FIT 2093 Introduction to Cyber Security Assignment

Assignment Help Computer Network Security
Reference no: EM132551021

FIT 2093 Introduction to Cyber Security - Monash University

Assignment: Web Hacking Challenge

In this assignment, your goal is to do security testing of a mini web application to try find vulnerabilities in it using techniques covered in our Web security lecture, and exploit them to break the app's security. You can access the web application at the attached URL:

This web app give access to registered members of a `Broken App' group to access some information common to the group members (provided using the PHP server script at brokenapp.php) as well as personal private information for each group member (via the script at brokenapp-personal.php on the same domain).

Visit the web application URL above using your web browser. If all is well, the browser should display a page that looks like this:

Tasks. Your task is to perform the following security tests on this web application.

Part A: Personal Private Information Security Test

In this part, your aim is to do security testing of the personal private information part of the web app. For this, you are given member 1's password, namely:

Ro4mvSemq45xfepvaEr24

(1) Here, we consider an attack against member 1 by some outsider (non-member) attacker. Try logging in with the given member 1 password, and examining that member's private information. Based on the application behavior, where on this page could there be a possible point where a reflected XSS vulnerability might exist? Why? Perform a test to see if an XSS vulnerability exists for an attack against member 1, and explain your test, its results, and conclusion on why/why not such a vulnerability exists and can be exploited.

(2) Test the application against an attacker who is one of the authorized group members, in particular the member with ID number 1. Can that member gain unauthorized access to another member's personal private data? If so, explain the vulnerability you found and how member 1 can exploit it, show any private member data exposed by the attack, and briefly explain how the vulnerability could be eliminated. In any case, explain the tests you did, the results, and your interpretation of them.

Part B: Shared Group Private Information Security Test

In this part, your aim is to do security testing of the shared group private information part of the web application, from the point of view of an outsider (non-member) attacker trying to reveal the group private information. Although you are not given the shared group password, you are given the php code for the relevant script brokenapp.php (available for download on Moodle).

(3) Look at the details in the brokenapp.php PHP script available on Moodle to see how user input is read in from the user's browser request and how the authentication check is performed. You should read the PHP documentation on the PHP functions used in the script, see https://php.net/manual/en/ and search for the relevant functions. The shared group password, whose cryptographic hash is hard-coded in the script, was generated using the php function call password_hash(pwd, PASSWORD_DEFAULT),where pwd is the password to be hashed (note that the hash includes also a salt value generated at random). To help your security tests, you are also given a simple PHP script called password_hasher.php (the code is available on Moodle, it can be run by pointing your browser to https://13.54.173.115/password_hasher.php ; alternatively, you could run it by copying it into the web server folder /var/www/html/ of your FIT2093 Ubuntu-64 VM and then pointing your VM Firefox browser to https://localhost/password_hasher.php ). The script takes an input password from a user and displays its hash value (generated using the php function call above) when the user clicks the small button below the text box.

Using the above information/tools, attempt to identify a vulnerability in brokenapp.php. If you found a vulnerability, explain how it can be exploited, provide any secret information revealed, and briefly explain how the brokenapp.php code could be modified to eliminate this vulnerability. In any case, explain what tests you did, the results, and your interpretation of them.

Attachment:- Web Hacking Challenge.rar

Reference no: EM132551021

Questions Cloud

Is the real gdp growing and at what rate : Is the real GDP growing and at what rate? (Consider the situation before COVID - 19)
Define how your discussion will be evaluated : Read the journal article, "Executive Information Systems: Their impact on Executive Decision Making". Based on the information presented in the article.
What is the companys cost of equity : The Doven Co. just issued a dividend of $2.35 per share on its common stock, What is the companys cost of equity
Inflationary gap or a recessionary gap : Is the Canada experiencing an inflationary gap or a recessionary gap? Consider the situation before Covid - 19.
FIT 2093 Introduction to Cyber Security Assignment : FIT 2093 Introduction to Cyber Security Assignment Help and Solution, Monash University - Assessment Writing Service - security testing of a mini web
Describe action regulatory agency took against business : Describe an action a regulatory agency took against a business in the past 6 months. Post a link to your source. Do you agree or disagree with the action?
Explain the aspects of expansionary and contractionary : Explain the aspects of expansionary and contractionary fiscal policy. During which phases of the business cycle would each be appropriate
What the amount of the direct materials quanitiy variance is : What The amount of the direct materials quanitiy variance is? The standard costs and actual cost for direct materials for the manufacture of 2,500
What is real gdp : If the money supply is 600, velocity is 5 and the price index is 100, what is real GDP?

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd