dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bbcd5461379d583127103df1695f3e37e233e201
WebGoat/webgoat/main/project/WebContent/lesson_solutions/ClientSideValidation.html
wirth.marcel e2ca7f9a33 Minor Bugfixes 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@338 4033779f-a91e-0410-96ef-6bf7bf53c507
2008-04-14 13:28:25 +00:00

64 lines
2.6 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insecure Client Storage</title>
<link rel="stylesheet" type="text/css"
href="/WebGoat/lesson_solutions/formate.css">
</head>
<body>
<p><b>Lesson Plan Title:</b> Insecure Client Storage</p>
<p><b>Concept / Topic To Teach:</b><br />
It is always a good practice to validate all input
on the server side. Leaving the mechanism for validation
on the client side leaves it vulnerable to reverse engineering.
Remember, anything on the client side should not be considered a secret.</p>
<p><b>General Goal(s):</b><br />
For this exercise, your mission is to discover a coupon
code to receive an unintended discount. Then, exploit the use
of client side validation to submit an order with a cost of zero. </p>
<p><b>Solution:</b><br />
For the solution you need a plugin for your browser, which is capable of debugging
Javascript. For IE you can use IEWatch. This solution is written for Firebug
which is a plugin for Firefox.
</p>
<b>Stage 1</b>
<p>
First we want to try to get a coupon code to get something cheaper. Open
Firebug and click on the Script Tab. Make sure you choose clientSideValidation.js
on the dropdown list. Toggle a breakpoint on the line:<br/>
<code>decrypted = decrypt(coupons[i]);</code></p>
Now enter a character in the coupon code field. The Javascript gets executed
but stops at the breakpoint. On the right side you see the parameters
and there values. Now use the step over symbol or F10. Now you can read
the clear text of decrypted:
<br><br>
<img src="/WebGoat/lesson_solutions/ClientSideValidation_files/ClientSideValidation_stage1.png" width=450px alt="Stage 1" />
<br>
<b><font size="2">Figure 1 Firebug in action</font></b>
<p>
Now that you know the coupon name enter it in the coupon field, purchase something
and you are done.
</p>
<b>Stage 2</b>
<p>
You can not edit the Prices in the Shopping Cart. The reason is that the readonly
attribute is set for this field.
</p>
<p>To get rid of this attribute open Firebug. Make sure this time you use
the HTML View. You can directly in
Firebug search for readonly and elemenate this attribute.The field for the total is
called GRANDTOT. After having deleted the readonly attribute from GRANDTOT
it is possible to change the price directly in the browser. Select any products
you like, change the total field to 0 and hit the purchase button.</p>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink