In this project you will be working with a web application local to your machine, in particular DWVA (Damn Vulnerable Web Application) and XAMPP (web server) to explore some web based vulnerabilities.

Task 1:

When you start DVWA it is set to Impossible security. That is no fun, so click on DVWA security and set it to low. Then I want you to click play with the XSS (Reflected) and XSS (Stored). Make sure you can get a very simple XSS attack to work. Keep in mind that on some browsers this will not work, Microsoft Edge seems less secure on this front at least on my machine so work with that. Take a screenshot of getting a pop-up window with CS3780. Click on View Source at the bottom to take a look at the code. You can see this is pretty basicstuff.

Task 2:

Now let us ramp it up for more fun. Set the security to Medium and try to do the same thing (it should fail). For this to work now to have to change up our method of attack. Click on View Source. Describe in your document what the filter is currently checking for. Now that you know what the filter is checking for, it should be relatively straightforward to come up with a string that bypasses this filter. If you are having trouble at this point, just consider how you could take advantage of what it does to produce your dangerous string. After you came up with a successful attack, describe in your document how you came up with this attack (base this description on what you saw in the source code) and show me a screenshot of its effect.

Task 3:

Lets keep going, set security to High. View the source and describe in your document what the filter is checking for and what it does. Now we want to develop an attack that would work on this filter. This could be a bit harder. First try what you tried for Task 2. If your previous attack works on this level, then I want you to find an attack that works on Medium but not on this level.

However, your task 2 solution probably doesnt work now.Check out the convenient links and come up with an attack that succeeds at this level, again with your task of getting a popup box with the string CS3780. If you get it, indicate in your document what you tried and the result with a screenshot. If you cannot get anything to work, I want you to document all the things you did try that failed.

Task 4:

Set it to impossible security. View source and document how this level of security is being implemented. Now try and bypass this filter with our attack. Try at least a few things you find on the owasp page and document the results. If you are able to bypass the filter at this stage document it (along with the source where you got an attack if you used one) but do not feel bad if you are not able to.

Task 5:

Repeat the above for XSS(Stored). At this point you should be pretty comfortable bypassing the simple filters.

Task 6:

Pick any of the other vulnerabilities on DWVA and attack it on at least medium difficulty with any attack you choose. Document your results in your pdf.

Submission:

For turnin I want your pdf describing your results. Note that I expect some decent documentation and efforts to bypass these filters.