/Jinja2-ExploitMe

Backend Web - Web Security

Primary LanguageHTMLMIT LicenseMIT

Jinja2-ExploitMe

Web Security

How to Hack!

Security Models

Confidentiality

Who can see your data. Rules that limit the access to information.

Integrity

Who can edit or change your data. Maintaining consistency and trustworthiness of data.

Availability

Who and where your data can be accessed. Timely and reliable access to data

AAA

Authentication

Requires proof: Knowledge, hardware, biometric.

Question: Why is authentication important?

Identify users! Examples: multifactor authentication, Two Factor Authentication

Are there any problem with two factor authentication?

Authorization

Users can only perform tasks they are authorized for.

Question: Why is authorization important?

Determines which actions and resources a user has access to

Accounting

Measures the resources a user consumes during access.

Question: Why is accounting important?

Knowing who accessed what & when is important

Notes above taken from Web Security Class Repo

RESULTS

Multiplying 2 integers:

Here we get 4*2 to output as 8. http://localhost:5000/?exploit={{4*2}}