22
May

I really hope this is a joke

   Posted by: Joshbw   in General Ramblings

Add Comment

Hey Everyone, did you hear- WebGoat is full of security holes. Way to go FullDisclosure, you really nailed that one, though you did miss severl dozen vulnerabilities in the software (it is almost like it was designed to be vulnerable…), for example little trivial things like command injection. Did you hear from the vendor to see if they have a timetable to fix the flaws?

~ Joshbw

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • Live
This entry was posted on Friday, May 22nd, 2009 at 11:18 am and is filed under General Ramblings. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

3 comments so far

Jim Manico
 1 

Comon man, just slap a little VA+WAF on top of that Webgoat mess and you will be 100% secure.

May 22nd, 2009 at 6:43 pm
Jim Manico
 2 

You got to read it, it really IS a joke:

- Cookie stealing
- Cookie harassing
- Cookie tampering
- Tampering of harassed cookie
- Harassing the thief tampering with cookies

May 22nd, 2009 at 6:46 pm
fuzion
 3 

Of course its a joke… they’re making fun of Netragard. Here’s the template they used:
http://www.netragard.com/pdfs/research/NETRAGARD-20090506-AIRCELL.txt

May 22nd, 2009 at 9:07 pm

Leave a reply

Name (*)
Mail (will not be published) (*)
URI
Comment

Back to top