Tweet
Bonjour,
Je suis entrain de tester Webgoat avec python. J’arrive apparemment a me connecter avec l'identifiant et le mot de passe "user" , ensuite j’atterris sur la page "how to work with webgoat". Par après j'ai essaye de rentrer dans un menu a gauche "numeric sql injection", mais il me met sur une autre URL que celle que je lui ai demandé. Aprés plusieurs (jours) d'essais et de recherche sur google je bloque.... Qu’est ce que j'ai bien pu louper!
Je précise que j'ai essaye avec DVWA(damn vulnerable web application) et la j’arrive sans problèmes a naviguer dans les différents menus.
Voici le script TEST pour Webgoat:
Et son résultat dans le terminal:
vous voyez a la fin la ou je demandes d’accéder a http://localhost:9090/WebGoat/attack...n=20&menu=1100 il n’accède pas a la page demandée page mais a celle ci http://localhost:9090/WebGoat/attack?Screen=21&menu=5 comme je vous montre dans ces deux copies d'écran que vous pouvez comparer a la sortie dans le shell
Les copies:
138487Capturedcrande20151122135103.jpg944133Capturedcrande20151122135041.jpg
Si quelqu'un a une idée je lui en serait très reconnaissant
Je suis entrain de tester Webgoat avec python. J’arrive apparemment a me connecter avec l'identifiant et le mot de passe "user" , ensuite j’atterris sur la page "how to work with webgoat". Par après j'ai essaye de rentrer dans un menu a gauche "numeric sql injection", mais il me met sur une autre URL que celle que je lui ai demandé. Aprés plusieurs (jours) d'essais et de recherche sur google je bloque.... Qu’est ce que j'ai bien pu louper!
Je précise que j'ai essaye avec DVWA(damn vulnerable web application) et la j’arrive sans problèmes a naviguer dans les différents menus.
Voici le script TEST pour Webgoat:
Code:
import mechanize
br = mechanize.Browser()
br.set_handle_robots(False)
br.addheaders = [('User-agent', 'Mozilla/5.0 Compatible')]
url ="http://localhost:9090/WebGoat/login.mvc"
br.open(url)
for form in br.forms():
print "\nFORM NAME:",form.name
print "\nFORMS:",form
print "====================================================================="
print "OPENING:",br.geturl()
print "====================================================================="
print "\nSOURCE:",br.response().read()
print "====================================================================="
br.select_form(nr=0)
br.form["username"] = "guest"
br.form["password"] = "guest"
br.submit()
for form in br.forms():
print "\nFORM NAME:",form.name
print "\nFORMS:",form
print "====================================================================="
print "\OPENING:",br.geturl()
print "====================================================================="
print "\nSOURCE:",br.response().read()
print "====================================================================="
url ="http://localhost:9090/WebGoat/attack?Screen=20&menu=1100"
br.open(url)
for form in br.forms():
print "\nFORM NAME:",form.name
print "\nFORMS:",form
print "====================================================================="
print "\OPENING:",br.geturl()
print "====================================================================="
print "\nSOURCE:",br.response().read()
print "====================================================================="
FORM NAME: loginForm
FORMS: <loginForm POST http://localhost:9090/WebGoat/j_spri...0DCA28BB145DCB application/x-www-form-urlencoded
<TextControl(username=)>
<PasswordControl(password=)>
<HiddenControl(=) (readonly)>
<SubmitButtonControl(<None>=) (readonly)>>
=====================================================================
OPENING: http://localhost:9090/WebGoat/login.mvc
=====================================================================
SOURCE:
<html>
<head>
<title>Login Page</title>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!-->
<!-- CSS -->
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon"/>
<!-- Bootstrap core CSS -->
<link rel="stylesheet" href="plugins/bootstrap/css/bootstrap.min.css"/>
<!-- Fonts from Font Awsome -->
<link rel="stylesheet" href="css/font-awesome.min.css"/>
<!-- CSS Animate -->
<link rel="stylesheet" href="css/animate.css"/>
<!-- Custom styles for this theme -->
<link rel="stylesheet" href="css/main.css"/>
<!-- end of CSS -->
</style>
</head>
<body onload='document.loginForm.username.focus();'>
<section id="container" ng-controller="goatLesson">
<header id="header">
<!--logo start-->
<div class="brand">
<a href="/WebGoat/start.mvc" class="logo"><span>Web</span>Goat</a>
</div>
<!--logo end-->
<div class="toggle-navigation toggle-left">
</div><!--toggle navigation end-->
<div class="lessonTitle" >
<h1 id="lessonTitle">Please login</h1>
</div><!--lesson title end-->
</header>
<section class="main-content-wrapper">
<section id="main-content" >
<br/><br/>
<form role="form" name='loginForm' action="j_spring_security_check;jsessionid=0FFB738E89ABF49ADF0DCA28BB145DCB" method='POST' style="width: 400px;">
<div class="form-group">
<label for="exampleInputEmail1">Username</label>
<input type="text" class="form-control" id="exampleInputEmail1" placeholder="Username" name='username'>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" id="exampleInputPassword1" placeholder="Password" name='password'>
</div>
<input type="hidden" name=""
value="" />
<button class="btn btn-large btn-primary" type="submit">Sign in</button>
</form>
<br/><br/>
<h4>The following accounts are built into Webgoat</h4>
<table class="table table-bordered" style="width:400px;">
<thead>
<tr class="warning"><th>Account</th><th>User</th><th>Password</th></tr>
</thead>
<tbody>
<tr><td>Webgoat User</td><td>guest</td><td>guest</td></tr>
<tr><td>Webgoat Admin</td><td>webgoat</td><td>webgoat</td></tr>
</tbody>
</table>
<br/><br/>
</section>
</section>
</section>
</body>
</html>
=====================================================================
=====================================================================
\OPENING: http://localhost:9090/WebGoat/start.mvc
=====================================================================
SOURCE:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!-->
<!-- CSS -->
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon"/>
<!-- Bootstrap core CSS -->
<link rel="stylesheet" href="plugins/bootstrap/css/bootstrap.min.css"/>
<!-- Fonts from Font Awsome -->
<link rel="stylesheet" href="css/font-awesome.min.css"/>
<!-- CSS Animate -->
<link rel="stylesheet" href="css/animate.css"/>
<!-- Custom styles for this theme -->
<link rel="stylesheet" href="css/main.css"/>
<!-- end of CSS -->
<!-- JS -->
<script src="js/jquery/jquery-1.10.2.min.js"></script>
<script src="js/angular/angular.min.js"></script>
<!-- angular modules -->
<script src="js/angular/angular-animate.min.js"></script>
<script src="js/angular/ui-bootstrap-tpls-0.11.0.min.js"></script>
<!-- Feature detection -->
<script src="js/modernizr-2.6.2.min.js"></script>
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="js/html5shiv.js"></script>
<script src="js/respond.min.js"></script>
<![endif]-->
<!--Global JS-->
<script src="js/jquery_form/jquery.form.js"></script>
<script src="plugins/bootstrap/js/bootstrap.min.js"></script>
<script src="js/application.js"></script>
<script type="text/javascript">
var goat = angular.module("goatApp", ['ngAnimate', 'ui.bootstrap']);
</script>
<script type="text/javascript" src="js/goatConstants.js"></script>
<script type="text/javascript" src="js/goatUtil.js"></script>
<script type="text/javascript" src="js/goatData.js"></script>
<script type="text/javascript" src="js/goatLesson.js"></script>
<script type="text/javascript" src="js/goatControllers.js"></script>
<!-- end of JS -->
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>WebGoat</title>
</head>
<body class="animated fadeIn" ng-app="goatApp">
<section id="container" ng-controller="goatLesson">
<header id="header">
<!--logo start-->
<div class="brand">
<a href="/WebGoat/start.mvc" class="logo"><span>Web</span>Goat</a>
</div>
<!--logo end-->
<div class="toggle-navigation toggle-left">
<button type="button" class="btn btn-default" id="toggle-left" data-toggle="tooltip" data-placement="right" title="Toggle Navigation">
<i class="fa fa-bars"></i>
</button>
</div><!--toggle navigation end-->
<div class="lessonTitle" >
<h1 id="lessonTitle"></h1>
</div><!--lesson title end-->
<div class="user-nav pull-right" style="margin-right: 75px;">
<div class="dropdown" style="display:inline">
<button type="button" class="btn btn-default dropdown-toggle" id="dropdownMenu1" ng-disabled="disabled">
<i class="fa fa-user"></i> <span class="caret"></span>
</button>
<ul class="dropdown-menu dropdown-menu-left" role="menu" aria-labelledby="dropdownMenu1">
<li role="presentation"><a role="menuitem" tabindex="-1" href="j_spring_security_logout">Logout</a></li>
<li role="presentation" class="divider"></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">User: guest</a></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Role: webgoat_user</a></li>
<li role="presentation" class="divider"></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">6.0.1</a></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Build: 14</a></li>
</ul>
</div>
<button type="button" class="btn btn-default right_nav_button" ng-click="showAbout()" data-toggle="tooltip" title="About WebGoat">
<i class="fa fa-info"></i>
</button>
<a href="mailto:[email protected]?Subject=Webgoat%20feedback" target="_top">
<button type="button" class="btn btn-default right_nav_button"data-toggle="tooltip" title="Contact Us">
<i class="fa fa-envelope"></i>
</button>
</a>
</div>
</header>
<!--sidebar left start-->
<aside class="sidebar" >
<div id="leftside-navigation" ng-controller="goatMenu" class="nano">
<ul class="nano-content">
<li class="sub-menu" ng-repeat="item in menuTopics">
<a ng-click="accordionMenu(item.id)" href=""><i class="fa {{item.class}}"></i><span>{{item.name}}</span></a><!-- expanded = !expanded-->
<ul class="slideDown lessonsAndStages {{item.displayClass}}" id="{{item.id}}" isOpen=0>
<li ng-repeat="lesson in item.children" class="{{lesson.selectedClass}}">
<a ng-click="renderLesson(lesson.id, lesson.link, {showSource: lesson.showSource, showHints: lesson.showHints})" id="{{lesson.id}}" class="{{lesson.selectedClass}}" title="link to {{lesson.name}}" href="">{{lesson.name}}</a><span class="{{lesson.completeClass}}"></span>
<span ng-repeat="stage in lesson.children">
<a ng-click="renderLesson(stage.id, stage.link, {showSource: stage.showSource, showHints: stage.showHints})" class="selectedClass" id="{{stage.id}}" title="link to {{stage.name}}" href="">{{stage.name}}</a><span class="{{stage.completeClass}}"></span>
</span>
</li>
</ul>
</li>
</ul>
</div>
</aside>
<!--sidebar left end-->
<!--main content start-->
<section class="main-content-wrapper">
<section id="main-content" > <!--ng-controller="goatLesson"-->
<div class="row">
<div class="col-md-8">
<div class="col-md-12" align="left">
<div class="panel">
<div class="panel-body">
<button type="button" id="showSourceBtn" ng-show="showSource" class="btn btn-primary btn-xs" ng-click="showLessonSource()">Java [Source]</button>
<button type="button" id="showSolutionBtn" class="btn btn-primary btn-xs" ng-click="showLessonSolution()">Solution</button>
<button type="button" id="showPlanBtn" class="btn btn-primary btn-xs" ng-click="showLessonPlan()">Lesson Plan</button>
<button type="button" id="showHintsBtn" ng-show="showHints" class="btn btn-primary btn-xs" ng-click="viewHints()">Hints</button>
<button type="button" id="restartLessonBtn" class="btn btn-xs" ng-click="restartLesson()">Restart Lesson</button>
</div>
</div>
<div class="lessonHelp" id="lesson_hint_row">
<h4>Hints</h4>
<div class="panel" >
<div class="panel-body" id="lesson_hint">
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-left" id="showPrevHintBtn" ng-click="viewPrevHint()"></span>
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-right" id="showNextHintBtn" ng-click="viewNextHint()"></span>
<br/>
<span ng-show="showHints" bind-html-unsafe="curHint"></span>
<!--<span id="curHintContainer"></span>-->
</div>
</div>
</div>
</div>
<div class="col-md-12">
<div class="panel" >
<div class="panel-body" id="lesson_content">
<b>This should default to the "How to Work with Webgoat" lesson</b>
</div>
</div>
</div>
</div><!--col-md-8 end-->
<div class="col-md-4">
<div class="col-md-12">
<div class="panel">
<div class="panel-body">
<div align="left">
<h3>Cookies / Parameters</h3>
</div>
<hr />
<div id="cookiesAndParamsView">
<div class="cookiesView">
<h4>Cookies</h4>
<div class="cookieContainer" ng-repeat="cookie in cookies">
<table class="cookieTable table-striped table-nonfluid" >
<thead>
<tr><th class="col-sm-1"></th><th class="col-sm-1"></th></tr> <!-- Field / Value -->
</thead>
<tbody>
<tr ng-repeat="(key, value) in cookie">
<td>{{key}}</td>
<td>{{value}}</td>
</tr>
</tbody>
<!--<li ng-repeat="(key, value) in cookie">{{key}} :: {{ value}} </td>-->
<!--</ul>-->
</table>
</div>
</div>
<div id="paramsView"> <!--class="paramsView"-->
<h4>Params</h4>
<table class="paramsTable table-striped table-nonfluid" id="paramsTable">
<thead>
<tr><th>Param</th><th>Value</th></tr>
</thead>
<tbody>
<tr ng-repeat="param in parameters">
<td>{{param.name}}</td>
<td>{{param.value}}</td>
</tr>
</tbody>
</table>
</ul>
</div>
</div>
</div>
</div>
</div>
</div><!--col-md-4 end-->
</div>
<div id="lessonHelpsWrapper">
<!--div class="row lessonHelp" id="lesson_hint_row">
<div class="col-md-12">
<h4>Hints</h4>
<div class="panel" >
<div class="panel-body" id="lesson_hint">
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-left" id="showPrevHintBtn" ng-click="viewPrevHint()"></span>
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-right" id="showNextHintBtn" ng-click="viewNextHint()"></span>
<br/>
{{curHint}}
</div>
</div>
</div>
</div-->
<div class="row lessonHelp" id="lesson_cookies_row">
<div class="col-md-12">
<h4>Lesson Parameters and Cookies</h4>
<div class="panel" >
<div class="panel-body" id="lesson_cookies">
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_hint_row">
<div class="col-md-12">
<h4>Lesson Hints</h4>
<div class="panel" >
<div class="panel-body" id="lesson_hint">
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_plan_row">
<div class="col-md-12">
<h4>Lesson Plan</h4>
<div class="panel" >
<div class="panel-body" id="lesson_plan">
<!-- allowing jQuery to handle this one -->
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_solution_row">
<div class="col-md-12">
<h4>Lesson Solution</h4>
<div class="panel">
<div class="panel-body" id="lesson_solution">
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_source_row">
<div class="col-md-12">
<h4>Lesson Source Code</h4>
<div class="panel">
<div class="panel-body" id="lesson_source">
<pre>{{source}}</pre>
</div>
</div>
</div>
</div>
</div>
</section>
</section>
<!--main content end-->
</section>
<!--main content end-->
</section>
<script>
$(document).ready(function() {
//TODO merge appliction.js code into other js files
app.init();
});
</script>
<!-- About WebGoat Modal -->
<div class="modal fade" id="aboutModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<!-- This modal content is included into the main_new.jsp -->
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 class="modal-title" id="myModalLabel">About WebGoat - Provided by the OWASP Foundation</h3>
</div>
<div class="modal-body modal-scroll">
<p>Thanks for hacking The Goat!</p>
<p>WebGoat is a demonstration of common web application flaws. The
associated exercises are intended to provide hands-on experience with
techniques aimed at demonstrating and testing application penetration.
</p>
<p>From the entire WebGoat team, we appreciate your interest and efforts
in making applications not just better, but safer and more secure for
everyone. We, as well as our sacrificial goat, thank you.</p>
<p>
Version: 6.0.1, Build: 14
</p>
<div class="row">
<div class="col-md-6">
<p>Contact us:
<ul>
<li>WebGoat mailing list: [email protected]</li>
<li>Bruce Mayhew: [email protected]</li>
</ul>
</p>
</div>
</div>
<div class="row">
<div class="col-md-6">
<p>WebGoat Authors
<ul>
<li>Bruce Mayhew (Project Lead)</li>
<li>Jeff Williams (Original Idea)</li>
<li>Richard Lawson (Architect)</li>
<li>Jason White (Architect)</li>
</ul>
</p>
</div>
<div class="col-md-6">
<p>WebGoat Design Team
<ul>
<li>Richard Lawson</li>
<li>Bruce Mayhew</li>
<li>Jason White</li>
<li>Ali Looney (User Interface)</li>
<li>Jeff Wayman (Website and Docs)</li>
</ul>
</p>
</div>
</div>
<div class="row">
<div class="col-md-6">
<p>Active Contributors
<ul>
<li>Nanne Baars (Developer)</li>
<li>Dave Cowden (Everything)</li>
<li>Keith Gasser (Survey/Security)</li>
<li>Devin Mayhew (Setup/Admin)</li>
<li>Li Simon (Developer)</li>
</ul>
</p>
</div>
<div class="col-md-6">
<p>Past Contributors
<ul>
<li>David Anderson (Developer/Design)</li>
<li>Christopher Blum (Lessons)</li>
<li>Laurence Casey (Graphics)</li>
<li>Brian Ciomei (Bug fixes)</li>
<li>Rogan Dawes (Lessons)</li>
<li>Erwin Geirnaert (Solutions)</li>
<li>Aung Knant (Documentation)</li>
<li>Ryan Knell (Lessons)</li>
<li>Christine Koppeit (Build)</li>
<li>Sherif Kousa (Lessons/Documentation)</li>
<li>Reto Lippuner (Lessons)</li>
<li>PartNet (Lessons)</li>
<li>Yiannis Pavlosoglou (Lessons)</li>
<li>Eric Sheridan (Lessons)</li>
<li>Alex Smolen (Lessons)</li>
<li>Chuck Willis (Lessons)</li>
<li>Marcel Wirth (Lessons)</li>
</ul>
</p>
<p>Did we miss you? Our sincere apologies, as we know there have
been many contributors over the years. If your name does not
appear in any of the lists above, please send us a note. We'll
get you added with no further sacrifices required.</p>
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
=====================================================================
=====================================================================
\OPENING: http://localhost:9090/WebGoat/attack...n=20&menu=1100
=====================================================================
SOURCE:
<!-- HTML fragment correpsonding to the lesson content -->
<div id="lessonContent">
<h1>How To Work With WebGoat</h1>
<p>
Welcome to a brief overview of WebGoat.<br>
</p>
<h2>Environment Information</h2>
<p>
WebGoat uses the Apache Tomcat server but can run in any application server. It is configured to run on
localhost although this can be easily changed, see the "Tomcat Configuration" section in the Introduction. </p>
<h2>The WebGoat Interface</h2>
<p>
<img src="images/introduction/interface.png"><br><br>
1. Lesson Cate
=====================================================================
FORMS: <loginForm POST http://localhost:9090/WebGoat/j_spri...0DCA28BB145DCB application/x-www-form-urlencoded
<TextControl(username=)>
<PasswordControl(password=)>
<HiddenControl(=) (readonly)>
<SubmitButtonControl(<None>=) (readonly)>>
=====================================================================
OPENING: http://localhost:9090/WebGoat/login.mvc
=====================================================================
SOURCE:
<html>
<head>
<title>Login Page</title>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!-->
<!-- CSS -->
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon"/>
<!-- Bootstrap core CSS -->
<link rel="stylesheet" href="plugins/bootstrap/css/bootstrap.min.css"/>
<!-- Fonts from Font Awsome -->
<link rel="stylesheet" href="css/font-awesome.min.css"/>
<!-- CSS Animate -->
<link rel="stylesheet" href="css/animate.css"/>
<!-- Custom styles for this theme -->
<link rel="stylesheet" href="css/main.css"/>
<!-- end of CSS -->
</style>
</head>
<body onload='document.loginForm.username.focus();'>
<section id="container" ng-controller="goatLesson">
<header id="header">
<!--logo start-->
<div class="brand">
<a href="/WebGoat/start.mvc" class="logo"><span>Web</span>Goat</a>
</div>
<!--logo end-->
<div class="toggle-navigation toggle-left">
</div><!--toggle navigation end-->
<div class="lessonTitle" >
<h1 id="lessonTitle">Please login</h1>
</div><!--lesson title end-->
</header>
<section class="main-content-wrapper">
<section id="main-content" >
<br/><br/>
<form role="form" name='loginForm' action="j_spring_security_check;jsessionid=0FFB738E89ABF49ADF0DCA28BB145DCB" method='POST' style="width: 400px;">
<div class="form-group">
<label for="exampleInputEmail1">Username</label>
<input type="text" class="form-control" id="exampleInputEmail1" placeholder="Username" name='username'>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" id="exampleInputPassword1" placeholder="Password" name='password'>
</div>
<input type="hidden" name=""
value="" />
<button class="btn btn-large btn-primary" type="submit">Sign in</button>
</form>
<br/><br/>
<h4>The following accounts are built into Webgoat</h4>
<table class="table table-bordered" style="width:400px;">
<thead>
<tr class="warning"><th>Account</th><th>User</th><th>Password</th></tr>
</thead>
<tbody>
<tr><td>Webgoat User</td><td>guest</td><td>guest</td></tr>
<tr><td>Webgoat Admin</td><td>webgoat</td><td>webgoat</td></tr>
</tbody>
</table>
<br/><br/>
</section>
</section>
</section>
</body>
</html>
=====================================================================
=====================================================================
\OPENING: http://localhost:9090/WebGoat/start.mvc
=====================================================================
SOURCE:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!-->
<!-- CSS -->
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon"/>
<!-- Bootstrap core CSS -->
<link rel="stylesheet" href="plugins/bootstrap/css/bootstrap.min.css"/>
<!-- Fonts from Font Awsome -->
<link rel="stylesheet" href="css/font-awesome.min.css"/>
<!-- CSS Animate -->
<link rel="stylesheet" href="css/animate.css"/>
<!-- Custom styles for this theme -->
<link rel="stylesheet" href="css/main.css"/>
<!-- end of CSS -->
<!-- JS -->
<script src="js/jquery/jquery-1.10.2.min.js"></script>
<script src="js/angular/angular.min.js"></script>
<!-- angular modules -->
<script src="js/angular/angular-animate.min.js"></script>
<script src="js/angular/ui-bootstrap-tpls-0.11.0.min.js"></script>
<!-- Feature detection -->
<script src="js/modernizr-2.6.2.min.js"></script>
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="js/html5shiv.js"></script>
<script src="js/respond.min.js"></script>
<![endif]-->
<!--Global JS-->
<script src="js/jquery_form/jquery.form.js"></script>
<script src="plugins/bootstrap/js/bootstrap.min.js"></script>
<script src="js/application.js"></script>
<script type="text/javascript">
var goat = angular.module("goatApp", ['ngAnimate', 'ui.bootstrap']);
</script>
<script type="text/javascript" src="js/goatConstants.js"></script>
<script type="text/javascript" src="js/goatUtil.js"></script>
<script type="text/javascript" src="js/goatData.js"></script>
<script type="text/javascript" src="js/goatLesson.js"></script>
<script type="text/javascript" src="js/goatControllers.js"></script>
<!-- end of JS -->
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>WebGoat</title>
</head>
<body class="animated fadeIn" ng-app="goatApp">
<section id="container" ng-controller="goatLesson">
<header id="header">
<!--logo start-->
<div class="brand">
<a href="/WebGoat/start.mvc" class="logo"><span>Web</span>Goat</a>
</div>
<!--logo end-->
<div class="toggle-navigation toggle-left">
<button type="button" class="btn btn-default" id="toggle-left" data-toggle="tooltip" data-placement="right" title="Toggle Navigation">
<i class="fa fa-bars"></i>
</button>
</div><!--toggle navigation end-->
<div class="lessonTitle" >
<h1 id="lessonTitle"></h1>
</div><!--lesson title end-->
<div class="user-nav pull-right" style="margin-right: 75px;">
<div class="dropdown" style="display:inline">
<button type="button" class="btn btn-default dropdown-toggle" id="dropdownMenu1" ng-disabled="disabled">
<i class="fa fa-user"></i> <span class="caret"></span>
</button>
<ul class="dropdown-menu dropdown-menu-left" role="menu" aria-labelledby="dropdownMenu1">
<li role="presentation"><a role="menuitem" tabindex="-1" href="j_spring_security_logout">Logout</a></li>
<li role="presentation" class="divider"></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">User: guest</a></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Role: webgoat_user</a></li>
<li role="presentation" class="divider"></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">6.0.1</a></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Build: 14</a></li>
</ul>
</div>
<button type="button" class="btn btn-default right_nav_button" ng-click="showAbout()" data-toggle="tooltip" title="About WebGoat">
<i class="fa fa-info"></i>
</button>
<a href="mailto:[email protected]?Subject=Webgoat%20feedback" target="_top">
<button type="button" class="btn btn-default right_nav_button"data-toggle="tooltip" title="Contact Us">
<i class="fa fa-envelope"></i>
</button>
</a>
</div>
</header>
<!--sidebar left start-->
<aside class="sidebar" >
<div id="leftside-navigation" ng-controller="goatMenu" class="nano">
<ul class="nano-content">
<li class="sub-menu" ng-repeat="item in menuTopics">
<a ng-click="accordionMenu(item.id)" href=""><i class="fa {{item.class}}"></i><span>{{item.name}}</span></a><!-- expanded = !expanded-->
<ul class="slideDown lessonsAndStages {{item.displayClass}}" id="{{item.id}}" isOpen=0>
<li ng-repeat="lesson in item.children" class="{{lesson.selectedClass}}">
<a ng-click="renderLesson(lesson.id, lesson.link, {showSource: lesson.showSource, showHints: lesson.showHints})" id="{{lesson.id}}" class="{{lesson.selectedClass}}" title="link to {{lesson.name}}" href="">{{lesson.name}}</a><span class="{{lesson.completeClass}}"></span>
<span ng-repeat="stage in lesson.children">
<a ng-click="renderLesson(stage.id, stage.link, {showSource: stage.showSource, showHints: stage.showHints})" class="selectedClass" id="{{stage.id}}" title="link to {{stage.name}}" href="">{{stage.name}}</a><span class="{{stage.completeClass}}"></span>
</span>
</li>
</ul>
</li>
</ul>
</div>
</aside>
<!--sidebar left end-->
<!--main content start-->
<section class="main-content-wrapper">
<section id="main-content" > <!--ng-controller="goatLesson"-->
<div class="row">
<div class="col-md-8">
<div class="col-md-12" align="left">
<div class="panel">
<div class="panel-body">
<button type="button" id="showSourceBtn" ng-show="showSource" class="btn btn-primary btn-xs" ng-click="showLessonSource()">Java [Source]</button>
<button type="button" id="showSolutionBtn" class="btn btn-primary btn-xs" ng-click="showLessonSolution()">Solution</button>
<button type="button" id="showPlanBtn" class="btn btn-primary btn-xs" ng-click="showLessonPlan()">Lesson Plan</button>
<button type="button" id="showHintsBtn" ng-show="showHints" class="btn btn-primary btn-xs" ng-click="viewHints()">Hints</button>
<button type="button" id="restartLessonBtn" class="btn btn-xs" ng-click="restartLesson()">Restart Lesson</button>
</div>
</div>
<div class="lessonHelp" id="lesson_hint_row">
<h4>Hints</h4>
<div class="panel" >
<div class="panel-body" id="lesson_hint">
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-left" id="showPrevHintBtn" ng-click="viewPrevHint()"></span>
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-right" id="showNextHintBtn" ng-click="viewNextHint()"></span>
<br/>
<span ng-show="showHints" bind-html-unsafe="curHint"></span>
<!--<span id="curHintContainer"></span>-->
</div>
</div>
</div>
</div>
<div class="col-md-12">
<div class="panel" >
<div class="panel-body" id="lesson_content">
<b>This should default to the "How to Work with Webgoat" lesson</b>
</div>
</div>
</div>
</div><!--col-md-8 end-->
<div class="col-md-4">
<div class="col-md-12">
<div class="panel">
<div class="panel-body">
<div align="left">
<h3>Cookies / Parameters</h3>
</div>
<hr />
<div id="cookiesAndParamsView">
<div class="cookiesView">
<h4>Cookies</h4>
<div class="cookieContainer" ng-repeat="cookie in cookies">
<table class="cookieTable table-striped table-nonfluid" >
<thead>
<tr><th class="col-sm-1"></th><th class="col-sm-1"></th></tr> <!-- Field / Value -->
</thead>
<tbody>
<tr ng-repeat="(key, value) in cookie">
<td>{{key}}</td>
<td>{{value}}</td>
</tr>
</tbody>
<!--<li ng-repeat="(key, value) in cookie">{{key}} :: {{ value}} </td>-->
<!--</ul>-->
</table>
</div>
</div>
<div id="paramsView"> <!--class="paramsView"-->
<h4>Params</h4>
<table class="paramsTable table-striped table-nonfluid" id="paramsTable">
<thead>
<tr><th>Param</th><th>Value</th></tr>
</thead>
<tbody>
<tr ng-repeat="param in parameters">
<td>{{param.name}}</td>
<td>{{param.value}}</td>
</tr>
</tbody>
</table>
</ul>
</div>
</div>
</div>
</div>
</div>
</div><!--col-md-4 end-->
</div>
<div id="lessonHelpsWrapper">
<!--div class="row lessonHelp" id="lesson_hint_row">
<div class="col-md-12">
<h4>Hints</h4>
<div class="panel" >
<div class="panel-body" id="lesson_hint">
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-left" id="showPrevHintBtn" ng-click="viewPrevHint()"></span>
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-right" id="showNextHintBtn" ng-click="viewNextHint()"></span>
<br/>
{{curHint}}
</div>
</div>
</div>
</div-->
<div class="row lessonHelp" id="lesson_cookies_row">
<div class="col-md-12">
<h4>Lesson Parameters and Cookies</h4>
<div class="panel" >
<div class="panel-body" id="lesson_cookies">
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_hint_row">
<div class="col-md-12">
<h4>Lesson Hints</h4>
<div class="panel" >
<div class="panel-body" id="lesson_hint">
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_plan_row">
<div class="col-md-12">
<h4>Lesson Plan</h4>
<div class="panel" >
<div class="panel-body" id="lesson_plan">
<!-- allowing jQuery to handle this one -->
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_solution_row">
<div class="col-md-12">
<h4>Lesson Solution</h4>
<div class="panel">
<div class="panel-body" id="lesson_solution">
</div>
</div>
</div>
</div>
<div class="row lessonHelp" id="lesson_source_row">
<div class="col-md-12">
<h4>Lesson Source Code</h4>
<div class="panel">
<div class="panel-body" id="lesson_source">
<pre>{{source}}</pre>
</div>
</div>
</div>
</div>
</div>
</section>
</section>
<!--main content end-->
</section>
<!--main content end-->
</section>
<script>
$(document).ready(function() {
//TODO merge appliction.js code into other js files
app.init();
});
</script>
<!-- About WebGoat Modal -->
<div class="modal fade" id="aboutModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<!-- This modal content is included into the main_new.jsp -->
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 class="modal-title" id="myModalLabel">About WebGoat - Provided by the OWASP Foundation</h3>
</div>
<div class="modal-body modal-scroll">
<p>Thanks for hacking The Goat!</p>
<p>WebGoat is a demonstration of common web application flaws. The
associated exercises are intended to provide hands-on experience with
techniques aimed at demonstrating and testing application penetration.
</p>
<p>From the entire WebGoat team, we appreciate your interest and efforts
in making applications not just better, but safer and more secure for
everyone. We, as well as our sacrificial goat, thank you.</p>
<p>
Version: 6.0.1, Build: 14
</p>
<div class="row">
<div class="col-md-6">
<p>Contact us:
<ul>
<li>WebGoat mailing list: [email protected]</li>
<li>Bruce Mayhew: [email protected]</li>
</ul>
</p>
</div>
</div>
<div class="row">
<div class="col-md-6">
<p>WebGoat Authors
<ul>
<li>Bruce Mayhew (Project Lead)</li>
<li>Jeff Williams (Original Idea)</li>
<li>Richard Lawson (Architect)</li>
<li>Jason White (Architect)</li>
</ul>
</p>
</div>
<div class="col-md-6">
<p>WebGoat Design Team
<ul>
<li>Richard Lawson</li>
<li>Bruce Mayhew</li>
<li>Jason White</li>
<li>Ali Looney (User Interface)</li>
<li>Jeff Wayman (Website and Docs)</li>
</ul>
</p>
</div>
</div>
<div class="row">
<div class="col-md-6">
<p>Active Contributors
<ul>
<li>Nanne Baars (Developer)</li>
<li>Dave Cowden (Everything)</li>
<li>Keith Gasser (Survey/Security)</li>
<li>Devin Mayhew (Setup/Admin)</li>
<li>Li Simon (Developer)</li>
</ul>
</p>
</div>
<div class="col-md-6">
<p>Past Contributors
<ul>
<li>David Anderson (Developer/Design)</li>
<li>Christopher Blum (Lessons)</li>
<li>Laurence Casey (Graphics)</li>
<li>Brian Ciomei (Bug fixes)</li>
<li>Rogan Dawes (Lessons)</li>
<li>Erwin Geirnaert (Solutions)</li>
<li>Aung Knant (Documentation)</li>
<li>Ryan Knell (Lessons)</li>
<li>Christine Koppeit (Build)</li>
<li>Sherif Kousa (Lessons/Documentation)</li>
<li>Reto Lippuner (Lessons)</li>
<li>PartNet (Lessons)</li>
<li>Yiannis Pavlosoglou (Lessons)</li>
<li>Eric Sheridan (Lessons)</li>
<li>Alex Smolen (Lessons)</li>
<li>Chuck Willis (Lessons)</li>
<li>Marcel Wirth (Lessons)</li>
</ul>
</p>
<p>Did we miss you? Our sincere apologies, as we know there have
been many contributors over the years. If your name does not
appear in any of the lists above, please send us a note. We'll
get you added with no further sacrifices required.</p>
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
=====================================================================
=====================================================================
\OPENING: http://localhost:9090/WebGoat/attack...n=20&menu=1100
=====================================================================
SOURCE:
<!-- HTML fragment correpsonding to the lesson content -->
<div id="lessonContent">
<h1>How To Work With WebGoat</h1>
<p>
Welcome to a brief overview of WebGoat.<br>
</p>
<h2>Environment Information</h2>
<p>
WebGoat uses the Apache Tomcat server but can run in any application server. It is configured to run on
localhost although this can be easily changed, see the "Tomcat Configuration" section in the Introduction. </p>
<h2>The WebGoat Interface</h2>
<p>
<img src="images/introduction/interface.png"><br><br>
1. Lesson Cate
=====================================================================
Les copies:
138487Capturedcrande20151122135103.jpg944133Capturedcrande20151122135041.jpg
Si quelqu'un a une idée je lui en serait très reconnaissant