301 lines
		
	
	
		
			12 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
			
		
		
	
	
			301 lines
		
	
	
		
			12 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
| <!DOCTYPE html>
 | |
| 
 | |
| <html xmlns:th="http://www.thymeleaf.org">
 | |
| <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/assignments.css}"/>
 | |
| 
 | |
| <!--Page 1-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_plan.adoc"></div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 2-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content1.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/attack2"
 | |
|               enctype="application/json;charset=UTF-8"
 | |
|               autocomplete="off">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td><label>SQL query</label></td>
 | |
|                     <td><input name="query" value="" type="TEXT" placeholder="SQL query"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><button type="SUBMIT">Submit</button></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 3-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content2.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/attack3"
 | |
|               enctype="application/json;charset=UTF-8"
 | |
|               autocomplete="off">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td><label>SQL query</label></td>
 | |
|                     <td><input name="query" value="" type="TEXT" placeholder="SQL query"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><button type="SUBMIT">Submit</button></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 4-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content3.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/attack4"
 | |
|               enctype="application/json;charset=UTF-8"
 | |
|               autocomplete="off">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td><label>SQL query</label></td>
 | |
|                     <td><input name="query" value="" type="TEXT" placeholder="SQL query"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><button type="SUBMIT">Submit</button></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 5-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content4.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/attack5"
 | |
|               enctype="application/json;charset=UTF-8"
 | |
|               autocomplete="off">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td><label>SQL query</label></td>
 | |
|                     <td><input name="query" value="" type="TEXT" placeholder="SQL query"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><button type="SUBMIT">Submit</button></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 6-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content5_before.adoc"></div>
 | |
|     <div>
 | |
|         <label for="username-preview">Username:</label>
 | |
|         <input id="preview-input" type="text" name="username" val=""/>
 | |
|         <div class="listingblock">
 | |
|             <div class="content">
 | |
|                 <pre>"SELECT * FROM users WHERE name = '<span id="input-preview" style="font-weight: bold;"></span>'";</pre>
 | |
|             </div>
 | |
|         </div>
 | |
|         <script>
 | |
|             $(document).ready( () => {
 | |
|                 $("#preview-input").on("keyup", (e) => {
 | |
|                     $("#input-preview").text(e.target.value);
 | |
|                 });
 | |
|             });
 | |
|         </script>
 | |
|     </div>
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content5_after.adoc"></div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 7-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content6.adoc"></div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 8-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content7.adoc"></div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 9-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content11.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/assignment5a"
 | |
|               enctype="application/json;charset=UTF-8">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td>SELECT * FROM users WHERE LOGIN_COUNT > 0 and FIRST_NAME = '</td>
 | |
|                     <td><select name="account">
 | |
|                         <option>Smith</option>
 | |
|                         <option>'Smith</option>
 | |
|                         <option>'</option>
 | |
|                         <option>'Smith'</option>
 | |
|                     </select></td>
 | |
|                     <td>
 | |
|                         <select name="operator">
 | |
|                             <option>or not</option>
 | |
|                             <option>and</option>
 | |
|                             <option>and not</option>
 | |
|                         </select>
 | |
|                     </td>
 | |
|                     <td>
 | |
|                         <select name="injection">
 | |
|                             <option>1 = 1</option>
 | |
|                             <option>1 = 2</option>
 | |
|                             <option>1' = '2</option>
 | |
|                             <option>'1' = '1</option>
 | |
|                             <option>'1' = '2</option>
 | |
|                             <option>Last_Name = 'Smith</option>
 | |
|                         </select>
 | |
|                     </td>
 | |
|                     <td><input
 | |
|                             name="Get Account Info" value="Get Account Info" type="SUBMIT"/></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content12.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/assignment5b"
 | |
|               enctype="application/json;charset=UTF-8">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td>Login_Count:</td>
 | |
|                     <td><input name="login_count" type="text" required="true"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td>User_Id:</td>
 | |
|                     <td><input name="userid" type="TEXT" required="true"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td></td>
 | |
|                     <td><input
 | |
|                             name="Get Account Info" value="Get Account Info" type="SUBMIT"/></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content8.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/attack8"
 | |
|               enctype="application/json;charset=UTF-8"
 | |
|               autocomplete="off">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td><label>Employee Name:</label></td>
 | |
|                     <td><input name="name" value="" type="TEXT" placeholder="Lastname"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><label>Authentication TAN:</label></td>
 | |
|                     <td><input name="auth_tan" value="" type="TEXT" placeholder="TAN"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><button type="SUBMIT">Get department</button></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 10-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content9.adoc"></div>
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/attack9"
 | |
|               enctype="application/json;charset=UTF-8"
 | |
|               autocomplete="off">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td><label>Employee Name:</label></td>
 | |
|                     <td><input name="name" value="" type="TEXT" placeholder="Lastname"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><label>Authentication TAN:</label></td>
 | |
|                     <td><input name="auth_tan" value="" type="TEXT" placeholder="TAN"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><button type="SUBMIT">Get department</button></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| <!--Page 11-->
 | |
| <div class="lesson-page-wrapper">
 | |
|     <div class="adoc-content" th:replace="doc:SqlInjection_introduction_content10.adoc"></div>
 | |
| 
 | |
|     <div class="attack-container">
 | |
|         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
 | |
|         <form class="attack-form" accept-charset="UNKNOWN"
 | |
|               method="POST" name="form"
 | |
|               action="/WebGoat/SqlInjection/attack10"
 | |
|               enctype="application/json;charset=UTF-8"
 | |
|               autocomplete="off">
 | |
|             <table>
 | |
|                 <tr>
 | |
|                     <td><label>Action contains:</label></td>
 | |
|                     <td><input name="action_string" value="" type="TEXT"/></td>
 | |
|                 </tr>
 | |
|                 <tr>
 | |
|                     <td><button type="SUBMIT">Search logs</button></td>
 | |
|                 </tr>
 | |
|             </table>
 | |
|         </form>
 | |
|         <div class="attack-feedback"></div>
 | |
|         <div class="attack-output"></div>
 | |
|     </div>
 | |
| </div>
 | |
| 
 | |
| </html>
 |