COURSE WORK 1

Software Security

KAHDSE201F-016
D.G.M.H.Rajapaksha
Content

1) Installation & Run

2) Practical demonstration

> SQL Injection

> SQL Injection advance
> SQL Injection Mitigation
> Cross Site Scripting (XSS)
1 .Webgoate Installation & Run

This installation log contains step for version 8.0.0.M14 of Webgoate

First you go to this url https://github.com/WebGoat/WebGoat. It is a large Github repository containing

webgote versions.
For standalone installation can use the bellow link.

Once you have seen the webgote versions, you need to download the appropriate version
(8.0.0.M14) as bellow.

It contains both the webgote server and the webwolf zip file, so downloading the webgote
server is enough.
According to Belo Pictures the command props or power shell opening in that unshipped
location must be done after downloading and removing.
Press Shift + Right Click

When the Open PowerShell window is selected, the PowerShell will appear in the correct location.

After that enter bellow code in PowerShell.

Then Enter it .

If It was success you can see that kind of screen (below image)
Now successfully install and run webgoat server in your computer finally you should go to the
Webgoat login in localhost using below url.

Then you can see this king of Login form after successful webgoat installation.
Practical demonstration
1 .SQL Injection

What is SQL Injection?

A SQL injection attack consists of insertion or "injection" of an malicious data via the SQL
query input from the client to the application.

String SQL Injection

Solution code – Smith’ OR ‘1’=’1

Numeric SQL Injection

Solution Code - 101 OR TRUE

2.SQL Injection (Advance)

Pulling data from other tables

Solution code :

Result :
Now you can see the Dave’s password . Then enter in password Text input.

Summery activity
1 – Register

2-Login
2.SQL Injection (Mitigation)

Solution :
IP Address – 192.168.3.3
2.Cross Site Scripting (XSS)

What is XSS
Cross-site script (also commonly known as XSS) is a vulnerability/flaw that combines …
# the allowance of html/script tags as input that are …# rendered into a browser
without encoding or sanitization

Basic XSS
You need to get separate tabs in browser and type below code in each tabs .and make sure
results are similar or not.
Javasrcipt:alert(document.cookie);

Tab 1

Tab 1’s alert massage

Tab 2

Tab 2’s alert massage

According to these messages both session id ‘s are same then textbox answer is yes.

Reflected XSS
Solution Code - <script>alert('my javascript here')</script>
Result :

Identify Potential for DOM-Based XSS

With null text input.

Find GoatRouter.js

GoatRouter’s mvc controller

Finally it should write start.mvc#lesson/ url pattern

Then ,

Solution code (url part) - start.mvc#test/