[prev in list] [next in list] [prev in thread] [next in thread] 

List:       owasp-webgoat
Subject:    [Owasp-webgoat] WebGoat Lab question
From:       "cgi phantom" <webapps3c () gmail ! com>
Date:       2007-03-09 15:48:02
Message-ID: 9cfc13470703090748o84349ebxc55621c1a14ed2b0 () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi all,

I've installed Windows_WebGoat-5.0-RC1_Release and been having allot of fun!

I'm stuck on the Broken Access Control Lab : Role Based Access Control
section. I need some technical clues or even the answer on how to bypass the
authentication schema. I've attempted SQL injection in the password field
with Web Scarab without success. I'm at a blank.

I'm sure someone on this list has figured it out by now. Please help ?

Looking forward to your replies & thanks in advance.

r/

CGI Phantom

[Attachment #5 (text/html)]

Hi all,<br><br>I&#39;ve installed Windows_WebGoat-5.0-RC1_Release and been having \
allot of fun!<br><br>I&#39;m stuck on the Broken Access Control Lab : Role Based \
Access Control section. I need some technical clues or even the answer on how to \
bypass the authentication schema. I&#39;ve attempted SQL injection in the password \
field with Web Scarab without success. I&#39;m at a blank. <br><br>I&#39;m sure \
someone on this list has figured it out by now. Please help ?<br><br>Looking forward \
to your replies &amp; thanks in advance.<br><br>r/<br><br>CGI Phantom<br>



_______________________________________________
Owasp-webgoat mailing list
Owasp-webgoat@lists.owasp.org
http://lists.owasp.org/mailman/listinfo/owasp-webgoat


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic