Differences between revisions 11 and 14 (spanning 3 versions)
Revision 11 as of 2009-11-03 21:58:57
Size: 1109
Editor: 24-183-238-75
Comment:
Revision 14 as of 2009-11-03 22:02:00
Size: 1188
Editor: 24-183-238-75
Comment:
Deletions are marked like this. Additions are marked like this.
Line 6: Line 6:
Below is a list of subpages for NetworkSecurity
Line 7: Line 8:
   * [[NetworkSecurity/Lab]]

CPTR 427 Network Security Class

Below is a list of subpages for NetworkSecurity

Using WebScarab with WebGoat

  1. Start up WebScarab. It may be in basic mode.

    1. If it is, Go to Tools->Use Full Interface.

    2. Restart WebScarab.

  2. Fire up IE and go to Tools->Internet Options->Connections->LAN settings.

  3. Check Use proxy server and set address to localhost port 8008.
  4. Click OK and OK.

  5. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both).

  6. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.)

Often Discussed Topics

CategoryHomepage

NetworkSecurity (last edited 2025-07-11 15:45:35 by scot)