![]() Sanitization involves removing characters entirely in order to make the value “safe”. Injection is possible when the data is treated as codeĭata sanitization and Escaping is a mitigation for code injection vulnerabilities The root cause of code injection vulnerabilities is the mixing of code and data which is then handed to a browser. Some users will try to “inject code” in our website, using different tricks (as we will see below in the following Challenges) We should always be very carefull with user inputs on our websites. Resources directory holds all CSS code, images, template files (it will provide important functionalities such as account creation, login process, user profile, snippets, file upload), and a Javascript library (for snippets user interaction and refresh) In our case, here are the allowed/disallowed tags The process is usually based upon a white list of allowed tags, and a black list of disallowed tags For example, tags such as are usually removed during the sanitizing process. HTML sanitization can be used to protect against attacks such as cross-site scripting (XSS) by sanitizing any HTML code submitted by a user. HTML sanitization is the process of examining an HTML document and producing a new one that preserves only whatever tags are designated “safe” and desired. Sanitize.py is the Gruyere module used for sanitizing HTML, to protect the application from security holes Most of the Gruyere resources are written using GTL Documentation for GTL can be found directly in gruyere/gtl.py ![]() Gruyere Template Language (GTL) is a new template language, and as its siblings such as Django, it helps create web pages more efficiently. Here are important text comments included in the code, it helps understand the server logic and limitations The code enables the setup of a local server with the necessary functionalities (creation of a working directory, installation of a database, cookie management, URL/HTML responses, management of user profile, data/file upload,…) Gruyere.py is the main Gruyere web server There is an administrator account and three default users ![]() Here is a short explanation about the Gruyere modules (we will come back to it with deeper analysis during the Challenges) :ĭata.py stores the default data in the database. In our context, a snippet refers to a small bit of text added as a tag, after a user nameīefore going through the Challenges, let’s have a first look into the code (I’m using the code editor “Sublime Text”) It is the usual word used by Google to highlight a summary text in the Google search engine result. This is what my login page now looks like :Ībout snippets : some of you may not know where this comes from. Upload a file (via “Upload”) to your account.Create a snippet (via “New Snippet”) containing your favorite joke.Fill in your account’s profile, including a private snippet and an icon that will be displayed by your name.Sign up for an account for yourself to use when hacking.Also check out what they have their Homepage set to View another user’s snippets by following the “All snippets” link on the main page.The Lab looks like this when you launch it for the first time (it will create an incremental session number, specific to you)Īs a warm-up, we are requested to perform a few basic tasks, to gain a first understanding of the user interface : Google provides all the solutions on the Gruyere site, so I’m not going to provide new solutions but rather walk through the proposed solutions The code relies on Templates – Gruyere Template Language or GTL –, and in this respect, look similar to Django ( ) Reading through the code will help build a good understanding how the vulnerabilities work. Some of these Challenges can be solved by using black box techniques, other Challenges will require to look at the Gruyere source code (that’s why Google provides both client side and server side code along with the Lab). Among other Challenges, we will practice cross-site scripting (XSS), cross-site request forgery (XSRF),…and also get an opportunity to assess the impacts of such vulnerabilities ( denial-of-service, information disclosure, remote code execution…) The Lab shows how web application vulnerabilities can be exploited and how to defend against these attacks. This website mimicks the principles of a very basic social network, where you can create a user profile (name, photo, pinned message and website…), manage it, and post some short messages (snippets in this case), so it really makes sense as a study material It’s a Website called Google Gruyere it is a Hacking Lab, and as per it’s name, it is riddled with vulnerabilities. For this purpose, there is a good resource developed by Google.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |