259fd19c1b
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server - Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson. - Simplied loading of resources, by adding resource mappings in MvcConfig. - Refactored plugin loading, now only one class is left for loading the lessons.
12 lines
1.1 KiB
Properties
12 lines
1.1 KiB
Properties
# XSS success, failure messages and hints
|
|
xss-reflected-5a-success=well done, but alerts aren't very impressive are they? Please continue.
|
|
xss-reflected-5a-failure=Try again. We do want to see this specific javascript (in case you are trying to do something more fancy)
|
|
xss-reflected-5b-success=Correct ... because <ul><li>The script was not triggered by the URL/QueryString</li><li>Even if you use the attack URL in a new tab, it won't execute (becuase of response type). Try it if you like.</li></ul>
|
|
xss-reflected-5b-failure=Nope, pretty easy to guess now though.
|
|
xss-reflected-6a-success=Correct! Now, see if you can send in an exploit to that route in the next assignment.
|
|
xss-reflected-6a-failure=No, look at the example. Check the GoatRouter.js file. It should be pretty easy to determine.
|
|
xss.lesson1.failure=Are you sure? Try using a tab from a different site.
|
|
xss-dom-message-success=Correct, I hope you didn't cheat, using the console!
|
|
xss-dom-message-failure=Incorrect, keep trying. It should be obvious in the log when you are successful.
|
|
|
|
#xss-reflected-5b-do5a-first=Do the reflected xss attack prior to this, then come back and answer this. |