[prev in list] [next in list] [prev in thread] [next in thread]
List: owasp-webgoat
Subject: Re: [Owasp-webgoat] Linux test of WebGoat 5.0 RC1 - Trouble with
From: "Bruce Mayhew" <bruce.mayhew () g2-inc ! com>
Date: 2007-03-02 2:42:13
Message-ID: 7C3B5F778B082349A5F029AA4A61E61932FE4C () g2srvexch01 ! g2-inc ! net
[Download RAW message or body]
--===============0237600440==
Content-class: urn:content-classes:message
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C75C74.B0EBDBDE"
This is a multi-part message in MIME format.
Thanks Simon. If we can get the feedback soon, I can put it in the 5.0 which will be \
released as soon as I can find the time to verify the build and upload it to \
SourceForge.
Bruce
________________________________
From: Simon.Vuille@unil.ch [mailto:Simon.Vuille@unil.ch]
Sent: Thu 2/22/2007 5:00 AM
To: tim belina; owasp-webgoat@lists.owasp.org; Bruce Mayhew
Subject: re: [Owasp-webgoat] Linux test of WebGoat 5.0 RC1 - Trouble with HTTP \
response splitting excercise
I have been using RC1 on OS X and, despite the program being
very promising, I have found that several lessons do not
work appropriately. I have the same problem with HTTP
Splitting. Copy pasting the answer (last hint) yields the
same result as anything else. I plan on sending pointing out
the lessons that seem to cause problems in the future, I
just need a bit more time.
Regards,
Simon
----- Original Message -----
Expéditeur: "tim belina" <timbelina@gmail.com>
à: owasp-webgoat@lists.owasp.org, bruce.mayhew@g2-inc.com
Sujet: [Owasp-webgoat] Linux test of WebGoat 5.0 RC1 -
Trouble with HTTP response splitting excercise
Date: Thu, 22 Feb 2007 09:38:49 +1000
> 'morning all,
>
> I have been playing with WG5.0 RC1 on openSuSE10.2 x86
> with JDK 1.5.0_08 and using Firefox 2.0 as my browser. Its
> great! Well done to the contributors! Alas, I did have a
> few problems with one of the lessons; the HTTP
> response-splitting lesson. Try as I might, I could not
> exploit the vuln... I even just cut'n'pasted the answer
> via WebScarab :-) Can someone please confirm that the
> problem lies with me and not the lesson.
>
> Thanks,
> Tim.
> _______________________________________________
> Owasp-webgoat mailing list
> Owasp-webgoat@lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-webgoat
[Attachment #3 (text/html)]
<HTML dir=ltr><HEAD><TITLE>re: [Owasp-webgoat] Linux test of WebGoat 5.0 RC1 - \
Trouble with HTTP response splitting excercise</TITLE> <META http-equiv=Content-Type \
content="text/html; charset=unicode"> <META content="MSHTML 6.00.6000.16414" \
name=GENERATOR></HEAD> <BODY>
<DIV id=idOWAReplyText51607 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>Thanks Simon. If we can get \
the feedback soon, I can put it in the 5.0 which will be released as soon as I can \
find the time to verify the build and upload it to SourceForge.</FONT></DIV> <DIV \
dir=ltr><FONT face=Arial size=2></FONT> </DIV> <DIV dir=ltr><FONT face=Arial \
size=2>Bruce</FONT></DIV></DIV> <DIV dir=ltr><BR>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Simon.Vuille@unil.ch \
[mailto:Simon.Vuille@unil.ch]<BR><B>Sent:</B> Thu 2/22/2007 5:00 AM<BR><B>To:</B> tim \
belina; owasp-webgoat@lists.owasp.org; Bruce Mayhew<BR><B>Subject:</B> re: \
[Owasp-webgoat] Linux test of WebGoat 5.0 RC1 - Trouble with HTTP response splitting \
excercise<BR></FONT><BR></DIV> <DIV>
<P><FONT size=2>I have been using RC1 on OS X and, despite the program being<BR>very \
promising, I have found that several lessons do not<BR>work appropriately. I have the \
same problem with HTTP<BR>Splitting. Copy pasting the answer (last hint) yields \
the<BR>same result as anything else. I plan on sending pointing out<BR>the lessons \
that seem to cause problems in the future, I<BR>just need a bit more \
time.<BR><BR>Regards,<BR><BR>Simon<BR>----- Original Message -----<BR>Expéditeur: \
"tim belina" <timbelina@gmail.com><BR>à: owasp-webgoat@lists.owasp.org, \
bruce.mayhew@g2-inc.com<BR>Sujet: [Owasp-webgoat] Linux test of WebGoat 5.0 RC1 \
-<BR>Trouble with HTTP response splitting excercise<BR>Date: Thu, 22 Feb 2007 \
09:38:49 +1000<BR><BR>> 'morning all,<BR>><BR>> I have been playing with \
WG5.0 RC1 on openSuSE10.2 x86<BR>> with JDK 1.5.0_08 and using Firefox 2.0 as my \
browser. Its<BR>> great! Well done to the contributors! Alas, I did have a<BR>> \
few problems with one of the lessons; the HTTP<BR>> response-splitting \
lesson. Try as I might, I could not<BR>> exploit the vuln... I even just \
cut'n'pasted the answer<BR>> via WebScarab :-) Can someone please confirm \
that the<BR>> problem lies with me and not the lesson.<BR>><BR>> \
Thanks,<BR>> Tim.<BR>> \
_______________________________________________<BR>> Owasp-webgoat mailing \
list<BR>> Owasp-webgoat@lists.owasp.org<BR>> <A \
href="http://lists.owasp.org/mailman/listinfo/owasp-webgoat">http://lists.owasp.org/mailman/listinfo/owasp-webgoat</A><BR></FONT></P></DIV></BODY></HTML>
_______________________________________________
Owasp-webgoat mailing list
Owasp-webgoat@lists.owasp.org
http://lists.owasp.org/mailman/listinfo/owasp-webgoat
--===============0237600440==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic