mirror of
https://github.com/jackyzha0/quartz.git
synced 2025-12-27 14:54:05 -06:00
29 lines
464 B
Markdown
29 lines
464 B
Markdown
---
|
|
title: "ass01-security-audit"
|
|
aliases:
|
|
tags:
|
|
- assignment
|
|
- comp210
|
|
---
|
|
|
|
|
|
Jet Hughes - 9474308
|
|
|
|
# Summary of system
|
|
- function
|
|
- technology
|
|
|
|
# Flaws
|
|
## Password policy
|
|
- must have at least 5 characters and one digit.
|
|
- not suffiecient
|
|
|
|
## SQL Injection
|
|
- can log in to admin using username: " 'or 1=1;--"
|
|
- we are able to extract data which is displayed as the users username
|
|
-
|
|
|
|
## Javascript Injection
|
|
## Path traversal
|
|
## Network-Level security
|
|
## Other |