Anarking / webgoat

Automatically exported from code.google.com/p/webgoat
0 stars 0 forks source link

The challenge, stage 3, no way to solve on Debian #27

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Access Challenge > The CHALLENGE! from the left menu
2. Solve stage 1 (force authentication) and 2 (list all credit cards) and
from stage 2, click on "Proceed to next stage... (3)"
3. From stage 3, filter by anything (ip, tcp6, ...)
----
What is the expected output? What do you see instead?
Expected: should output a filtered table of connections where it should be
possible to exploit a vulnerability (I won't tell more ;-)
Actual: issues same table (default: no filter) with standard "netstat
command" with no way of exploiting vulnerability (see attached screenshot).
----
What version of the product are you using? On what operating system?
*WebGoat:     5.2 Standard Release
*OS (client): Ubuntu 9.04
*OS (server): Linux debian 2.6.18-6-686 on VMWARE Server 2.0.0 Build 122956
(virtualized on the client)
----
Please provide any additional information below.
It seems to be providing from the "netstat" command itself. Indeed "netstat
-ant" returns a "well formatted" table whereas "netstat" returns special
information that doesn't suit the table format.

Original issue reported on code.google.com by sdam...@gmail.com on 22 Jun 2009 at 3:46

Attachments:

GoogleCodeExporter commented 8 years ago

Original comment by mayhe...@gmail.com on 24 Mar 2010 at 8:36

GoogleCodeExporter commented 8 years ago
Changed the netstat to -ant for both Windows and Unix as it completes faster.  
However, the returned command information should have been embedded in the 
source even though you couldn;t see it.  I believe the lesson still should have 
been able to be completed but it is a good suggestion

Original comment by mayhe...@gmail.com on 23 Apr 2012 at 6:58