317 lines
16 KiB
HTML
317 lines
16 KiB
HTML
<!DOCTYPE html>
|
|
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
|
|
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
|
|
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
|
|
<!--[if gt IE 8]><!-->
|
|
<html class="no-js">
|
|
<!--<![endif]-->
|
|
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
<title>WebGoat</title>
|
|
<meta name="description" content="">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
|
|
<!-- Favicon -->
|
|
<link rel="shortcut icon" href="assets/img/favicon.ico" type="image/x-icon">
|
|
<!-- Bootstrap core CSS -->
|
|
<link rel="stylesheet" href="assets/plugins/bootstrap/css/bootstrap.min.css">
|
|
<!-- Fonts from Font Awsome -->
|
|
<link rel="stylesheet" href="assets/css/font-awesome.min.css">
|
|
<!-- CSS Animate -->
|
|
<link rel="stylesheet" href="assets/css/animate.css">
|
|
<!-- Custom styles for this theme -->
|
|
<link rel="stylesheet" href="assets/css/main.css">
|
|
<!-- Vector Map -->
|
|
<link rel="stylesheet" href="assets/plugins/jvectormap/css/jquery-jvectormap-1.2.2.css">
|
|
<!-- ToDos -->
|
|
<link rel="stylesheet" href="assets/plugins/todo/css/todos.css">
|
|
<!-- Morris -->
|
|
<link rel="stylesheet" href="assets/plugins/morris/css/morris.css">
|
|
<!-- Fonts -->
|
|
<link href='http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,900,300italic,400italic,600italic,700italic,900italic' rel='stylesheet' type='text/css'>
|
|
<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,700' rel='stylesheet' type='text/css'>
|
|
<!-- Feature detection -->
|
|
<script src="assets/js/modernizr-2.6.2.min.js"></script>
|
|
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
|
<!--[if lt IE 9]>
|
|
<script src="assets/js/html5shiv.js"></script>
|
|
<script src="assets/js/respond.min.js"></script>
|
|
<![endif]-->
|
|
</head>
|
|
|
|
<body class="animated fadeIn">
|
|
<section id="container">
|
|
<header id="header">
|
|
<!--logo start-->
|
|
<div class="brand">
|
|
<a href="index.html" class="logo"><span>Web</span>Goat</a>
|
|
</div>
|
|
<!--logo end-->
|
|
<div class="toggle-navigation toggle-left">
|
|
<button type="button" class="btn btn-default" id="toggle-left" data-toggle="tooltip" data-placement="right" title="Toggle Navigation">
|
|
<i class="fa fa-bars"></i>
|
|
</button>
|
|
</div><!--toggle navigation end-->
|
|
<div class="lessonTitle">
|
|
<h1>Lesson Title in here</h1>
|
|
</div><!--lesson title end-->
|
|
<div class="user-nav pull-right">
|
|
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#aboutModal">
|
|
<i class="fa fa-info"></i>
|
|
</button>
|
|
<button type="button" class="btn btn-default">
|
|
<i class="fa fa-envelope"></i>
|
|
</button>
|
|
<button type="button" class="btn btn-default">
|
|
<i class="fa fa-user"></i>
|
|
</button>
|
|
</div>
|
|
</header>
|
|
<!--sidebar left start-->
|
|
<aside class="sidebar">
|
|
<div id="leftside-navigation" class="nano">
|
|
<ul class="nano-content">
|
|
<li class="sub-menu">
|
|
<a href=""><i class="fa fa-bars"></i><span>LESSONS</span></a>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>General</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="httpBasics.html">Http Basics</a></li>
|
|
<li><a href="httpSplitting.html">Http Splitting</a></li>
|
|
<li><a href="threadSafetyProblem.html">Thread Safety Problem</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"></i><span>Broken Authentication & Session Management</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">Basic Authentication</a></li>
|
|
<li><a href="#">Weak Authentication Code</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Broken Access Control</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">Access Control Matrix</a></li>
|
|
<li><a href="#">Path Based Access Control</a></li>
|
|
<li><a href="#">Role Based Access Control</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Cross-Site Scripting (XSS)</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">Stored XSS</a></li>
|
|
<li><a href="#">Reflected XSS</a></li>
|
|
<li><a href="#">CSRF</a></li>
|
|
<li><a href="#">CSRF Prompt Bypass</a></li>
|
|
<li><a href="#">CSRF Token Bypass</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Unvalidated Parameters</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">Hidden Field Tampering</a></li>
|
|
<li><a href="#">Java Script Validation</a></li>
|
|
<li><a href="#">Unchecked Email</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Insecure Storage</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">Encoding</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Injection Flaws</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">SQL Numeric Injection</a></li>
|
|
<li><a href="#">SQL String Injection</a></li>
|
|
<li><a href="#">Command Injection</a></li>
|
|
<li><a href="#">Log Spoofing</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Improper Error Handling</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">Fail Open Authentication</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Code Quality</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#"><span>HTML Clues</span></a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>Web Services</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">Soap Request</a></li>
|
|
<li><a href="#">WSDL Scanning</a></li>
|
|
<li><a href="#">WS SQL Injection</a></li>
|
|
</ul>
|
|
</li>
|
|
<li class="sub-menu">
|
|
<a href="javascript:void(0);"><span>New Lesson</span><i class="arrow fa fa-angle-right pull-right"></i></a>
|
|
<ul>
|
|
<li><a href="#">How to Add New Lesson</a></li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
|
|
</aside>
|
|
<!--sidebar left end-->
|
|
<!--main content start-->
|
|
<section class="main-content-wrapper">
|
|
<section id="main-content">
|
|
<div class="row">
|
|
<div class="col-md-8">
|
|
<div class="col-md-12" align="left">
|
|
<div class="panel">
|
|
<div class="panel-body">
|
|
<button type="button" class="btn btn-primary">Java [Source]</button>
|
|
<button type="button" class="btn btn-primary">Solution</button>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="col-md-12">
|
|
<div class="panel">
|
|
<div class="panel-body">
|
|
<h1>About WebGoat</h1>
|
|
<hr />
|
|
<p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Quisque volutpat feugiat nunc, non vulputate urna dictum ut. Nam consectetur porttitor diam ut ultricies. Aenean dolor dolor, congue sed ornare non, elementum in mauris. Phasellus orci sem, rhoncus eu laoreet eu, aliquam nec ante. Suspendisse sit amet justo eget eros tempor tincidunt vel quis justo. Sed pulvinar enim id neque pellentesque, eu rhoncus lorem eleifend. Morbi congue tortor sit amet pulvinar posuere.</p>
|
|
<p>Integer rhoncus gravida arcu, at bibendum magna feugiat sit amet. Vivamus id lacinia massa. Praesent eu quam ullamcorper, tempor elit nec, lobortis massa. In in eros eu augue rhoncus semper. Vestibulum ornare purus vitae bibendum vulputate. Cras eleifend commodo lectus, eget pharetra justo mollis quis. Donec tempor magna lectus, vitae suscipit turpis venenatis et. Nulla facilisi.</p>
|
|
<p>Nam placerat magna in massa euismod fringilla. Pellentesque in cursus risus, eu hendrerit ligula. Quisque ultrices eget tortor ut eleifend. Praesent auctor libero nec quam fringilla faucibus. Curabitur cursus risus eu faucibus rutrum. Morbi dapibus nulla risus, et euismod eros posuere volutpat. Quisque ut diam diam. Quisque sed enim tortor. Suspendisse commodo magna nec felis ultricies laoreet. Donec sit amet vehicula eros. Phasellus at dapibus enim. Sed massa quam, aliquet eu mattis at, porttitor a nisi.</p>
|
|
<hr />
|
|
<p>Nam placerat magna in massa euismod fringilla. Pellentesque in cursus risus, eu hendrerit ligula. Quisque ultrices eget tortor ut eleifend. Praesent auctor libero nec quam fringilla faucibus. Curabitur cursus risus eu faucibus rutrum. Morbi dapibus nulla risus, et euismod eros posuere volutpat. Quisque ut diam diam. Quisque sed enim tortor. Suspendisse commodo magna nec felis ultricies laoreet. Donec sit amet vehicula eros. Phasellus at dapibus enim. Sed massa quam, aliquet eu mattis at, porttitor a nisi.</p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div><!--col-md-8 end-->
|
|
<div class="col-md-4">
|
|
<div class="col-md-12">
|
|
<div class="panel">
|
|
<div class="panel-body">
|
|
<div align="left">
|
|
<button type="button" class="btn btn-default btn-sm">Params</button>
|
|
<button type="button" class="btn btn-default btn-sm">Hints</button>
|
|
<button type="button" class="btn btn-default btn-sm">Cookies</button>
|
|
</div>
|
|
<hr />
|
|
<h3>Hints</h3>
|
|
<p>Nam placerat magna in massa euismod fringilla. Pellentesque in cursus risus, eu hendrerit ligula. Quisque ultrices eget tortor ut eleifend. Praesent auctor libero nec quam fringilla faucibus. Curabitur cursus risus eu faucibus rutrum. Morbi dapibus nulla risus, et euismod eros posuere volutpat. Quisque ut diam diam. Quisque sed enim tortor. Suspendisse commodo magna nec felis ultricies laoreet. Donec sit amet vehicula eros. Phasellus at dapibus enim. Sed massa quam, aliquet eu mattis at, porttitor a nisi.</p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div><!--col-md-4 end-->
|
|
</div>
|
|
</section>
|
|
</section>
|
|
<!--main content end-->
|
|
|
|
<!-- Basic Modal -->
|
|
<div class="modal fade" id="aboutModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
|
|
<div class="modal-dialog">
|
|
<div class="modal-content">
|
|
<div class="modal-header">
|
|
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
|
|
<h3 class="modal-title" id="myModalLabel">About WebGoat</h3>
|
|
</div>
|
|
<div class="modal-body modal-scroll">
|
|
<p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean quis posuere sapien, at ornare neque. Curabitur commodo efficitur ante, at finibus ex faucibus ut. Vivamus id diam blandit, convallis justo sed, vehicula sem. Cras a semper ex. Etiam dignissim tempus metus, sit amet blandit arcu pulvinar ac. Mauris dignissim rutrum ante sit amet posuere. Proin mollis sapien augue, at tempor metus iaculis eu. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Cras elementum finibus tincidunt.</p>
|
|
<p>Version</p>
|
|
<p>OWASP Reference - probably text and image</p>
|
|
<div class="row">
|
|
<div class="col-md-6">
|
|
<p>WebGoat Authors
|
|
<ul>
|
|
<li>name...</li>
|
|
<li>name...</li>
|
|
<li>name...</li>
|
|
</ul>
|
|
</p>
|
|
</div>
|
|
<div class="col-md-6">
|
|
<p>WebGoat Design Team
|
|
<ul>
|
|
<li>name...</li>
|
|
<li>name...</li>
|
|
<li>name...</li>
|
|
</ul>
|
|
</p>
|
|
</div>
|
|
</div>
|
|
<div class="row">
|
|
<div class="col-md-6">
|
|
<p>Active Contributors
|
|
<ul>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
</ul>
|
|
</p>
|
|
</div>
|
|
<div class="col-md-6">
|
|
<p>Past Contributors
|
|
<ul>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
<li>name... (Role)</li>
|
|
</ul>
|
|
</p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="modal-footer">
|
|
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<!-- End Basic Modal -->
|
|
|
|
</section>
|
|
<!--Global JS-->
|
|
<script src="assets/js/jquery-1.10.2.min.js"></script>
|
|
<script src="assets/plugins/bootstrap/js/bootstrap.min.js"></script>
|
|
<script src="assets/plugins/waypoints/waypoints.min.js"></script>
|
|
<script src="assets/js/application.js"></script>
|
|
|
|
</body>
|
|
|
|
</html>
|