Goal: 

Gain Access to unauthorized file resource "WEB-INF/spring-security.xml" located in unknown location. Note the hacker have access to files one the site. 

Method: 

Use Burp Suite and modify request file and gain access.

Step by step Guide

1. Setup burp Suite proxy on both client and burp, 

2. We need to first try to get as much info as we could about the folder structure, let's use the file that we have access to find out their directories. 

We can see that the file BlindStringSqlInjection.html is located at 

/root/.extract/webapps/WebGoat/plugin_extracted/plugin/BlindStringSqlInjection/lessonPlans/en/BlindStringSqlInjection.html


Please publish modules in offcanvas position.