Comments (5)
mayhew64
commented on June 7, 2024
We need to consider the ID-Less state and how that may or may not affect scanning tools.
from webgoat.
span
commented on June 7, 2024
I had a look at this and thought it should be possible to concatenate the lessonId with the stageId when generating the menu items. This would result in the stageId's looking like this for the given example:
LABDBCrossSiteScriptingXSS-Stage1StoredXSS
LABCrossSiteScripting-Stage1StoredXSS
Would that be sufficient for now? I could provide a commit and pull request if so.
from webgoat.
misfir3
commented on June 7, 2024
Not everything has a stage, so that may be limited. Maybe better to prepend the category and/or use the ids (numerical) generated from the lessonMenu service. That's the short term. Longer term, I think I'd rather remove IDs out of the DOM on those menu items. That's a separate issue/effort though.
from webgoat.
span
commented on June 7, 2024
I completely agree on the long term. On the short term, I am still new to the code base of the application so I might have missed something obvious but here is my analysis of the possibilities at the moment.
The stage id's generated in LessonMenuService seems to not be unique for stages. The other possibly unique property is the link for a lesson. The link is a string consisting of some special chars and integers, for example #attack/152/900. Parsing this into a unique integer where what we really would like seems to be 152 and the prepend it somewhere seems messy to me.
There is also the cid on the category that could be used. It could be prepended to the lessonId and then concatenate the lessonId with the stageId. We need the lessonId since a category can have multiple stages with same "base id". The result would be something like this.
c88-Cross-SiteScriptingXSS
c88-LABDBCrossSiteScripting
c88-LABDBCrossSiteScripting-XSSStage1StoredXSS
I fint that prepending the category name that is used as the catId would make the id's very long although they would have good semantics.
Cross-SiteScriptingXSS
Cross-SiteScriptingXSS-LABDBCrossSiteScriptingXSS
Cross-SiteScriptingXSS-LABDBCrossSiteScriptingXSS-Stage1StoredXSS
I think I might be most fond of the catId - lessonId - stageId since it consistently uses what could be considered a parent id on the child.
The following commit uses simple concatenation to build the id's. If we do not like string building in this way a utility function could be created in GoatUtils instead with the delimiter defined as a constant or parameter.
from webgoat.
misfir3
commented on June 7, 2024
stale, closing
from webgoat.
Related Issues (20)
- Add JWT vulnerability with `jku`
- Cannot invoke "javax.tools.JavaCompiler.getStandardFileManager ..." because "compiler" is null HOT 4
- WebWolf: add a page to create a response
- WebWolf: introduce state
- WebWolf: add option to create JWKS
- WebWolf: decoding JWT no longer works
- Create more structure within the lessons/menu by introducing personas
- WebWolf: add access log link to `/files` endpoint
- Command injection lesson HOT 5
- icon image is not upto date. HOT 3
- Request processing failed; nested exception is java.lang.NullPointerException: Cannot invoke "Object.equals(Object)" because the return value of "org.owasp.webgoat.container.session.UserSessionData.getValue(String)" is null HOT 1
- WebWolf: Make webjar dependencies version agnostic
- Incorrect localization files in XSS lesson
- Fix the Stored Cross-Site Scripting Lesson
- Fix the Mitigation Cross-Site Scripting Lesson
- Deprecated attribute in Thymeleaf - HijackSession Lesson
- Some links in the Crypto Basics lesson are not working
- fix: lessons containing links with trailing slash are not functioning correctly
- GMAILK HOT 1
- The task is not executable between now and the next ten minutes, so the action will be ignored. Maybe you copied an old solution? Let's try again. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from webgoat.