marcel
eabdc53709 MultiLevelLogin 2 data stored now in session 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@303 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-08 07:51:47 +00:00
wirth.marcel
aec76a30e4 MultiLevel Login 1 user name and so on now saved in the session 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@302 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-08 07:25:14 +00:00
wirth.marcel
82e32acb77 * Hints added 
* Solutions added
* Bugfixes
* Introduction added (including how to start with webgoat and useful tools)
* New lesson: Password strength
* New lessons: Multi Level Login
* Not yet working new lesson: Session fixation (inital release)

git-svn-id: http://webgoat.googlecode.com/svn/trunk@301 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-07 14:28:38 +00:00
mayhew64
ce703bc67d Fix for Issue 5. Removed single ticks on hint for order by clause. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@295 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-04 12:54:36 +00:00
mayhew64
99ec50f096 Issue 6 Fix - Change netstat protocols to lower case to support unix. Some windows protocols will not work on unix. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@294 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-04-04 12:33:17 +00:00
mayhew64
841c995be7 Reformat of Java source. Added JavaStyle format definitions. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@287 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-02-27 00:29:19 +00:00
mayhew64
80c1b16f3e Changed ExecuteQuery to executeUpdate to remove empty result set error which stopped the lesson from working for HSQLDB 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@276 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-02-05 21:24:20 +00:00
rogan.dawes
f7a19f534c Miscellaneous bug fixes 
divide by zero, inaccurate discount and totals, reflection of user input


git-svn-id: http://webgoat.googlecode.com/svn/trunk@273 4033779f-a91e-0410-96ef-6bf7bf53c507
 2008-01-14 14:02:11 +00:00