691af307c5
git-svn-id: http://webgoat.googlecode.com/svn/trunk@328 4033779f-a91e-0410-96ef-6bf7bf53c507
15 lines
621 B
HTML
15 lines
621 B
HTML
<div align="Center">
|
|
<p><b>Lesson Plan Title:</b> Insecure Login</p>
|
|
</div>
|
|
<p><b>Concept / Topic To Teach:</b> </p>
|
|
<!-- Start Instructions -->
|
|
Sensitive data should never sent in plaintext! Often applications
|
|
switch to a secure connection after the authorization. An attacker
|
|
could just sniff the login and use the gathered information to
|
|
break into an account. A good webapplication always takes care of
|
|
encrypting sensitive data.
|
|
<p><b>General Goal(s):</b> </p>
|
|
See how easy it is to sniff a password in plaintext.<br>
|
|
Understand the advantages of encrypting the login data!
|
|
<!-- Stop Instructions -->
|