31 lines
1.2 KiB
Plaintext
31 lines
1.2 KiB
Plaintext
== Introducing WebWolf
|
|
|
|
NOTE: You only need WebWolf if you a lesson specifies you can use it. For a lot of lessons you use WebGoat without
|
|
starting WebWolf.
|
|
|
|
WebWolf is a separate web application which simulates an attackers machine. It makes it possible for us to
|
|
make a clear distinction between what takes place on the attacked website and the actions you need to do as
|
|
an "attacker". WebWolf was introduced after a couple of workshops where we received feedback about the fact there
|
|
was no clear distinction between what was part of the "attackers" role and what was part of the "users" role on the
|
|
website. The following items are supported in WebWolf:
|
|
|
|
* Hosting a file
|
|
* Receiving email
|
|
* Landing page for incoming requests
|
|
|
|
WebWolf runs as a separate web application and is started automatically when using the Docker image. If you
|
|
are not using the Docker image you will need to download the jar file and start it:
|
|
|
|
```
|
|
java -jar webwolf-<<version>>.jar
|
|
```
|
|
|
|
WebWolf is also available as a Docker container:
|
|
|
|
```
|
|
docker pull webgoat/webwolf
|
|
docker run -it 8081:8081 /home/webwolf/run.sh
|
|
```
|
|
|
|
This will start the application on port 8081, click webWolfLink:here[] to open WebWolf.
|
|
First thing you need to do is register a new user within WebWolf. |