[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')".
屬於金牛座小子的草原
目前分類:資訊安全 (53)
- Feb 26 Tue 2019 15:21
安全道場實作 11 Cross-Site Scripting
- Feb 26 Tue 2019 14:38
安全道場實作 20 Use of Externally-Controlled Format String
[題目]
The purpose of this challenge is to demonstrate the Use of Externally-Controlled Format String, MITRE Top 25 vulnerability.
- Feb 26 Tue 2019 10:35
安全道場實作 19 Classic Buffer Overflow
- Feb 25 Mon 2019 14:24
安全道場實作 14 XML External Entity Reference
[題目]
The purpose of this challenge is to demonstrate the programming flaw: "Improper Restriction of XML External Entity Reference ('XXE')".
- Feb 23 Sat 2019 21:34
安全道場實作 18 SQL Injection
[題目]
The purpose of this challenge is to demonstrate the following MITRE Top 25 programming flaw: 'Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')'.
- Feb 23 Sat 2019 15:17
安全道場實作 17 OS Command Injection
[題目]
The purpose of this challenge is to demonstrate the #2 MITRE Top 25 programming flaw: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').
- Feb 23 Sat 2019 14:37
安全道場實作 16 Incorrect Authorization
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: 'Incorrect Authorization'.
- Feb 23 Sat 2019 06:18
安全道場實作 15 Improper Limitation of a Pathname to a Restricted Directory
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')".
- Feb 22 Fri 2019 17:09
安全道場實作 13 Unrestricted Upload of File with Dangerous Type
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: "Unrestricted Upload of File with Dangerous Type".
- Feb 22 Fri 2019 16:05
安全道場實作 12 Cross-Site Request Forgery (CSRF)
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: "Cross-Site Request Forgery (CSRF)".
- Feb 21 Thu 2019 15:44
安全道場實作 10 URL Redirection to Untrusted Site ('Open Redirect')
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: 'URL Redirection to Untrusted Site ('Open Redirect')'.
- Feb 21 Thu 2019 14:42
安全道場實作 9 Download of Code Without Integrity Check
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: 'Download of Code Without Integrity Check'.
- Feb 21 Thu 2019 11:48
安全道場實作 8 Integer Overflow or Wraparound
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming error: Integer Overflow or Wraparound.
- Feb 20 Wed 2019 17:54
安全道場實作 7 Password Guessing Attacks
[題目]
The purpose of this challenge is to demonstrate password guessing attacks. are made possible by MITRE Top 25 programming flaws such as:.
- Feb 20 Wed 2019 17:15
安全道場實作 6 Use of a One-Way Hash without a Salt
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: 'Use of a One-Way Hash without a Salt'.
- Feb 20 Wed 2019 16:39
安全道場實作 5 Use of a Broken or Risky Cryptographic Algorithm
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: 'Use of a Broken or Risky Cryptographic Algorithm'.
- Feb 20 Wed 2019 16:02
安全道場實作 4 Missing Encryption of Sensitive Data
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: 'Missing Encryption of Sensitive Data'.
- Feb 20 Wed 2019 11:42
安全道場實作 3 Missing Authorization
[題目]
The purpose of this challenge is to demonstrate the MITRE Top 25 programming flaw: 'Missing Authorization'.
- Feb 19 Tue 2019 21:18
安全道場實作 2 Reliance on Untrusted Inputs in a Security Decision
- Aug 28 Tue 2018 07:05
安全道場實作 1 Missing Authentication for Critical Function
[題目]
The developer of the vulnerable application has implemented a logged in page but has forgotten to add an important check. Find a way to bypass the login page.
