Login_i.java example

Explorer

WebGoat-Legacy-master
- src
  - main
    - java
      - org
        owasp
        webgoat
        Catcher.java
        HammerHead.java
        LessonSource.java
        application
        Application.java
        WebGoatServletListener.java
        controller
        About.java
        Login.java
        Logout.java
        Start.java
        Welcome.java
        lessons
        AbstractLesson.java
        AccessControlMatrix.java
        BackDoors.java
        BasicAuthentication.java
        BlindNumericSqlInjection.java
        BlindScript.java
        BlindStringSqlInjection.java
        BypassHtmlFieldRestrictions.java
        CSRF.java
        Category.java
        Challenge2Screen.java
        ClientSideFiltering
        ClientSideFiltering.java
        ClientSideValidation.java
        CommandInjection.java
        ConcurrencyCart.java
        CrossSiteScripting
        CrossSiteScripting.java
        EditProfile.java
        FindProfile.java
        UpdateProfile.java
        ViewProfile.java
        CsrfPromptByPass.java
        CsrfTokenByPass.java
        DBCrossSiteScripting
        DBCrossSiteScripting.java
        UpdateProfile.java
        DBSQLInjection
        DBSQLInjection.java
        Login.java
        DOMInjection.java
        DOMXSS.java
        DOS_Login.java
        DangerousEval.java
        Encoding.java
        FailOpenAuthentication.java
        ForcedBrowsing.java
        ForgotPassword.java
        GoatHillsFinancial
        DefaultLessonAction.java
        DeleteProfile.java
        EditProfile.java
        FindProfile.java
        GoatHillsFinancial.java
        LessonAction.java
        ListStaff.java
        Login.java
        Logout.java
        SearchStaff.java
        UpdateProfile.java
        ViewProfile.java
        HiddenFieldTampering.java
        HowToWork.java
        HtmlClues.java
        HttpBasics.java
        HttpOnly.java
        HttpSplitting.java
        InsecureLogin.java
        JSONInjection.java
        JavaScriptValidation.java
        LessonAdapter.java
        LogSpoofing.java
        MaliciousFileExecution.java
        MultiLevelLogin1.java
        MultiLevelLogin2.java
        NewLesson.java
        OffByOne.java
        PasswordStrength.java
        PathBasedAccessControl.java
        Phishing.java
        RandomLessonAdapter.java
        ReflectedXSS.java
        RemoteAdminFlaw.java
        RoleBasedAccessControl
        DeleteProfile.java
        EditProfile.java
        RoleBasedAccessControl.java
        UpdateProfile.java
        ViewProfile.java
        SQLInjection
        ListStaff.java
        Login.java
        SQLInjection.java
        ViewProfile.java
        SameOriginPolicyProtection.java
        SequentialLessonAdapter.java
        SessionFixation.java
        SilentTransactions.java
        SoapRequest.java
        SqlAddData.java
        SqlModifyData.java
        SqlNumericInjection.java
        SqlStringInjection.java
        StoredXss.java
        ThreadSafetyProblem.java
        TomcatSetup.java
        TraceXSS.java
        UncheckedEmail.java
        UsefulTools.java
        WSDLScanning.java
        WeakAuthenticationCookie.java
        WeakSessionID.java
        WelcomeScreen.java
        WsSAXInjection.java
        WsSqlInjection.java
        XMLInjection.java
        XPATHInjection.java
        ZipBomb.java
        admin
        AdminScreen.java
        ProductsAdminScreen.java
        RefreshDBScreen.java
        ReportCardScreen.java
        SummaryReportCardScreen.java
        UserAdminScreen.java
        ViewDatabase.java
        WelcomeAdminScreen.java
        instructor
        CrossSiteScripting
        FindProfile_i.java
        UpdateProfile_i.java
        ViewProfile_i.java
        DBCrossSiteScripting
        UpdateProfile_i.java
        DBSQLInjection
        Login_i.java
        RoleBasedAccessControl
        DeleteProfile_i.java
        EditProfile_i.java
        RoleBasedAccessControl_i.java
        UpdateProfile_i.java
        ViewProfile_i.java
        SQLInjection
        Login_i.java
        ViewProfile_i.java
        model
        Hint.java
        HttpBasicsModel.java
        LessonMenuItem.java
        LessonMenuItemType.java
        RequestParameter.java
        SourceListing.java
        service
        ApplicationService.java
        BaseService.java
        CookieService.java
        DummyService.java
        ExceptionInfo.java
        HintService.java
        LessonMenuService.java
        LessonPlanService.java
        LessonTitleService.java
        ParameterService.java
        RestartLessonService.java
        SessionService.java
        SolutionService.java
        SourceService.java
        servlets
        Controller.java
        session
        Authorization.java
        Course.java
        CreateDB.java
        DatabaseUtilities.java
        ECSFactory.java
        Employee.java
        EmployeeStub.java
        ErrorScreen.java
        LessonSession.java
        LessonTracker.java
        Parameter.java
        ParameterNotFoundException.java
        ParameterParser.java
        RandomLessonTracker.java
        Role.java
        Screen.java
        SequentialLessonTracker.java
        UnauthenticatedException.java
        UnauthorizedException.java
        User.java
        UserDatabase.java
        UserTracker.java
        ValidationException.java
        WebSession.java
        WebgoatContext.java
        WebgoatProperties.java
        util
        BeanProvider.java
        Exec.java
        ExecResults.java
        ExecutionException.java
        HtmlEncoder.java
        Interceptor.java
        LabelManager.java
        LabelManagerImpl.java
        LabelProvider.java
        ThreadWatcher.java
        WebGoatI18N.java


package org.owasp.webgoat.lessons.instructor.DBSQLInjection;

/*
 * The solution is to choose Neville's userid, and enter a password like:
 * ' OR '1'='1
 * Modify the Stored function LOGIN_EMPLOYEE to use fixed statements or bind variables
 * 
 * 
 * For ORACLE:
CREATE OR REPLACE FUNCTION WEBGOAT_guest.EMPLOYEE_LOGIN(v_id NUMBER, v_password VARCHAR) RETURN NUMBER AS
    cnt NUMBER;
BEGIN
  SELECT COUNT(*) INTO cnt FROM EMPLOYEE
    WHERE USERID = v_id
      AND PASSWORD = v_password;
  RETURN cnt;
END;
/

* OR

CREATE OR REPLACE FUNCTION WEBGOAT_guest.EMPLOYEE_LOGIN(v_id NUMBER, v_password VARCHAR) RETURN NUMBER AS
    stmt VARCHAR(32767); cnt NUMBER;
BEGIN
    stmt  := 'SELECT COUNT (*) FROM EMPLOYEE WHERE USERID = :1 AND PASSWORD = :2';
    EXECUTE IMMEDIATE stmt INTO cnt USING v_id, v_password;
    RETURN cnt;
END;
/
    
 * For SQL SERVER
    
CREATE FUNCTION webgoat_guest.EMPLOYEE_LOGIN (
    @v_id INT,
    @v_password VARCHAR(100)
) RETURNS INTEGER
AS
    BEGIN
        DECLARE @count int
        SELECT @count = COUNT(*) FROM EMPLOYEE WHERE USERID = @v_id AND PASSWORD = @v_password;
        return @count
    END

*/