63043b0f34
git-svn-id: http://webgoat.googlecode.com/svn/trunk@55 4033779f-a91e-0410-96ef-6bf7bf53c507
19 lines
778 B
HTML
19 lines
778 B
HTML
<div align="Center">
|
|
<p><b>Lesson Plan Title:</b> How to Perform XML Injection Attacks. </p>
|
|
</div>
|
|
|
|
<p><b>Concept / Topic To Teach:</b> </p>
|
|
This lesson teaches how to perform XML Injection attacks.
|
|
<br>
|
|
<div align="Left">
|
|
<p>
|
|
<b>How the attacks works:</b>
|
|
</p>
|
|
AJAX applications use XML to exchange information with the server. This XML can be easily intercepted and altered by a malacious attacker.
|
|
|
|
</div>
|
|
<p><b>General Goal(s):</b> </p>
|
|
<!-- Start Instructions -->
|
|
WebGoat-Miles Reward Miles shows all the rewards available. Once, you enter your account ID, it will show you your balance and the ones that you can afford. Your goal is to try to add more rewards to your allowed set of rewards. Your account ID is 836239.
|
|
<!-- Stop Instructions -->
|