dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,944 Commits 11 Branches 78 Tags
Commit Graph

453 Commits

Author SHA1 Message Date
Nanne Baars
9dd93d88d9 New release v8.0.0.M19 2018-06-20 16:40:28 +02:00
Nanne Baars
12123ef13b Merge branch 'release/v8.0.0.M18' 2018-06-20 16:32:31 +02:00
misfir3
a41ff0083c
Merge pull request #479 from misfir3/develop 
Recent updates, including Missing Function AC content & patch for Vuln Components Lesson
 2018-06-13 18:44:09 -06:00
misfir3
844808bfa7
Merge pull request #485 from matthias-g/fixSQLInjection 
Fix sql injection
 2018-06-13 18:41:05 -06:00
Matthias Grundmann
1d2575a211 Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476 2018-06-13 11:38:33 +02:00
Matthias Grundmann
56fc983414
Update database layout so that proposed solution works 2018-06-12 17:40:28 +02:00
Matthias Grundmann
bae3e75ae2 Fix minor issues in hint view 2018-06-12 11:02:16 +02:00
Matthias Grundmann
89f6a73275
Fix next page button when url doesn't end with page number 2018-06-07 19:07:58 +02:00
Jason
1734170e9e updates to missing function ac lesson 2018-06-04 16:53:13 -06:00
Nanne Baars
26aa72e721 New release 2018-05-30 20:54:13 +02:00
Nanne Baars
c510bd9bf1 New develop version 2018-05-30 20:37:25 +02:00
Nanne Baars
c7a714a590 Move to next release 2018-05-30 17:05:50 +02:00
Nanne Baars
ecb7688e08 Update to new version for develop 
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
 2018-05-30 13:17:05 +02:00
Nanne Baars
fc2c99bcb4 Limit the username to letters and digits only 2018-05-29 16:16:52 +02:00
Nanne Baars
55793dd153 New release v8.0.0.M15 2018-05-27 20:54:50 +02:00
Nanne Baars
f8a7a61e85 New lesson working 2018-05-26 15:09:18 +02:00
Nanne Baars
dda6f674a3 Last assignment for JWT tokens finished 2018-05-23 14:28:19 +02:00
Nanne Baars
60ef35e241 Working lesson 2018-05-23 14:28:19 +02:00
Nanne Baars
9d7886d572 More JWT work 2018-05-23 14:28:19 +02:00
Nanne Baars
ea9c1a453d Initial version for JWT 2018-05-23 14:28:19 +02:00
Jose Selvi
84860e65f6 Insecure Deserialization exercise 2018-05-23 13:58:03 +02:00
Jason
a73bf58d36 more hintview patching 2018-05-23 13:35:51 +02:00
Jason
0ff6000511 wiring jqueryui to vuln jquery #368 2018-05-23 13:35:51 +02:00
Jason
91d9db5f80 work-arounds, fixes for page initialization and some clean-up 2018-05-23 13:35:51 +02:00
pjhggns
6a5ca43e7e Strip out slash-escaped JSON sequence received in client. 
The server will slash-escape some JSON related characters before sending. Need to strip them out before using, on the client side.
 2018-05-02 22:21:22 +02:00
miig
9aa674e326 stringfy object so it's visible in the console 2018-05-02 22:04:25 +02:00
Nanne Baars
6b4a488c8c Users shared now between WebGoat and WebWolf by starting HSQLDB 
as standalone database
 2018-05-01 22:00:07 +02:00
Nanne Baars
8050a2b56d XXE lesson not showing correct link for WebWolf 2018-05-01 21:54:28 +02:00
Nanne Baars
11ffa5702c Added "WebWolf" enabled to the lessons which support the usage of WebWolf 2018-04-29 15:02:19 +02:00
Nanne Baars
8b8a89a8ab Add extra informational message when a failure occurs while sending an email from WebGoat to WebWolf. 2018-04-28 16:01:57 +02:00
Nanne Baars
e4ca0c4836 Make report working again 2018-04-27 19:26:01 +02:00
Nanne Baars
e422da4c64 Polling for lesson updates (updates the menu and page navigation) 2018-04-27 18:50:13 +02:00
Nanne Baars
245ba2c3d1 Fix XXE lesson, the exact .webgoat directory including version number will be put in the lesson. 2018-04-24 20:44:05 +02:00
Nanne Baars
672d78eebc Resource bundle in UTF-8 2018-04-23 16:12:50 +02:00
Nanne Baars
f30db3abfc New version number 2018-04-11 20:45:12 +02:00
nbaars
98efc1235f By default binds to ALL network interfaces #431 2018-01-29 15:32:02 +01:00
nbaars
b99b554522 Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432 2018-01-29 15:29:48 +01:00
nbaars
04ccf9a422 New release should create a new webgoat directory with version tag inside #423 2018-01-21 17:46:43 +01:00
nbaars
ee11381a63 Fixed database issue mappings 2018-01-21 17:13:28 +01:00
nbaars
2cc6c232e2 Added macro for asciidoc to produce the WebWolf link dynamically depending on configuration 2018-01-15 20:56:59 +01:00
nbaars
a6b9235711 SQL Error '-104' in XSS Lesson Page 7 #416 2018-01-10 12:48:45 +01:00
nbaars
a9ac00a075 Clean up 2018-01-08 23:42:36 +01:00
nbaars
05d8b590f3 Merge tag '8.0.0' into develop 
Release 8.0.0
 2017-12-30 16:52:24 +01:00
nbaars
c6e86861fe Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information. 2017-12-29 22:12:21 +01:00
nbaars
dd7f4074cd Added encoding for asciidoc 2017-12-28 00:16:16 +01:00
Nanne Baars
43b82027f5 Added more content for CSRF lesson 2017-11-22 01:34:05 +01:00
Nanne Baars
5eed385d5d When an adoc file cannot be found the complete lesson crashed, made it failsafe with a logging statement. 2017-11-17 07:08:24 +01:00
Nanne Baars
157b982394 successFunction and failureFunction were selected by using the main form (so the succesFunction of the first assignment was used for the next assignment) not the currentForm we determined in onFormSubmit() function. 2017-11-17 07:06:56 +01:00
Nanne Baars
6c91e7dc8a Fixed WebWolf issues with sending e-mails 2017-11-15 11:58:31 +01:00
Nanne Baars
f91f77708a New version 2017-11-02 21:44:30 +01:00