5d930ec235
* Solutions added * Bugfixes * Introduction added (including how to start with webgoat and useful tools) * New lesson: Password strength * New lessons: Multi Level Login * Not yet working new lesson: Session fixation (inital release) git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@301 4033779f-a91e-0410-96ef-6bf7bf53c507
12 lines
539 B
HTML
12 lines
539 B
HTML
<div align="Center">
|
|
<p><b>Lesson Plan Title:</b> How to Discover Clues in the HTML </p>
|
|
</div>
|
|
|
|
<p><b>Concept / Topic To Teach:</b> </p>
|
|
<!-- Start Instructions -->
|
|
Developers are notorious for leaving statements like TODO's, Code Broken, Hack, etc... inside the source code. Review the source code for any comments denoting passwords, backdoors, or something doesn't work right.
|
|
<!-- Stop Instructions -->
|
|
<br>
|
|
<p><b>General Goal(s):</b> </p>
|
|
The user should be able to bypass the authentication check.
|