End sem 7; week 2 winter session 2025

This commit is contained in:
Aidan Sharpe
2025-01-15 17:59:04 -05:00
parent a00dde9ad4
commit a8d165aa1a
123 changed files with 19367 additions and 70 deletions

File diff suppressed because it is too large Load Diff

View File

@@ -0,0 +1,43 @@
# Assignment 5 - Aidan Sharpe
## Task 1: Setting Up Burp Suite
Configure Burp Suite to intercept traffic from your browser and verify the setup.
![](burp-setup.png)
## Task 2: Testing for SQL Injection with Burp Repeater
Use Burp Repeater to test for SQL injection vulnerabilities on the DVWA login page.
![](sql-injection.png)
## Task 3: Conducting a Brute Force Attack with Burp Intruder
Use Burp Intruder to perform a brute force attack on DVWAs login page.
We found a list of usernames and passwords online, and loaded them into Burp Suite. We used the cluster bomb attack to go through all possible combinations in the two lists. We also turned redirect to "allow on-site" to make it easier to identify a successful login. The correct credentials had a response length of 4391, while the other credentials had a response length of 1675.
![](cluster-bomb.png)
## Task 4: Testing for Cross-Site Scripting (XSS)
Test for XSS vulnerabilities by injecting JavaScript payloads into input fields.
We inserted the script `<script>alert('XSS')</script>` into the "What's your name?" field on the "XSS reflected" page. When the "submit" button was pressed, we were greeted with:
![](xss.png)
## Task 5: Analyzing and Reporting Results
Analyze the results from your tests and identify potential vulnerabilities in DVWA.
SQL injection and XSS are both forms of arbitrary code execution. SQL injection poses a threat to the confidentiality of database entries, while the XSS vulnerability allows the execuation of code on client machines.
The brute force attack allows unauthorized people to login as any user. While it is not an efficient way to gain access, it can be effective against common or default passwords.
## Task 6: Mitigation Recommendations
SQL injection and XSS vulnerabilities can be mitigated via better string handling. They are caused by strings being processed as code when they should be only processed as text. To mitigate these types of attacks, better string input handling should be implemented. There exist many freely available libraries to protect applications from SQL injection and XSS vulnerabilities.
Brute force attacks, on the other hand, can be mitigated by limiting the number of unsuccessful login attempts. This can be done by applying a timer, or by locking the session.
## Task 7: Reflection
There are a wide array vulnerabilities that can be exploited at the application layer. While these attacks may not provide direct access to internal networks, they can certainly be used as an entry point.
These types of vulnerabilities also make it clear that the internet was not designed with security in mind, and that extra measures must be put in place to protect web applications from external attacks.

Binary file not shown.

After

Width:  |  Height:  |  Size: 76 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 154 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 117 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 56 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 127 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 230 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 42 KiB

View File

@@ -0,0 +1,5 @@
BSSID, First time seen, Last time seen, channel, Speed, Privacy, Cipher, Authentication, Power, # beacons, # IV, LAN IP, ID-length, ESSID, Key
Station MAC, First time seen, Last time seen, Power, # packets, BSSID, Probed ESSIDs
1 BSSID, First time seen, Last time seen, channel, Speed, Privacy, Cipher, Authentication, Power, # beacons, # IV, LAN IP, ID-length, ESSID, Key
2 Station MAC, First time seen, Last time seen, Power, # packets, BSSID, Probed ESSIDs

View File

@@ -0,0 +1 @@
Network;NetType;ESSID;BSSID;Info;Channel;Cloaked;Encryption;Decrypted;MaxRate;MaxSeenRate;Beacon;LLC;Data;Crypt;Weak;Total;Carrier;Encoding;FirstTime;LastTime;BestQuality;BestSignal;BestNoise;GPSMinLat;GPSMinLon;GPSMinAlt;GPSMinSpd;GPSMaxLat;GPSMaxLon;GPSMaxAlt;GPSMaxSpd;GPSBestLat;GPSBestLon;GPSBestAlt;DataSize;IPType;IP;
1 Network NetType ESSID BSSID Info Channel Cloaked Encryption Decrypted MaxRate MaxSeenRate Beacon LLC Data Crypt Weak Total Carrier Encoding FirstTime LastTime BestQuality BestSignal BestNoise GPSMinLat GPSMinLon GPSMinAlt GPSMinSpd GPSMaxLat GPSMaxLon GPSMaxAlt GPSMaxSpd GPSBestLat GPSBestLon GPSBestAlt DataSize IPType IP

View File

@@ -0,0 +1,6 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE detection-run SYSTEM "http://kismetwireless.net/kismet-3.1.0.dtd">
<detection-run kismet-version="airodump-ng-1.0" start-time="Thu Nov 21 16:54:04 2024">
</detection-run>

View File

@@ -0,0 +1 @@
LocalTime, GPSTime, ESSID, BSSID, Power, Security, Latitude, Longitude, Latitude Error, Longitude Error, Type
1 LocalTime GPSTime ESSID BSSID Power Security Latitude Longitude Latitude Error Longitude Error Type

View File

@@ -0,0 +1,5 @@
BSSID, First time seen, Last time seen, channel, Speed, Privacy, Cipher, Authentication, Power, # beacons, # IV, LAN IP, ID-length, ESSID, Key
Station MAC, First time seen, Last time seen, Power, # packets, BSSID, Probed ESSIDs
1 BSSID, First time seen, Last time seen, channel, Speed, Privacy, Cipher, Authentication, Power, # beacons, # IV, LAN IP, ID-length, ESSID, Key
2 Station MAC, First time seen, Last time seen, Power, # packets, BSSID, Probed ESSIDs

View File

@@ -0,0 +1 @@
Network;NetType;ESSID;BSSID;Info;Channel;Cloaked;Encryption;Decrypted;MaxRate;MaxSeenRate;Beacon;LLC;Data;Crypt;Weak;Total;Carrier;Encoding;FirstTime;LastTime;BestQuality;BestSignal;BestNoise;GPSMinLat;GPSMinLon;GPSMinAlt;GPSMinSpd;GPSMaxLat;GPSMaxLon;GPSMaxAlt;GPSMaxSpd;GPSBestLat;GPSBestLon;GPSBestAlt;DataSize;IPType;IP;
1 Network NetType ESSID BSSID Info Channel Cloaked Encryption Decrypted MaxRate MaxSeenRate Beacon LLC Data Crypt Weak Total Carrier Encoding FirstTime LastTime BestQuality BestSignal BestNoise GPSMinLat GPSMinLon GPSMinAlt GPSMinSpd GPSMaxLat GPSMaxLon GPSMaxAlt GPSMaxSpd GPSBestLat GPSBestLon GPSBestAlt DataSize IPType IP

View File

@@ -0,0 +1,6 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE detection-run SYSTEM "http://kismetwireless.net/kismet-3.1.0.dtd">
<detection-run kismet-version="airodump-ng-1.0" start-time="Thu Nov 21 17:01:00 2024">
</detection-run>

View File

@@ -0,0 +1 @@
LocalTime, GPSTime, ESSID, BSSID, Power, Security, Latitude, Longitude, Latitude Error, Longitude Error, Type
1 LocalTime GPSTime ESSID BSSID Power Security Latitude Longitude Latitude Error Longitude Error Type