Your objective today is to crack this application. However, please try to avoid causing real damage to the site, as many people need to use it
First steps
There are several users set up for this application with user names from aa to zz (with passwords the same as user names). There is a further user whose identity you may discover in the course of your investigations. You should use a user name that relates to your workstation ID, so if your workstation is CS206a, your user name will be aa
Try the application. See what it is supposed to do. Are there any exploits which immediately spring to mind? See what happens if you enter
instead of an email address into the optional email input box
In itself the result of doing this is mildly irritating but not especially harmful. What might a malicious user be able to do to make it more dangerous? e.g. hints
- JavaSpt can be used to load a new page to replace the existing one
- Bad HTML (especially in tables) can wreck a page
You may spot one or two other flaws- a good trick is to try to enter unlikely data into form fields. My personal favourite characters are the following
? ' > < % \ | #
Note that in this application only a couple of these will cause surprising effects
Most of the application's flaws will only become obvious with a bit more probing
Looking at the HTML
Now save the form to a local directory (save it with a .html extension, then it will be easier to use
Look at the source code. Try to work out how to give yourself a very good mark in the test
Some starting points
Your first task will probably be to modify the action of the form to point to the absolute URL of the receiving pageTry to work out how the application allocates marks. If you think that the method used seems silly, I have seen real applications which allocated real test scores for real students which do this
Are there any hidden fields that you might modify
It would be a bit easier to hack if you could see the information sent from the form to the receiving page. Modify the form to use GET instead of POST. This will then allow you to play with the data sent to the page directly, rather than via the form.
More advanced
It would be a lot easier to hack if you had access to the database file. It may be possible to find out what this is called if you send some data that will cause an error. Try to work out how to do this. If you find the name of the database, download it
Content provided by SharpSoft
CORE™
0 comments: