This repository contains a series of cybersecurity projects aimed at demonstrating and understanding critical web application vulnerabilities. The repository highlights the following security issues:
- Reflected Cross-Site Scripting (XSS).
- SQL Injection for Login Bypass.
- Clickjacking with CSRF Token Protection.
Reflected XSS into HTML context with nothing encoded. This vulnerability exists in the search functionality of a web application, allowing attackers to execute JavaScript code in the user's browser.
- Access the Web Application: Open the webpage containing the search functionality.
- Test the Search Field for Reflection: Enter a string (e.g.,
test) to check if it is reflected. - Craft an XSS Payload: Inject the following payload:
<script>alert(1)</script>
- Submit the Payload: Observe if a popup with "1" appears.
- Validate and sanitize user inputs.
- Apply context-appropriate encoding.
- Implement a Content Security Policy (CSP).
- Use security libraries like OWASP AntiSamy.
This vulnerability allows attackers to bypass authentication and log in as an administrator by injecting SQL commands into the username field.
- Navigate to the Login Page: Locate the username and password fields.
- Inject SQL Payload: In the username field, enter:
Leave the password field empty or provide any value.
administrator'-- - Submit the Form: Observe if access is granted to the administrator account.
administrator': Ends the current string.--: Comments out the rest of the SQL query, bypassing password validation.
- Use prepared statements and parameterized queries.
- Validate and sanitize user inputs.
- Restrict user privileges.
This vulnerability leverages transparent iframes and decoy elements to trick users into performing unintended actions, such as deleting their account, despite the presence of CSRF token protection.
- Log in to Your Account:
- Use credentials (e.g.,
wiener:Peter) to access the target website.
- Use credentials (e.g.,
- Set Up the Exploit:
- Host the following HTML on the exploit server:
<style> iframe { position: relative; width: 1000px; height: 700px; opacity: 0.000001; z-index: 2; } div { position: absolute; top: 515px; left: 60px; z-index: 1; } </style> <div>Click me</div> <iframe src="https://YOUR-LAB-ID.web-security-academy.net/my-account?id=wiener"></iframe>
- Host the following HTML on the exploit server:
- Align the Decoy Element:
- Adjust
topandleftvalues to align the "Click me" text with the "Delete account" button.
- Adjust
- Deliver the Exploit:
- After alignment, deliver the exploit to the victim and monitor for account deletion.
- Implement X-Frame-Options to prevent framing.
- Use SameSite cookies to mitigate CSRF attacks.
- Educate users about phishing tactics to avoid falling victim to clickjacking.
This repository provides hands-on demonstrations of severe web application vulnerabilities, emphasizing the importance of secure coding practices and proactive mitigation techniques.
- Task 1 Documentation: Reflected XSS details.
- Task 2 Documentation: SQL Injection details.
- Task 3 Documentation: Clickjacking with CSRF Token Protection details.
- Sample payloads and HTML templates for testing vulnerabilities.
This repository is intended solely for educational purposes. Testing on unauthorized systems or applications without explicit permission is illegal and unethical.