Name _________________________________
Assignment #
15
WebGoat
–
Part I
C
SC 482/582
-
001
Go to
http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
.
This describes to
WebGoat Project. WebGoat teaches web application
security through a series of exercises.
Go to
http://code.google.com/p/webgoat/download
s/detail?name=WebGoat
-
OWASP_Standard
-
5.2.zip&can=4&q=WebGoat
. Click on WebGoat
-
OWASP_Standard5.
2
.zip. Download the zip file and unzip to install
WebGoat.
Web utilizes Apache Tomcat web server.
To start Tomcat, browse to the WebGoat5.
2
directory and double click
"webgoat.bat".
Start your browser and browse to:
http://localhost/WebGoat/attack
.
Problem 1
In the browser, click on General.
Click HTTP Ba
sics.
When you successfully complete this lesson, HTTP Basics should have a
green check
mark.
I successfully complete this lesson.
Initials
#A:
______________
Problem 2
Click on Code Quality.
Click on Discover Cues in the HTML
Click on Lesson Plan
and read it.
Click on Hint. It is displayed in red.
Comments in HTML begin with <!
--
.
Complete this exercise to get your green check mark.
What is the admin password?
Answer #B:
Problem 3
Click on LAB: SQL Injection
Click on Stage
1
:
String SQL
Injection
Click on Lesson Plan and read it.
Click on Hint. It is displayed in red.
If you get stuck, click on Solution.
Where it says to use WebScarab, use Tamper Data
Complete this exercise to get your green check mark.
Explain how you solved this probl
em.
Answer #C:
Enter the password to open this PDF file:
File name:
-
File size:
-
Title:
-
Author:
-
Subject:
-
Keywords:
-
Creation Date:
-
Modification Date:
-
Creator:
-
PDF Producer:
-
PDF Version:
-
Page Count:
-
Preparing document for printing…
0%
Comments 0
Log in to post a comment