search

cheese-hub / cheesehub

CHEESE project website and documentation
2 stars 4 forks source link

Implement SQL injection #14

Closed craig-willis closed 5 years ago

rkalyanapurdue commented 6 years ago

@craig-willis I've completed my README updates. SQL Injection is implemented in a different repo (https://github.com/cheese-hub/sqlinjection) though. How do we get the review going? I should have probably created an empty repo and then got a PR going with the actual code...

craig-willis commented 6 years ago

We can just do it via this issue. I'll assign myself and provide any feedback via comments here.

rkalyanapurdue commented 6 years ago

Here's an overview of this container:

  1. Based on Jupyter's base notebook
  2. Simple Python app implements database client to be run from the terminal
  3. SQLite used to implement lightweight database
  4. Notebook provides instructions to test and exploit weakness in database client
  5. Notebook also provides instructions to modify database client code to fix SQLInjection bug and re-run
craig-willis commented 5 years ago

I think this issue can be closed and associated PR merged? Or maybe we're still waiting on the spec PR?