dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • f9a5a3700b Minor cleanups to address warnings rogan.dawes 2007-07-11 12:52:44 +00:00
  • cb794dcb50 Calculate the stage changes correctly rogan.dawes 2007-07-11 12:52:23 +00:00
  • 851974d7ce Remove strange stage transition code. rogan.dawes 2007-07-11 12:52:07 +00:00
  • 402fe9d95c Updated stage descriptions to avoid duplication rogan.dawes 2007-07-11 12:51:53 +00:00
  • 2bda4a81f3 Migrate the labs to direct/Random access stages rogan.dawes 2007-07-11 12:51:29 +00:00
  • f5e56c7081 Extract the stage-related code from LessonTracker into SequentialLessonTracker rogan.dawes 2007-07-11 12:50:32 +00:00
  • 02560a2510 Move LessonAction and DefaultLessonAction to the GoatHillsFinancial package, since it is only ever used there rogan.dawes 2007-07-11 10:38:55 +00:00
  • 6abdcbf640 Migrate other lessons to extending GoatHillsFinancial rogan.dawes 2007-07-10 11:57:54 +00:00
  • a71b6af562 Fix thinko. Each LAB nees to use its own local LessonActions when defined rogan.dawes 2007-07-10 11:57:24 +00:00
  • ac43a1c3cb Update solutions to match minor changes to the underlying lesson rogan.dawes 2007-07-10 11:57:02 +00:00
  • 1153caa7ff Extend GoatHillsFinancial, and remove duplicated inherited methods rogan.dawes 2007-07-10 11:56:38 +00:00
  • 2c8ad02968 Remove unused method rogan.dawes 2007-07-10 11:56:18 +00:00
  • a1d52a73e0 Introduce the GoatHillsFinancial "lesson" rogan.dawes 2007-07-10 11:56:00 +00:00
  • 0bdc36b2f6 Remove duplication of isAuthorizedForEmployee rogan.dawes 2007-07-10 11:55:10 +00:00
  • a8119f6982 Move Lesson specific checks out of DefaultLessonAction rogan.dawes 2007-07-10 11:54:55 +00:00
  • 3dc1a04d62 Update the various lessons to specify their stage count rogan.dawes 2007-07-10 11:54:35 +00:00
  • 3c2e63636c Provide a user-accessible mechanism for skipping stages rogan.dawes 2007-07-10 11:54:12 +00:00
  • 51cc4fb0b4 Take a simple approach to add direct stage access. rogan.dawes 2007-07-10 11:53:54 +00:00
  • e6fcd4176c Make it possible to return per-stage hints rogan.dawes 2007-07-10 11:53:34 +00:00
  • d39975c299 Minor fixes - unused imports and generics rogan.dawes 2007-07-10 11:52:09 +00:00
  • 661d8bcf62 Various type safety fixes (converting to generics) rogan.dawes 2007-07-10 11:51:40 +00:00
  • eaf12c706c Create WebgoatContext in HammerHead, rather than WebSession rogan.dawes 2007-07-10 11:51:26 +00:00
  • 53487970f6 Unify DatabaseUtilities.makeConnection() rogan.dawes 2007-07-10 11:51:01 +00:00
  • ada66dae10 Pass webgoatContext to AbstractLesson, so all lessons can know their environment rogan.dawes 2007-07-10 11:50:36 +00:00
  • 1849197784 Move database specific items into WebgoatContext rogan.dawes 2007-07-10 11:50:13 +00:00
  • c4d24dff3a Start process of moving shared data to a single place rogan.dawes 2007-07-10 11:49:57 +00:00
  • c3a5ec5ca8 Eliminate references to insance variable rogan.dawes 2007-07-10 11:49:41 +00:00
  • db2f11578a Replace casting with a suitable generic rogan.dawes 2007-07-10 11:49:28 +00:00
  • 4cae9985f6 Fix a NullPointerException in DatabaseUtilities.writeTable rogan.dawes 2007-07-10 11:49:15 +00:00
  • b7bb9e4d17 Remove useless use of "file.separator" in getRealPath() rogan.dawes 2007-07-10 11:49:03 +00:00
  • 2748e80d0d Make mySession a method scoped variable, not an instance var rogan.dawes 2007-07-10 11:48:53 +00:00
  • 294580983d Remove methods tagged DELETE_ME rogan.dawes 2007-07-10 11:48:43 +00:00
  • 52f23a20f4 Move maintanance of lesson categories from AbstractLesson into Category class rogan.dawes 2007-07-10 11:48:20 +00:00
  • 747319aab5 Move definition of standard Categories to Category class rogan.dawes 2007-07-10 11:48:02 +00:00
  • 5f67544b24 Add mechanism to close DB connections rogan.dawes 2007-07-10 11:46:17 +00:00
  • 6f5e7c37f7 Add infrastructure to enable setting of username and password for DB access rogan.dawes 2007-07-10 11:46:01 +00:00
  • e19c3353e7 Added a catch block for the "ParameterNotFoundException". Failure to catch this exception lead to an error message when the DOS lesson is viewed. esheri3 2007-04-05 16:14:39 +00:00
  • 20484796f9 EditProfile.jsp was missing a closing div tag. Removed some unused imports in LessonSource.java esheri3 2007-04-05 15:33:51 +00:00
  • adc1387ed2 git-svn-id: http://webgoat.googlecode.com/svn/trunk@123 4033779f-a91e-0410-96ef-6bf7bf53c507 mayhew64 2007-03-22 21:18:07 +00:00
  • f66d74cd58 Draft for solving the labs mayhew64 2007-03-22 21:01:06 +00:00
  • 25f47916cc Rename CookieCatcher to Catcher mayhew64 2007-03-20 19:05:46 +00:00
  • e2e98574b5 Detailed new lesson instructions mayhew64 2007-03-19 19:07:00 +00:00
  • 34fca43216 New Phishing Lesson mayhew64 2007-03-19 17:47:37 +00:00
  • ee6ed2e978 Add FAQ for running WebGoat on your host IP mayhew64 2007-03-09 17:25:55 +00:00
  • 30b00f969f git-svn-id: http://webgoat.googlecode.com/svn/trunk@117 4033779f-a91e-0410-96ef-6bf7bf53c507 sherif.fathy 2007-02-26 03:43:30 +00:00
  • a2abbfaf1e Changed tag case. removed unused import mayhew64 2007-02-25 18:39:38 +00:00
  • d8680dcfc3 Removed credit from New Lesson. Removed extra "." from start page mayhew64 2007-02-22 01:09:43 +00:00
  • 81582162d3 Modified intro text to be consistent in size with new logos. Modified credits in BlindSqlInjection.java. mayhew64 2007-02-06 15:32:12 +00:00
  • 5408328434 git-svn-id: http://webgoat.googlecode.com/svn/trunk@113 4033779f-a91e-0410-96ef-6bf7bf53c507 mayhew64 2007-02-05 23:04:24 +00:00
  • 6dc383b7b4 Modified all "Aspect" lessons to include the Aspect logo. The logo links to http://aspectsecurity.com. Moved the "OWASP" logo and added an Aspect logo on the main.jsp page. Adjusted the padding of the "warning" text to prevent "Start" button overlap. esheri3 2007-02-02 17:56:23 +00:00
  • e735aea7b0 Modified getCustomCredits() to utilize "Element" instead of "IMG". This allows for more flexible control over the lovely credits. esheri3 2007-02-02 15:23:43 +00:00
  • dda693f0ff Modified final hint to point to the correct mapping (/conf instead of /config). Minor code syntax cleanup esheri3 2007-02-02 15:04:37 +00:00
  • e748aa0e90 Changed mac_Logo.gif to macadamian.gif. Added forced browsing servlet to the appropriate web.xml files. Enhanced readme files mayhew64 2007-01-31 15:44:38 +00:00
  • ca46354077 Minor Cleanup of imports and user guide url mayhew64 2007-01-30 23:36:21 +00:00
  • 0ab3ad8293 git-svn-id: http://webgoat.googlecode.com/svn/trunk@104 4033779f-a91e-0410-96ef-6bf7bf53c507 mayhew64 2007-01-30 16:24:15 +00:00
  • 404e3f8b19 Changed title to "How to Perform Cross Site Tracing (XST) Attacks" esheri3 2007-01-26 19:47:54 +00:00
  • 82371bf0d9 Changed title (back?) to "Tracing". esheri3 2007-01-26 19:43:43 +00:00
  • dce06730f9 minor grammar fix. esheri3 2007-01-26 19:36:52 +00:00
  • ccd2f8cc33 added the Aspect logo esheri3 2007-01-26 19:15:20 +00:00
  • f5dfc0698d change all instances of "trace" to "tracing" esheri3 2007-01-26 19:06:42 +00:00
  • af66f4ff00 Minor grammar fixes. esheri3 2007-01-25 20:41:41 +00:00
  • f86af29210 Minor grammar fixes. esheri3 2007-01-25 20:35:06 +00:00
  • 08a56ce78c Added Aspect logo. esheri3 2007-01-25 20:22:47 +00:00
  • f9caf9b7c0 Added Aspect logo. esheri3 2007-01-25 20:22:07 +00:00
  • bce99008fb Added Aspect logo. esheri3 2007-01-25 20:21:24 +00:00
  • 90f78d3730 Added Aspect logo. esheri3 2007-01-25 20:20:51 +00:00
  • b2f13da6c4 Added another column for the pts. esheri3 2007-01-25 20:11:16 +00:00
  • e0479efb65 Minor grammar fix. esheri3 2007-01-25 19:42:25 +00:00
  • 94ee4db701 Minor grammar fix. esheri3 2007-01-25 19:39:33 +00:00
  • 8c4d4d13b3 Added XST in the title. esheri3 2007-01-25 19:38:06 +00:00
  • 6581a2ab4e Minor grammar fix. esheri3 2007-01-25 19:35:30 +00:00
  • 3579be2519 Minor grammar fixes. esheri3 2007-01-25 19:34:46 +00:00
  • 62ab99b291 Minor grammar fixes. esheri3 2007-01-25 19:32:24 +00:00
  • 5dbb0ca372 Minor Syntax cleanup. esheri3 2007-01-25 19:31:50 +00:00
  • 9db0e6eeb3 Modified the logo again sherif.fathy 2007-01-25 02:08:28 +00:00
  • e0354c1e25 Removed the "NewLessons" category. NewLesson is now the first in the "General" list. esheri3 2007-01-24 19:16:19 +00:00
  • 2266361186 Modified the default ranking such that CSRF can have its correct spot in the lesson ranking scheme. esheri3 2007-01-24 19:10:19 +00:00
  • e121871396 Modified the ranking of the lessons. CSRF has been moved to "Broken Access Control" esheri3 2007-01-24 19:09:24 +00:00
  • 38e9a8967b Added the AoC logo sherif.fathy 2007-01-24 05:10:43 +00:00
  • 5188039079 fixed a bug with the forced browsing lesson sherif.fathy 2007-01-24 04:25:08 +00:00
  • 265c56b302 Fixed a bug which caused the RoleBasedAccessControl_i class to be instantiated and inserted into the navigation menu. esheri3 2007-01-23 19:11:32 +00:00
  • 1ad2fd45d3 Fixed bug preventing the source from being displayed. Basic code clean-up as well. esheri3 2007-01-23 18:56:42 +00:00
  • 19a0566c47 Removed DaveW from the "Design Team". esheri3 2007-01-23 18:20:12 +00:00
  • 16e1bfb9c5 changed from "WebGoat WSDL" to "WebGoat WSDL File" esheri3 2007-01-23 15:37:00 +00:00
  • d474b0aac6 Grammatical correctness. Updating (Aspect) wording. esheri3 2007-01-23 15:33:39 +00:00
  • 5f97b23978 added DaveW to the list. esheri3 2007-01-23 15:26:59 +00:00
  • 7cd01d8656 The old Course object used some insane recursion, causing my JVM to spike at 100%. Furthermore, it increased the WebGoat initial startup time to roughly 1:30-2:00 minutes (for me). In order to address the disk access overhead (the current greatest impacter of performance), we now cache the file names before parsing the lessons and their resources. esheri3 2007-01-22 22:25:50 +00:00
  • 88553e25f2 Minor spelling issue in hint. esheri3 2007-01-22 20:14:43 +00:00
  • aa839396f2 Added a <br/> to break the third bullet. Modified the bullet text slightly (removed the "Also, you can") esheri3 2007-01-22 20:12:49 +00:00
  • da81501499 Modified input fields so they line up better. In IE7, the input text boxes were over flowing the background image. esheri3 2007-01-22 19:06:55 +00:00
  • 69d8a6e92a Modified input fields so they line up better. In IE7, the input text boxes were over flowing the background image. esheri3 2007-01-22 19:06:32 +00:00
  • 5565d02de6 Modified input fields so they line up better. In IE7, the input text boxes were over flowing the background image. esheri3 2007-01-22 19:06:01 +00:00
  • edbd6446b6 Very minor spacing issue. Commented out a nbsp and modified the contact information to utilize two columns. esheri3 2007-01-22 18:45:32 +00:00
  • f6d5fbfc50 I was getting an empty string and a ".svn" file in the "Help File" drop-down box. Modified parseResults() to ensure that the file is not an empty string and the file ends with ".help" esheri3 2007-01-22 18:33:50 +00:00
  • a90d292239 Fixed spelling mistakes. esheri3 2007-01-22 18:10:06 +00:00
  • 3ae171c303 Fixed a few spelling mistakes esheri3 2007-01-22 17:42:32 +00:00
  • dfdfb8bcaf Update info for OWASP build and for Release 5.0 mayhew64 2007-01-22 16:03:43 +00:00
  • 8b51818508 Changed remaining contact information to reference an email address I receive (webgoat@g2-inc.com) mayhew64 2007-01-16 18:29:06 +00:00
  • fd9b60f98e Added some files required to build OWASP release. Modified License text and format to reflect GPL license. Reformatted most of the code. mayhew64 2007-01-16 14:56:40 +00:00
  • 036964495b Fixed comments by Bruce sherif.fathy 2007-01-11 05:14:09 +00:00