Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Please include scripts Part 1 : Auditing and Test Cases For this part, your job will be to find some flaws in the program, and

Please include scripts
Part 1: Auditing and Test Cases
For this part, your job will be to find some flaws in the program, and then create test cases that expose flaws in the program. You should write:
One attack, that exploits a XSS (cross-site scripting) vulnerability to call the javascript alert("hello").
One attack that allows you to force another user to gift a gift card to your account without their knowledge.
One attack that allows you to obtain the salted password for a user given their username. The database contains a user named admin that you can use for testing the attack.
One attack that allows you to run arbitrary commands on the server.
A text file, bugs.txt explaining the bug triggered by each of your attacks and how to remediate each bug. This write-up should be stored in the root of the repository.
These attacks can take the form of a supplied URL, a gift card file, a web page, a javascript function, or some other method of attack. To create your attacks, you may want to look at the HTML source code of the templates and the code of each view, and find a way they can be exploited. Tools like burp suite can help in finding ways to attack the site, but are not required.
Please submit these attacks in a folder called part1 in your git repository:
xss.txt: A URL starting with /foo, when visited in a browser, causes alert("hello") to be executed.
xsrf.html: An HTML page that, when opened in a browser, causes a gift card to be gifted to a user named test2 by the currently logged-in user. This user is already created for you by default, and will have the password test2.
sqli.gftcrd: A gift card file (in JSON format) that, when uploaded to a vulnerable form on the site, that will retrieve the admin user's password hash.
cmdi.txt: A text file where the first line should be the vulnerable URL, and the remaining lines are of the form variable=value, representing a POST request that will execute the command touch pwned on the server. If successful, this will create an empty text file called pwned. For example, your file should look like:
/foo/2
var1=bar
var2=baz
cmdi.gftcrd: a gift card file that is uploaded with your command injection request.
Fixes and Testing
Finally, fix the vulnerabilities that are exploited by your attacks, and verify that the attacks no longer succeed on your site. You are allowed to use Django plugins and other libraries to fix these vulnerabilities if necessary, but please add any new libraries you use to requirements.txt. To make sure that these bugs don't come up again as the code evolves, write some test cases for Django that verify that the vulnerability is no longer present. Then have GitHub Actions run these tests with each push.
Tests can be run using Django's built-in test infrastructure. Create your tests in LegacySite/tests.py and then run python manage.py test. You should be able to write all of your tests using the built-in Django test client--there's no need to use something like Selenium. This will also simplify your GitHub Actions testing, which can also just run python manage.py test.
You also do not need to carry out the actual attack in the test; you can check that your fix is working as intended. For example, when testing CSRF, it would be challenging to actually open the xsrf.html page and carry out the CSRF attack from inside the test case. Instead, you can mimic what the attack does by making a request to the right URL without a CSRF token and checking that the site returns an error. Likewise for verifying your fix for XSS you can check that when getting the attack URL the tag is properly escaped.
Note that by default, Django runs your tests with an empty database which means many pages will not work as you expect. The solution for this is to use the "fixtures" feature, which lets you load sample data into the test database before it runs the test:
$ mkdir LegacySite/fixtures
$ python manage.py dumpdata > LegacySite/fixtures/testdata.json
Then add at the top of your test case in LegacySite/tests.py:
class MyTestCase(TestCase):
fixtures =['testdata.json']
# rest of test code goes here
This will save a copy of the current database contents into LegacySite/fixtures/testdata.json, and load it when you run the test. You can update the fixture data by re-running the python manage.py dumpdata command. Remember to add the LegacySite/fixtures/testdata.json file to git so that it is available when you run your GitHub Actions workflow!

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Big Data Concepts, Theories, And Applications

Authors: Shui Yu, Song Guo

1st Edition

3319277634, 9783319277639

More Books

Students also viewed these Databases questions

Question

What is coaching? Is there one type of coaching? Explain.

Answered: 1 week ago

Question

Define marketing concepts.

Answered: 1 week ago

Question

1 what does yellow colour on the map represent?

Answered: 1 week ago

Question

Provide examples of KPIs in Human Capital Management.

Answered: 1 week ago

Question

What are OLAP Cubes?

Answered: 1 week ago