Deadline: Thursday, May 21, 2020 by 12:30:00 PM Pacific Time
The goal of this assignment is to gain hands-on experience exploiting vulnerabilities on websites. This assignment will demonstrate how simple vulnerabilities (often occurring due to the carelessness of the website developer) can be really harmful to the website's owners. Security attacks include but aren't limited to stealing sensitive information, injecting malicious code, and causing the host server to crash.
In this assignment, you have 8 'levels' or 'challenges' (each worth 10 points). In each challenge, you have to find the 'flag'. A flag is just a secret password that you need to find by exploiting certain vulnerabilities. Once you have the password, just enter it in the text box and hit the submit button to move up one level. Every challenge comes with hints and clues (present as text on the web page itself) which will guide you through exploiting a particular vulnerability. You may consult any online references you wish.
Visit https://c10-32.sysnet.ucsd.edu/challenges/. In this page, you will be asked to enter your PID and a password. You can find your password in your Gradescope account for this class (look for the "PA4 Start Up Info" assignment).
Each level comes with a description of its password. As mentioned before, every password is completely randomized for every level, and the fastest way to get to the password is by exploiting the said vulnerability. It should also be noted that brute-force techniques will not work. We have kept limits on the number of ping and http connections that every account can send to our server each day. If you reach this limit, you will be blocked for the rest of the day. So please do not try to DDOS the server with random tries.
Here are few resources which you may find very helpful while solving the assignment. They are, in no particular order:
- GET and POST requests - https://www.w3schools.com/tags/ref_httpmethods.asp
- Python Requests library - http://docs.python-requests.org/en/master/
- Handling Cookies on your browser - https://kb.iu.edu/d/ajfi
- Intro to SQL - https://www.w3schools.com/sql/sql_intro.asp
- Base64 Library (Python) Encoding and Decoding - https://code.tutsplus.com/tutorials/base64-encoding-and-decoding-using-python--cms-25588
If you plan to use a late day for PA4, please send an email to TA Riley Hadden (email@example.com) stating the day on which you would like your submission to be finalized. Please include your name and partner's name as well.
Exploiting vulnerabilities on web services is perhaps as old as the web. This assignment is designed to give you a first-hand feel of what people who exploit vulnerabilities look at. It is intended to make you think about these vulnerabilities, whenever you design a web service of your own.
However, since it is intended for academic purposes, it is heavily toned down. Think of it as a toy model of the real world. We have even included hints and descriptions on every level. Just following these and only these should be enough to get you through. In the real world, the "hacker" will not have any hints and will have to systematically try everything. This is often long and meticulous, and not suited for assignment format. Hence, your best friends are the hints present in every level.