The simulation environment has five different “attack cases” with specified attack goals.
We will only look at the first three attack cases in this assignment. Your goal is to develop
code injection attacks to attain the attack goals specified below. Use the knowledge gained
in class and the instructions on the above web site to help you achieve these goals.
Attack case 1:
x Write an injection string (URL) that lists all the products, independently of their
x Write an injection string (URL) that allows you do find out which tables are defined
in our example application. Hint: you can assume that you know that the Web site runs MySQL as the database server. Based on that knowledge you can look at the mysql documentation to find out how MySQL stores its information on table definitions (meta data).
Attack case 2:
x Craft an entry to the form that lists all the products.
SELECT name, description FROM products WHERE description LIKE ‘%’
x Craft an entry to the form that lists all columns of the application’s table that stores
the user login data. (That table is called “members”, as you will have found out if
you completed attack case 1.)
members (first_name, last_name, username, password, email, permission)
Attack case 3:
x Craft an entry to the form that lets you log in as any user of the system.
x Craft an entry to the form that lets you find out what the permission ID is for members that are administrators.
x Craft an entry to the form that lets you log in as an administrator.
x Carry out a blind injection attack that lets you find out whether a (chosen) user has
any orders in the database.