Fermé

Network Security

Ce projet a reçu 4 des offres venant de freelancers talentueux avec un prix moyen d'offre de $88 AUD.

Obtenez des devis gratuits pour des projets similaires
Budget du projet
$10 - $30 AUD
Nombre total d'offres
4
Description du projet

Task Type: ** (Easy - Medium)

Objective: Understand how real web application attacks work, and methods for mitigating

them.

For this question you must use virtnet (as used in the workshops) to study web application

attacks. This assumes you have already setup and are familiar with virtnet. See Moodle and

workshop instructions for information on setting up and using virtnet, deploying the website,

and performing the attack.

Your task is to:

? Create topology 7 in virtnet

? Deploy the MyUni demo website on the nodes

? On node4, add a user to the grading web application with username set to your

student ID, and password set to your first name.

? Perform an unvalidated redirect attack, such that the attacker steals your

username/password.

? While performing the attack, take a screenshot of the window showing the stolen

username/password.

After performing and understanding the attack, answer the following sub-questions.

(a) Give a short description of an unvalidated redirect attack, referring to the steps you

performed in the attack and the vulnerability your attack exploited.

(b) Assuming a website must use redirects, recommend a technique that can be used to

minimise the impact of unvalidated redirect attacks.

(c) In the attack you performed in virtnet, describe what methods the attacker used (other

than an unvalidated redirect) and how the attacker benefits from the attack (that is, what

do they gain and how?).

(d) Include the screenshot of the stolen username/password obtained during the attack.

Vous cherchez à gagner de l'argent ?

  • Fixez votre budget et les délais
  • Décrivez votre offre
  • Faites-vous payer pour votre travail

Embauchez des Freelancers qui ont aussi fait une offre sur ce projet

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online