CENG 325 – Principles of Information Security and

Privacy
XSS ATTACK
PART 1
Deadline: 16.30, Dec 30, Thursday 2021
Individual Submission

Setting up WebGoat in your previously installed Windows 8.1 virtual environment.

Step 1: Fix your internet connection by undoing changes we made in the firewall activity
Step 2: Download then Install Java 6 for 64-bit OS from
https://www.oracle.com/tr/java/technologies/javase-java-archive-javase6-downloads.html
Step 3: Open a “command prompt” by pressing windows button + R, then running
CMD.
Step 4: Type java in the command prompt window and press Enter. You should see
something like this,

This means you have successfully installed Java. Close the command prompt.
Step 5: Open the firefox and download WebGoat by going to this website
https://github.com/WebGoat/WebGoat-Legacy/releases/tag/v6.0.1
Scroll to the bottom of the page and download the ‘WebGoat-6.0.1-war-exec.jar’ by clicking
on the jar file.
Step 6: Open the command prompt again. Navigate to the folder where you downloaded
the WebGoat jar file. Type in the command:
java -jar WebGoat-6.0.1-war-exec.jar
Wait for 1 to 2 minutes till the server is up and running.
Step 7: Open a browser window and type ‘http://localhost:8080/WebGoat/’ to start
WebGoat in the browser.
Step 8: Take a screenshot that shows your Student ID, name and the firefox window in
which WebGoat is running and submit it as pdf file.