9dea696c4c
added int test for IDOR and fixed green button issue ( #801 )
2020-04-29 12:12:11 +02:00
2398949396
added ace js for java
2020-04-28 09:33:54 +02:00
88eb4d7b26
ace editor added without all the nonsense around it
2020-04-26 16:45:56 +02:00
089952e9ad
quiz fix for CIA, SQL Injection Advanced and XSS + XSS description
...
change in alert(document.cookie)
2020-04-17 15:33:26 +02:00
b8abc99faf
fix for scoreboard after js refactoring
2020-04-08 12:05:01 +02:00
e921fb66a9
actual working version of vulnerable components part 5
2020-04-08 12:05:01 +02:00
e25f7a7560
clean up and update js
2020-04-08 12:05:01 +02:00
3ece45b3d4
Fix for not passing the content-type
2020-03-10 08:03:48 +01:00
6b7678fb1d
Remove old files
2020-03-10 08:03:48 +01:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
a8118a14cd
add support for status 403 feedback from e.g. ModSecurity/CRS
2020-02-28 23:06:42 +01:00
edd6b7d7cf
Reset lesson bug ( #741 )
...
* Remove old code from UI
* Remove old code
* Remove old functions
* Remove unnecessary divs
* Remove logging to console
* Clear lesson messages (checkmark, output text etc) when lesson resets
2020-01-05 20:22:50 +01:00
656fa40182
style sheet and advanced sql
2019-07-19 16:49:30 +02:00
27a61f0f70
Reworked and styled quiz
2019-03-26 08:43:38 +01:00
0915bf3d7f
Changed checkboxes to radio buttons, since it is single choice.
...
Moved css to seperate css file.
Made questions clickable not just the checkbox.
Reworked java code.
Work in Progress...
2019-03-26 08:43:38 +01:00
8b61811278
Added doc to quiz js
2019-03-26 08:43:38 +01:00
4cdd649a5a
Added html mode for code editor
2019-03-26 08:43:38 +01:00
3a7601d348
Moved js files to global directory, added id system to question json
2019-03-26 08:43:38 +01:00
bae3e75ae2
Fix minor issues in hint view
2018-06-12 11:02:16 +02:00
89f6a73275
Fix next page button when url doesn't end with page number
2018-06-07 19:07:58 +02:00
dda6f674a3
Last assignment for JWT tokens finished
2018-05-23 14:28:19 +02:00
a73bf58d36
more hintview patching
2018-05-23 13:35:51 +02:00
0ff6000511
wiring jqueryui to vuln jquery #368
2018-05-23 13:35:51 +02:00
91d9db5f80
work-arounds, fixes for page initialization and some clean-up
2018-05-23 13:35:51 +02:00
6a5ca43e7e
Strip out slash-escaped JSON sequence received in client.
...
The server will slash-escape some JSON related characters before sending. Need to strip them out before using, on the client side.
2018-05-02 22:21:22 +02:00
9aa674e326
stringfy object so it's visible in the console
2018-05-02 22:04:25 +02:00
11ffa5702c
Added "WebWolf" enabled to the lessons which support the usage of WebWolf
2018-04-29 15:02:19 +02:00
e422da4c64
Polling for lesson updates (updates the menu and page navigation)
2018-04-27 18:50:13 +02:00
05d8b590f3
Merge tag '8.0.0' into develop
...
Release 8.0.0
2017-12-30 16:52:24 +01:00
157b982394
successFunction and failureFunction were selected by using the main form (so the succesFunction of the first assignment was used for the next assignment) not the currentForm we determined in onFormSubmit() function.
2017-11-17 07:06:56 +01:00
24cf806787
more hints/helps cleanup
2017-10-25 18:05:08 -06:00
c6f1c5cd2a
#351 - using listenToOnce to get rid of redundant calls
2017-10-25 17:11:54 -06:00
46c536554c
- Added new challenges
...
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
2017-09-12 23:12:10 +02:00
f1a104f0ab
merging missing function-level-ac lesson
2017-07-25 09:44:10 -04:00
8186bd4766
css and xss updates
2017-07-24 18:05:57 -04:00
ca4b0c06b5
lesson css file
2017-07-24 11:34:10 -04:00
0cb4faf15f
refactor to support cleaner scoping && success and failure callbacks
2017-07-18 17:39:58 -04:00
fb65534355
Merging from 'injection-updates' into local develop branch
2017-07-03 15:22:02 -04:00
2e4e4ea716
including restart lesson fix for lesson overview
2017-07-03 12:37:15 -04:00
daaf361dd2
Lesson Overview updates
2017-07-03 12:14:01 -04:00
89e2fc109c
Work-around to handle special chars in action ... currently to be able to match {userId} in hint creation/assignment for IDOR
2017-06-27 10:24:38 -04:00
dd18e68660
merge of upstream, conflict resolution
2017-06-27 08:30:58 -04:00
52a48df70c
XXE successfully completed message was no longer shown, fixed it by using form POST together with customjs functions.
...
Introduced callback functionality which you can specify after the posting in order to be able to load the comments list again.
2017-06-12 15:08:55 +02:00
feead6b740
initial cut on XSS, need to add some tests still
2017-05-18 14:41:14 -04:00
8d3c251d04
Merge branch 'challenge' into develop
...
Conflicts:
webgoat-container/src/main/resources/static/css/main.css
2017-05-04 03:02:00 +02:00
08e7916b39
polling updates, including banner for appseceu
2017-05-10 16:15:38 +01:00
c7c664ad4a
polling for scoreboard added (appseceu)
2017-05-10 15:28:07 +01:00
118079233d
hints view fix. still a redundant call issue, but logging separately
2017-05-10 13:08:27 +01:00
194a327ad5
Fixed issue when restarting the lesson the menu was not updated (the marker stayed behind)
...
Also restarting the lesson was not persisted
2017-05-03 05:08:00 +02:00
6fbd8457c1
update for width .. FF fix
2017-05-02 10:02:42 -04:00
