Commit Graph

3028 Commits

Author SHA1 Message Date
2748e80d0d Make mySession a method scoped variable, not an instance var
This should fix a concurrency bug, although it is unlikely to
be exploitable/exploited


git-svn-id: http://webgoat.googlecode.com/svn/trunk@132 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:48:53 +00:00
294580983d Remove methods tagged DELETE_ME
Also remove associated imports which are no longer used


git-svn-id: http://webgoat.googlecode.com/svn/trunk@131 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:48:43 +00:00
52f23a20f4 Move maintanance of lesson categories from AbstractLesson into Category class
git-svn-id: http://webgoat.googlecode.com/svn/trunk@130 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:48:20 +00:00
747319aab5 Move definition of standard Categories to Category class
Also update all the referring classes


git-svn-id: http://webgoat.googlecode.com/svn/trunk@129 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:48:02 +00:00
5f67544b24 Add mechanism to close DB connections
Oracle ends up refusing connections if we don't close them


git-svn-id: http://webgoat.googlecode.com/svn/trunk@128 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:46:17 +00:00
6f5e7c37f7 Add infrastructure to enable setting of username and password for DB access
git-svn-id: http://webgoat.googlecode.com/svn/trunk@127 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:46:01 +00:00
e19c3353e7 Added a catch block for the "ParameterNotFoundException". Failure to catch this exception lead to an error message when the DOS lesson is viewed.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@125 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-04-05 16:14:39 +00:00
20484796f9 EditProfile.jsp was missing a closing div tag. Removed some unused imports in LessonSource.java
git-svn-id: http://webgoat.googlecode.com/svn/trunk@124 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-04-05 15:33:51 +00:00
adc1387ed2 git-svn-id: http://webgoat.googlecode.com/svn/trunk@123 4033779f-a91e-0410-96ef-6bf7bf53c507 2007-03-22 21:18:07 +00:00
f66d74cd58 Draft for solving the labs
git-svn-id: http://webgoat.googlecode.com/svn/trunk@122 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-03-22 21:01:06 +00:00
25f47916cc Rename CookieCatcher to Catcher
git-svn-id: http://webgoat.googlecode.com/svn/trunk@121 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-03-20 19:05:46 +00:00
e2e98574b5 Detailed new lesson instructions
git-svn-id: http://webgoat.googlecode.com/svn/trunk@120 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-03-19 19:07:00 +00:00
34fca43216 New Phishing Lesson
git-svn-id: http://webgoat.googlecode.com/svn/trunk@119 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-03-19 17:47:37 +00:00
ee6ed2e978 Add FAQ for running WebGoat on your host IP
git-svn-id: http://webgoat.googlecode.com/svn/trunk@118 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-03-09 17:25:55 +00:00
30b00f969f git-svn-id: http://webgoat.googlecode.com/svn/trunk@117 4033779f-a91e-0410-96ef-6bf7bf53c507 2007-02-26 03:43:30 +00:00
a2abbfaf1e Changed tag case. removed unused import
git-svn-id: http://webgoat.googlecode.com/svn/trunk@116 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-02-25 18:39:38 +00:00
d8680dcfc3 Removed credit from New Lesson. Removed extra "." from start page
git-svn-id: http://webgoat.googlecode.com/svn/trunk@115 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-02-22 01:09:43 +00:00
81582162d3 Modified intro text to be consistent in size with new logos. Modified credits in BlindSqlInjection.java.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@114 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-02-06 15:32:12 +00:00
5408328434 git-svn-id: http://webgoat.googlecode.com/svn/trunk@113 4033779f-a91e-0410-96ef-6bf7bf53c507 2007-02-05 23:04:24 +00:00
6dc383b7b4 Modified all "Aspect" lessons to include the Aspect logo. The logo links to http://aspectsecurity.com. Moved the "OWASP" logo and added an Aspect logo on the main.jsp page. Adjusted the padding of the "warning" text to prevent "Start" button overlap.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@112 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-02-02 17:56:23 +00:00
e735aea7b0 Modified getCustomCredits() to utilize "Element" instead of "IMG". This allows for more flexible control over the lovely credits.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@111 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-02-02 15:23:43 +00:00
dda693f0ff Modified final hint to point to the correct mapping (/conf instead of /config). Minor code syntax cleanup
git-svn-id: http://webgoat.googlecode.com/svn/trunk@110 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-02-02 15:04:37 +00:00
e748aa0e90 Changed mac_Logo.gif to macadamian.gif. Added forced browsing servlet to the appropriate web.xml files. Enhanced readme files
git-svn-id: http://webgoat.googlecode.com/svn/trunk@109 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-31 15:44:38 +00:00
ca46354077 Minor Cleanup of imports and user guide url
git-svn-id: http://webgoat.googlecode.com/svn/trunk@105 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-30 23:36:21 +00:00
0ab3ad8293 git-svn-id: http://webgoat.googlecode.com/svn/trunk@104 4033779f-a91e-0410-96ef-6bf7bf53c507 2007-01-30 16:24:15 +00:00
404e3f8b19 Changed title to "How to Perform Cross Site Tracing (XST) Attacks"
git-svn-id: http://webgoat.googlecode.com/svn/trunk@103 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-26 19:47:54 +00:00
82371bf0d9 Changed title (back?) to "Tracing".
git-svn-id: http://webgoat.googlecode.com/svn/trunk@102 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-26 19:43:43 +00:00
dce06730f9 minor grammar fix.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@101 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-26 19:36:52 +00:00
ccd2f8cc33 added the Aspect logo
git-svn-id: http://webgoat.googlecode.com/svn/trunk@100 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-26 19:15:20 +00:00
f5dfc0698d change all instances of "trace" to "tracing"
git-svn-id: http://webgoat.googlecode.com/svn/trunk@99 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-26 19:06:42 +00:00
af66f4ff00 Minor grammar fixes.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@98 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 20:41:41 +00:00
f86af29210 Minor grammar fixes.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@97 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 20:35:06 +00:00
08a56ce78c Added Aspect logo.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@96 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 20:22:47 +00:00
f9caf9b7c0 Added Aspect logo.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@95 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 20:22:07 +00:00
bce99008fb Added Aspect logo.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@94 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 20:21:24 +00:00
90f78d3730 Added Aspect logo.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@93 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 20:20:51 +00:00
b2f13da6c4 Added another column for the pts.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@92 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 20:11:16 +00:00
e0479efb65 Minor grammar fix.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@91 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 19:42:25 +00:00
94ee4db701 Minor grammar fix.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@90 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 19:39:33 +00:00
8c4d4d13b3 Added XST in the title.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@89 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 19:38:06 +00:00
6581a2ab4e Minor grammar fix.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@88 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 19:35:30 +00:00
3579be2519 Minor grammar fixes.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@87 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 19:34:46 +00:00
62ab99b291 Minor grammar fixes.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@86 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 19:32:24 +00:00
5dbb0ca372 Minor Syntax cleanup.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@85 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 19:31:50 +00:00
9db0e6eeb3 Modified the logo again
git-svn-id: http://webgoat.googlecode.com/svn/trunk@84 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-25 02:08:28 +00:00
e0354c1e25 Removed the "NewLessons" category. NewLesson is now the first in the "General" list.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@83 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-24 19:16:19 +00:00
2266361186 Modified the default ranking such that CSRF can have its correct spot in the lesson ranking scheme.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@82 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-24 19:10:19 +00:00
e121871396 Modified the ranking of the lessons. CSRF has been moved to "Broken Access Control"
git-svn-id: http://webgoat.googlecode.com/svn/trunk@81 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-24 19:09:24 +00:00
38e9a8967b Added the AoC logo
git-svn-id: http://webgoat.googlecode.com/svn/trunk@80 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-24 05:10:43 +00:00
5188039079 fixed a bug with the forced browsing lesson
git-svn-id: http://webgoat.googlecode.com/svn/trunk@79 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-01-24 04:25:08 +00:00