Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Please include scripts Part 1 : Auditing and Test Cases For this part, your job will be to find some flaws in the program, and
Please include scripts
Part : Auditing and Test Cases
For this part, your job will be to find some flaws in the program, and then create test cases that expose flaws in the program. You should write:
One attack, that exploits a XSS crosssite scripting vulnerability to call the javascript alerthello
One attack that allows you to force another user to gift a gift card to your account without their knowledge.
One attack that allows you to obtain the salted password for a user given their username. The database contains a user named admin that you can use for testing the attack.
One attack that allows you to run arbitrary commands on the server.
A text file, bugs.txt explaining the bug triggered by each of your attacks and how to remediate each bug. This writeup should be stored in the root of the repository.
These attacks can take the form of a supplied URL, a gift card file, a web page, a javascript function, or some other method of attack. To create your attacks, you may want to look at the HTML source code of the templates and the code of each view, and find a way they can be exploited. Tools like burp suite can help in finding ways to attack the site, but are not required.
Please submit these attacks in a folder called part in your git repository:
xsstxt: A URL starting with foo when visited in a browser, causes alerthello to be executed.
xsrfhtml: An HTML page that, when opened in a browser, causes a gift card to be gifted to a user named test by the currently loggedin user. This user is already created for you by default, and will have the password test
sqli.gftcrd: A gift card file in JSON format that, when uploaded to a vulnerable form on the site, that will retrieve the admin user's password hash.
cmdi.txt: A text file where the first line should be the vulnerable URL, and the remaining lines are of the form variablevalue, representing a POST request that will execute the command touch pwned on the server. If successful, this will create an empty text file called pwned. For example, your file should look like:
foo
varbar
varbaz
cmdi.gftcrd: a gift card file that is uploaded with your command injection request.
Fixes and Testing
Finally, fix the vulnerabilities that are exploited by your attacks, and verify that the attacks no longer succeed on your site. You are allowed to use Django plugins and other libraries to fix these vulnerabilities if necessary, but please add any new libraries you use to requirements.txt To make sure that these bugs don't come up again as the code evolves, write some test cases for Django that verify that the vulnerability is no longer present. Then have GitHub Actions run these tests with each push.
Tests can be run using Django's builtin test infrastructure. Create your tests in LegacySitetestspy and then run python manage.py test. You should be able to write all of your tests using the builtin Django test clientthere's no need to use something like Selenium. This will also simplify your GitHub Actions testing, which can also just run python manage.py test.
You also do not need to carry out the actual attack in the test; you can check that your fix is working as intended. For example, when testing CSRF it would be challenging to actually open the xsrfhtml page and carry out the CSRF attack from inside the test case. Instead, you can mimic what the attack does by making a request to the right URL without a CSRF token and checking that the site returns an error. Likewise for verifying your fix for XSS you can check that when getting the attack URL the tag is properly escaped.
Note that by default, Django runs your tests with an empty database which means many pages will not work as you expect. The solution for this is to use the "fixtures" feature, which lets you load sample data into the test database before it runs the test:
$ mkdir LegacySitefixtures
$ python manage.py dumpdata LegacySitefixturestestdatajson
Then add at the top of your test case in LegacySitetestspy:
class MyTestCaseTestCase:
fixtures testdatajson'
# rest of test code goes here
This will save a copy of the current database contents into LegacySitefixturestestdatajson, and load it when you run the test. You can update the fixture data by rerunning the python manage.py dumpdata command. Remember to add the LegacySitefixturestestdatajson file to git so that it is available when you run your GitHub Actions workflow!
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started