Differences between revisions 13 and 14
Revision 13 as of 2009-11-03 22:01:04
Size: 1186
Editor: 24-183-238-75
Comment:
Revision 14 as of 2009-11-03 22:02:00
Size: 1188
Editor: 24-183-238-75
Comment:
Deletions are marked like this. Additions are marked like this.
Line 8: Line 8:
   * [NetworkSecurity/Lab]    * [[NetworkSecurity/Lab]]

CPTR 427 Network Security Class

Below is a list of subpages for NetworkSecurity

Using WebScarab with WebGoat

  1. Start up WebScarab. It may be in basic mode.

    1. If it is, Go to Tools->Use Full Interface.

    2. Restart WebScarab.

  2. Fire up IE and go to Tools->Internet Options->Connections->LAN settings.

  3. Check Use proxy server and set address to localhost port 8008.
  4. Click OK and OK.

  5. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both).

  6. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.)

Often Discussed Topics

CategoryHomepage

NetworkSecurity (last edited 2024-01-07 18:12:17 by scot)