REPORT.md

Assignment 4 Report

Write your exploit (i.e. attack code) under each heading below.

File Upload XSS

TODO: Replace this with your solution

Reflected XSS

TODO: Replace this with your solution

Stored XSS

TODO: Replace this with your solution

Stored XSS via HTML Attribute

TODO: Replace this with your solution

Stored XSS via AJAX

TODO: Replace this with your solution

Reflected XSS via AJAX

TODO: Replace this with your solution

Elevation of Privilege

TODO: Replace this with your solution

Cookie Manipulation

TODO: Replace this with your solution

XSRF Challenge

TODO: Replace this with your solution

XSSI Challenge

TODO: Replace this with your solution

Information disclosure via path traversal

Just read through this challenge. No need to submit a solution. AppEngine automatically "simplifies" the URL with a 302 redirect, which breaks the attack.

Data tampering via path traversal

Just read through this challenge. No need to submit a solution. AppEngine automatically "simplifies" the URL with a 302 redirect, which breaks the attack.

DoS - Quit the Server

TODO: Replace this with your solution

DoS - Overloading the Server

Just read through this challenge. No need to submit a solution. AppEngine doesn't seem vulnerable to path traversal which breaks the attack.

Code Execution Challenge

TODO: Replace this with your solution

Information disclosure #1

TODO: Replace this with your solution

Information disclosure #2

TODO: Replace this with your solution

Information disclosure #3

TODO: Replace this with your solution

DoS via AJAX

TODO: Replace this with your solution

Phishing via AJAX

TODO: Replace this with your solution