Gruyere - Web Application Exploits and Defenses

The provided web application Gruyere - holey cheese - shows with own hacking and source code analysis many vulnerabilities. Google Code University exercises are to solve from attackers view. Reading source code and using the tools (for me curl and WebScarab) is like a game with the wow factor if the next security hole is found. This makes learning fun and the solved problems are easier to remember.

I analyzed my own web application zitat-service.de (quotation service for web pages) simultaneously and solved some vulnerabilities:

• XSS on searching for quotations with JavaScript as search pattern,
• 6 places, where administrative rights are given on modifying GET parameters and
• 3 places where just deletion was implemented by GET and not by POST request.

Including my own web application fixes, but without Ajax, it took me 2 days to finish the track with:

• XSS - Cross-Site Scripting
• XSRF - Cross-side Request Fogery
• XSSI - Cross Site Script Inclusion
• Path Traversal
• DoS - Denial of Service
• Code Execution
• Configuration Vulnerabilities
• Buffer Overflow
• SQL Injection

Gruyere related articles can also be found in German computer journals:

• c’t 12 / 2010, p. 38
• iX 8 / 2010, p. 72 ff.