Web crawling and SQL injection vulnerability detection
₹600-1500 INR
Selesai
Dibuat sekitar 5 tahun yang lalu
₹600-1500 INR
Dibayar ketika dikirim
Spend approximately 2 to 3 hours on the challenge, please provide an architecture diagram as well as we are very interested in your thinking when building a solution, the code may use mocks in place of real external services.
Download a copy of DVWA VM: [login to view URL]
Write a short python program that will crawl the application and detect an SQL injection vulnerability in
the form at: /vulnerabilities/sqli/
Things to consider
• How to recover if the crawler process dies mid crawl.
• How this program could be extended across multiple servers.
• How the design could be extended to include multiple SQL injection payloads.
• How to avoid crawling out of scope or narrowing the focus of the crawler
• How to make the code easily testable
Guidance of the steps
• Authenticate to the app: admin/password
• Alter the 'security' cookie to 'low' in requests - otherwise filtering will be applied
• Use a logical check to confirm the vulnerability
• Exploit to obtain the database username and version (it is a MySQL database) as further confirmation
• Hint: there is a 'view source' button on the pages in DVWA to help you to understand the context of the
vulnerability
Python is our primary language so please use Python for this challenge, you are free to use whatever
libraries you are familiar with and deem necessary for the challenge.
I am Ring. I am about 18+ years experienced in GNU/Linux based system, server installation and customization, develop, deploy, security and support. I may help you in this regard.
₹2.000 INR dalam 1 hari
4,6 (9 ulasan)
3,4
3,4
2 freelancer menawar dengan rata-rata ₹1.625 INR untuk pekerjaan ini
"Hi, Hope you are doing well! Thanks for sharing your project requirement with us. It will be our great pleasure to work on your project. I have checked your requirement, yes we can do it, because we already work on similar requirement in past. We have right skills to work on this assignment. . We will complete the work as per requirement
Also my team working on same project"
We have read out every thing about your project
kindly confirm"