Time spent: 4 hours spent in total
Objective: Identify vulnerabilities in three different versions of the Globitek website: blue, green, and red.
The six possible exploits are:
- Username Enumeration
- Insecure Direct Object Reference (IDOR)
- SQL Injection (SQLi)
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Session Hijacking/Fixation
Each version of the site has been given two of the six vulnerabilities. (In other words, all six of the exploits should be assignable to one of the sites.)
Vulnerability #1:SQL Injection
GIF Walkthrough:
Typed in some SQl in the url for each site, but in the blue site it shows that the database fails.
Vulnerability #2:Session Hijacking/Fixation
GIF Walkthrough:
Used a different browser and changed the session id. I was able to log in with the bue site but not the green and red.
Vulnerability #1:Cross-Site Scripting
GIF Walkthrough:
Typed in some javascript where we could post feedbacks. In the green site it shows the vulnerability.
Vulnerability #2:User Enumeration
GIF Walkthrough:
Used different logins. If the login existed, the 'Login Unsuccessful' would be bold. If the the login did not exist, it would not be bold.
Vulnerability #1:Insecure Direct Object Referencing
GIF Walkthrough:
Changed the id of each url for each site. In the red site the vulnerability shows if the id is greater than 9.
Vulnerability #2:Cross-Site Request Forgery
GIF Walkthrough:
Inspected the element for each site of the users. Changed the token of each site. Info of the user would show only for the red site after the token was changed.
One trouble I had was knowing where to write the code.