Tasks. Your task is to perform the following security tests on this web application.
Part A: Personal Private Information Security Test
In this part, your aim is to do security testing of the personal private information part of the web app.
For this, you are given member 1’s password, namely:
Ro4mvSemq45xfepvaEr24
(1) Here, we consider an attack against member 1 by some outsider (non-member) attacker. Try
logging in with the given member 1 password, and examining that member’s private information.
Based on the application behavior, where on this page could there be a possible point where a
reflected XSS vulnerability might exist? Why? Perform a test to see if an XSS vulnerability exists
for an attack against member 1, and explain your test, its results, and conclusion on why/why not
such a vulnerability exists and can be exploited. (1 mark)
(2) Test the application against an attacker who is one of the authorized group members, in particular
the member with ID number 1. Can that member gain unauthorized access to another member’s
personal private data? If so, explain the vulnerability you found and how member 1 can exploit
it, show any private member data exposed by the attack, and briefly explain how the vulnerability
could be eliminated. In any case, explain the tests you did, the results, and your interpretation of
them.

Found something interesting ?

• On-time delivery guarantee
• PhD-level professional writers
• Free Plagiarism Report

• 100% money-back guarantee
• Absolute Privacy & Confidentiality
• High Quality custom-written papers

Related Model Questions

Feel free to peruse our college and university model questions. If any our our assignment tasks interests you, click to place your order. Every paper is written by our professional essay writers from scratch to avoid plagiarism. We guarantee highest quality of work besides delivering your paper on time.

Grab your Discount!

25% Coupon Code: SAVE25
get 25% !!