SQL Injection WebGoat Demos on Windows Machine Using Java. ( This assignment requires Downloading WebGoat Demos and Taking Screenshots )

Please follow direction carefully

Directions Are Below:

Navigate to h croll down and read the explanatory text. Scroll back up and click the "demos" folder Download each demo by clicking its name and then "view raw Your antivirus or windows defender may warn you about the files... They are fine and will not cause problems for your computer - select "ok" or "Keep" or "Continue -depending on your environment. Like WebGoat these are Java .jar files. - to run them Open a command prompt (Windows-r) Navigate to the directory they downloaded to - typically you can just type "cd Downloads" and press enter Launch each one by typing "java -jar The presentation color scheme is slightly better than the classic scheme Run each Java applet in the following sequence. 1. Jumps: Demo only- explains what stacks are and how they operate Stacks: Demo only- explains how variables interact with stacks and how flow control work in programs and subroutines. 2. Spock: Demonstrates what is commonly called a "variable attack" buffer overflow. Some interaction. The password it is expecting is 8 characters. Try entering 9 with the 9th being something relevant to the program. 3. Smasher: Demonstrates "stack smashing." Some interaction. Try manipulating the input to get the program to SEGFAULT If you are careful, you can manipulate the input to overflow into the correct portion of the stack and access the hidden function (it is color coded in RED) 4. StackGuard: This interactive demo shows how the StackGuard compiler can help prevent "stack attacks." Try manipulating the input to overflow the canary. What happens? 5. To prove you have completed each demo, you will create a Word document as we have done in the past. Each demo will entail one (or more) screenshots. For each applet: If asked to input something, take a screenshot/snip to demonstrate that you have done so. Paste into a word document with headings identifying what each image is. Navigate to h croll down and read the explanatory text. Scroll back up and click the "demos" folder Download each demo by clicking its name and then "view raw Your antivirus or windows defender may warn you about the files... They are fine and will not cause problems for your computer - select "ok" or "Keep" or "Continue -depending on your environment. Like WebGoat these are Java .jar files. - to run them Open a command prompt (Windows-r) Navigate to the directory they downloaded to - typically you can just type "cd Downloads" and press enter Launch each one by typing "java -jar The presentation color scheme is slightly better than the classic scheme Run each Java applet in the following sequence. 1. Jumps: Demo only- explains what stacks are and how they operate Stacks: Demo only- explains how variables interact with stacks and how flow control work in programs and subroutines. 2. Spock: Demonstrates what is commonly called a "variable attack" buffer overflow. Some interaction. The password it is expecting is 8 characters. Try entering 9 with the 9th being something relevant to the program. 3. Smasher: Demonstrates "stack smashing." Some interaction. Try manipulating the input to get the program to SEGFAULT If you are careful, you can manipulate the input to overflow into the correct portion of the stack and access the hidden function (it is color coded in RED) 4. StackGuard: This interactive demo shows how the StackGuard compiler can help prevent "stack attacks." Try manipulating the input to overflow the canary. What happens? 5. To prove you have completed each demo, you will create a Word document as we have done in the past. Each demo will entail one (or more) screenshots. For each applet: If asked to input something, take a screenshot/snip to demonstrate that you have done so. Paste into a word document with headings identifying what each image is