mirror of
https://github.com/jackyzha0/quartz.git
synced 2025-12-27 14:54:05 -06:00
vault backup: 2022-09-05 12:56:17
This commit is contained in:
Jet Hughes
parent
2b5cd0021a
commit
fc61997665
29
content/notes/ass01-security-audit.md
Normal file
29
content/notes/ass01-security-audit.md
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
---
|
||||||
|
title: "ass01-security-audit"
|
||||||
|
aliases:
|
||||||
|
tags:
|
||||||
|
- assignment
|
||||||
|
- comp210
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
Jet Hughes - 9474308
|
||||||
|
|
||||||
|
# Summary of system
|
||||||
|
- function
|
||||||
|
- technology
|
||||||
|
|
||||||
|
# Flaws
|
||||||
|
## Password policy
|
||||||
|
- must have at least 5 characters and one digit.
|
||||||
|
- not suffiecient
|
||||||
|
|
||||||
|
## SQL Injection
|
||||||
|
- can log in to admin using username: " 'or 1=1;--"
|
||||||
|
- we are able to extract data which is displayed as the users username
|
||||||
|
-
|
||||||
|
|
||||||
|
## Javascript Injection
|
||||||
|
## Path traversal
|
||||||
|
## Network-Level security
|
||||||
|
## Other
|
||||||
Loading…
Reference in New Issue
Block a user