[OWASP-WEBGOAT]Challenge #3 problem
cynick.young at utoronto.ca
Fri Dec 10 14:48:46 EST 2004
There's a problem with challenge #3 on Windows 2000 in that starting the
shell cmd.exe from SSI, your current working directory is wherever you
started WebGoat from, ie. C:\webgoat and NOT the webapp context path.
Thus, <!--#exec cmd="echo defaced > %CD%/index_guest.html"--> will put
the file in C:\webgoat\index_guest.html and not where it needs to be.
Without knowing the installation, one cannot complete the challenge
More information about the Owasp-webgoat