Command Injection

Info

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/3364cb20-e737-4839-a534-7c1996eb0c21/Untitled.png

Challenge

  1. View files → ls
  2. Find users → cat /etc/passwd
  3. Current user → whoami
  4. Current shell → cat /etc/passwd
  5. Ubuntu version → lsb_release -a
  6. Message of the day → cat /etc/update-mot.d/00-header

Broken Authentication

Challenge

  1. Existing user "darren"
  2. Register user " darren"
  3. Log in as " darren"
  4. Access "darren"

Sensitive Data Exposure

Info

[..] flat-file databases are stored as a file on the disk of a computer. [..] what happens if the database is stored underneath the root directory of the website (i.e. one of the files that a user connecting to the website is able to access)? Well, we can download it and query it on our own machine, with full access to everything in the database. Sensitive Data Exposure indeed!