Lesson Plan Title: How to Exploit Unchecked Email


Concept / Topic To Teach:

It is always a good practice to validate all inputs. Most sites allow non-authenticated users to send e-mail to a 'friend'. This is a great mechanism for spammers to send out email using your corporate mail server.


General Goal(s):

The user should be able to send an obnoxious email message.



Type a malicious script like <script>alert("XSS")</script> and click Send!


Figure 1 Lesson 5




Figure 2 Part 1 completed


The second part of this lesson is to send a mail to a friend from OWASP. This can be accomplished by intercepting the request with WebScarab and changing the hidden field "to" from webgoat.admin@owasp.org to bill.gates@microsoft.com


Figure 3 Change the variable to another e-mail address


Figure 4 Lesson 5 Completed


Solution by Erwin Geirnaert ZION SECURITY