WebGoat (A vulnerable we application)

• In the lab...execute setup.bash or if you want to run in the kalivm and use webscarab setup_kali.bash.
• bring up firefox/iceweasel and the developer console, you may need the network tab, especially edit and resubmit
• visit http://localhost:8080/WebGoat/
• login using guest/guest
• Do the exercises, writing down which ones you did and evidence you solved them.
• record your team in members.txt with member1: member2:
• submit to https://submit.utm.utoronto.ca/utorsubmit/ (members.txt and exercises.txt)
• Stop webgoat (ctrl-c in the terminal window)
• Last 1/2 hour, present your solved challenge