Question
Use Netbeans to create two different unique and complete demonstrations of insecure interaction between components such as SQL Injection, Command Line Injection, Cross-Site Scripting, Unrestricted
Use Netbeans to create two different unique and complete demonstrations of insecure interaction between components such as SQL Injection, Command Line Injection, Cross-Site Scripting, Unrestricted Upload of File with Dangerous Type, Cross-Site Request Forgery (CSRF), and URL Redirection to Untrusted Site ('Open Redirect'). You will demonstrate and describe how to fix each of the problems. Therefore, a total of four code samples will be created. Two will have insecure interaction between components and two will have the issues fixed.
Be sure you have carefully read and understand the materials in week 1 and 2 as well as successfully configured your environment.
1. Select 2 CWE/SANS Top 25 vulnerabilities under the category of Insecure Interaction between Components. Review and try the existing examples in links in the classroom. Use Netbeans to experiment. Work in multiple languages where possible.
2. Using Netbeans, create your own unique, full example for each of the 2 vulnerabilities in this category. Note: by unique and full I mean, this should not just be a code snippet. It should be part of a small application. In other words, you need to adapt the examples provided in the documentation to something more meaningful and substantive. It doesnt have to be a large, overly complex application, but it needs to be complete, and runnable and demonstrate how this vulnerability may appear in the real world.
3. Demonstrate for each of the two applications they are vulnerable to this attack. You need to show explicitly the attack you use and demonstrate the impact of the vulnerability. The demonstration should occur through screen shots and detailed walkthrough of the steps you performed.
4. Finally, using the information in the CWE/SANS Top 25 vulnerabilities, fix the issues in each of the two examples you created in step 2.
5. Document the vulnerabilities and describe specifically how the issues were corrected. Note: You may need to conduct additional research to better understand the vulnerability or the features associated with a specific language.
Provide all of your source files for this assignment. Two source code files will have software vulnerabilities. The remaining two will have the issues fixed. Provide any supplemental or utility files supporting your main source files.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started