This shows you the differences between two versions of the page.
isc:labs:09 [2023/12/10 16:56] alexandru.ghita2611 [Tasks] |
isc:labs:09 [2024/04/30 14:07] (current) radu.mantu |
||
---|---|---|---|
Line 100: | Line 100: | ||
trick to accomplish this. | trick to accomplish this. | ||
- | First, copy your private key from **fep** to your workstation (since | + | You should already have a [[:isc:info:virtualmachine|SSH keypair for authenticating with fep & OpenStack]]: |
- | authentication with the VM will be realized from your PC) \\ | + | |
- | (//either do this, or assign a key existing on your machine to your OpenStack | + | |
- | account and VM instance)//: | + | |
- | <code bash> | + | |
- | scp <first.lastname>@fep.grid.pub.ro:.ssh/id_rsa ~/.ssh/fep_rsa # (for *nixes) | + | |
- | chmod 700 ~/.ssh/fep_rsa # required on *nix systems | + | |
- | </code> | + | |
- | Make sure to replace ''id_rsa'' from the remote server (fep) with your actual key name (if you didn't use the | + | |
- | default one). If you're on Windows / not WSL, please download the key to a path inside your home (last ''scp'' argument). | + | |
- | Connect to the VM using (**ssh on Linux / WSL**): | + | We will be using ''ssh''`s Local Port Forwarding feature, requesting it to pass all packets from ''localhost:8080'' through the SSH tunnel to the destination VM on ''8080'': |
- | <code bash> | + | |
- | ssh -i <fep key path> -L "8080:localhost:8080" -o 'ProxyCommand=ssh <first.lastname>@fep.grid.pub.ro -W %h:%p' student@10.9.X.Y | + | |
- | # after entering the password for fep and trusting the server's public key, | + | |
- | # you should see the 'student@host:~$' prompt! | + | |
- | </code> | + | |
- | If you use **OpenSSH for Windows**, you must use the full path for ''ProxyCommand'': | ||
<code bash> | <code bash> | ||
- | ssh -i <fep key path> -L "8080:localhost:8080" -o "ProxyCommand=C:\Windows\System32\OpenSSH\ssh.exe <first.lastname>@fep.grid.pub.ro -W %h:%p" student@10.9.X.Y | + | ssh -L "8080:localhost:8080" -J <first.lastname>@fep.grid.pub.ro student@10.9.X.Y |
</code> | </code> | ||
- | |||
- | This uses //fep.grid.pub.ro// as a proxy (''-W'' is stdin/stdout forwarding), | ||
- | successfully connecting to the SSH server running on the OpenStack VM | ||
- | (inaccessible otherwise) and requesting it to forward (''-L <local | ||
- | addr:port>:<remote addr:port>'') its HTTP server port (''localhost:8080'') back | ||
- | to your physical machine (same port, for convenience)! | ||
- | |||
- | **Note:** replace the ''<fep key path>'', ''<first.lastname>'' and ''X.Y'' placeholders with the | ||
- | actual path to your SSH key / username / VM IP address!\\ | ||
- | You can use the same trick to forward any port from a OpenStack VM to your | ||
- | local host! | ||
- | |||
- | <hidden> | ||
- | For this lab, **you are required to take a screenshot proving each task's | ||
- | completeness** (usually, of the exploited webpage). | ||
- | For the SQL injection tasks, it would be nice if you saved a list of successful | ||
- | inputs in a .txt file. For the XSS / CSRF injection tasks, please include the | ||
- | HTML / JavaScript code you used into the archive. | ||
- | |||
- | Please upload the screenshots / readme to [[https://curs.upb.ro/mod/assign/view.php?id=280251|This Moodle Assignment]]. | ||
- | </hidden> | ||
===== Tasks ===== | ===== Tasks ===== | ||
Line 202: | Line 166: | ||
<script>alert("XSS!");</script> | <script>alert("XSS!");</script> | ||
</code> | </code> | ||
- | * **Hint**: You can use absolute element positioning, e.g.: ''<div style="position: absolute; top: -300px;left:100px;"> insert your img here </div>''. Try it with the browser's developer console / inspect element first before injecting it inside a message ;) | + | * **Hint**: You can use absolute element positioning, e.g.: ''<div style=%%"%%position: absolute; top: -300px;left:100px;%%"%%> insert your img here </div>''. Try it with the browser's developer console / inspect element first before injecting it inside a message ;) \\ [[https://www.w3schools.com/css/css_positioning.asp]] |
- | * Hint: Console can be accessed either by right-clicking and choosing Inspect or by hitting F12 on your keyboard and navigating to 'Console' tab. \\ Try appending code to the document's body. | + | * Hint: Console can be accessed either by right-clicking and choosing Inspect or by hitting F12 on your keyboard and navigating to 'Console' tab. |
+ | * Note: Try appending code to the document's body. | ||
<solution -hidden> | <solution -hidden> |