Welcome to Cycubix Docs

Welcome to Cycubix Docs
Our Cybersecurity Training Courses
Application Security Series
- Web Application Security Essentials
ISC2 Courses
AWS Courses
- AWS Certified Security – Specialty (SCS-C02)
Crowdstrike
- Troubleshooting Mac Devices
  - Mac sensors on macOS Ventura may fail to remove Falcon.app when uninstalling
  - System Extensions not activated
Jamf
- Jamf Protect

Powered by GitBook

On this page

Was this helpful?

Application Security Series

Web Application Security Essentials

WebGoat Labs | Web Application Security Essentials | Cycubix Docs

Challenges | Cycubix Docs

Challenges | Admin Password Reset | Cycubix Docs

PreviousChallenges | Without password | Cycubix Docs NextChallenges | Without Account | Cycubox Docs

Last updated 9 months ago

Was this helpful?

Try to reset the password for admin.

Solution

Send yourself and email thorugh WebWolf ().

You will see that there is a static admin password link:

Compose the link according to the above information:

Replace with the hash value:

The link you receive should have the following format:

What we need to find is the Hash Value. We can examine the source code. It is better to download the zip source code:

Now, go into the solutions constante page:

http://localhost:8080/WebGoat/challenge/7/reset-password/867ef18bf000c0195c83161caf758c19

https://github.com/WebGoat/WebGoat/releases

https://github.com/WebGoat/WebGoat/blob/eed0feed061293e3c3f9d21ff672b68b55fc5e5d/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/SolutionConstants.java

http://localhost:9090/WebWolf

http://localhost:8080/WebGoat/challenge/7/reset-password/867ef18bf000c0195c83161caf758c19localhost