Reference no: EM133523920
Securing Networks
Question 1 (Internet Security)
In this question, you will need to complete the following tasks (you may want to refer to Week 4 for relevant knowledge and skills required, although other weeks' material might be useful too.):
A2 Login Page, for Question 2 Assignment 2(attached)
1. In the assignment folder, you should be able to find a certificate named sam- ple cert.cer. Use the openssl utility to convert the certificate into text format. Notes: In Week 4 tutorial you have used openssl to open certificates successfully, but the command for this (sub-)question can be slightly differ- ent because of a new format (DER format for this assignment).
2. Write a bash script to check whether the given certificate (sample cert.cer) is on the Certificate Revocation List (CRL) from the Certificate Authority (CA) by following the steps below:
Step 1: Extracting and printing out the CRL HTTP(S) of CA's Server.
• Step 2: Extracting and printing out CRL's filename.
Step 3: Downloading the CRL from CA's server (you can use the wget command).
• Step 4: Extracting the list of serial numbers from the CRL.
Step 5: Extracting the serial number from the given certificate (sam- ple cert.cer).
Step 6: Checking whether the given certificate's serial number (extract- ed in Step 5) is from the CA's CRL (extracted in Step 4) or not. If "yes", please print out "The given certificate is on the CRL, i.e., revoked by the CA", otherwise please print out "The given certificate is not on the CRL, i.e., not revoked by the CA".
See Fig 2 for an expected output for Question 1 (you may need to zoom in the picture for a clearer view).
Question 2 (Web Security:)
You may want to refer to Week 5 and Week 6 for relevant knowledge and skills required for Question 2, although other weeks' material might be useful too.
A web server script (a2server.py) has been distributed to you. Please run the script with Python 3 locally to complete Question 2. You need to install Flask to run this server. If you want to know how to install Python 3 and Flask, please check Part II of Week 6 Tutorial.
After starting the server locally (using the command Python3 a2server.py), please open your web browser (Chrome or Firefox preferred) and enter the
The web server code was written in Python 3 with Flask module, however you are not required to write any Python code for completing this question. You will only need to write a simple SQL query statement (for Sub-question 1) and Javascript code (for Sub-question 2). All knowledge required for completing this question has been covered in class.
1. SQL injection attack (5 marks). Your goal in this Sub-question is to in- ject an SQL query statement which enables you to log in as Alice without knowing Alices password. Alice's email is [email protected], while Alice's password is unknown to you. Based on what you have learned in CSC8520
Lecture 5 and Tutorial 5, find a way to log in as Alice (without knowing her password)!
• Hint: The SQL query statement can be found as follows:
SELECT * FROM users WHERE email='%s' and password='%s'"%(email,password)
2. Cross-site Scripting (XSS) Attack . Your goal in this Sub-question is to inject some Javscript code on a page that the admin user will look at and disclose his/her session cookie to you. You can follow the steps below to conduct this XSS attack for achieving the goal:
Step 1: Log in as Alice (after you conduct a successful SQL injection attack described in Sub-question 1 above), find the Section of "Post News item" (see Fig 3)and enter some Javscript code in a page that the admin user will look at and will cause the disclosure of his/her session cookie to you. After clickig "Submit", you should be able to see a new section "News list", under which there is an item called "alice say: Exciting News". The phrase "Exciting News" should be underscored because it's a hyperlink, which the admin will be asked to click in Step 3 below. Please refer to Fig 4 for an expected output.
Step 2: Log out as Alice and log in as admin with username: ad- [email protected], and password averysecureadminpassword.
Step 3: After logging in as admin successfully, please go to click the link (after Step 1 described above, prepared by Alice). Your XSS attack in Step 1 is successful if you can see admin's session cookie information displayed on the "News list". Please refer to Fig 5 for an expected output (you may need to zoom in the picture for a clearer view).
Note: if you feel annoyed by the automatic popups after a successful persis- tent XSS attack, you can restart the web server which will refresh the SQL database.
Attachment:- Securing Networks.rar