search

dazzling-sky / COMP4111-project

COMP4111 project - RESTful Web Service for Library Book Management
https://course.cse.ust.hk/comp4111/project.html
0 stars 0 forks source link

[Security] Force other to logout with SQL injection #32

Open STommydx opened 4 years ago

STommydx commented 4 years ago

Description Force others to logout with SQL injection

To reproduce

  1. Login with user 1
  2. Execute the following command for logout. Note that the token is not user 1's token 
    echo -e 'GET /BookManagementService/logout?token=y"\tOR\t""\tLIKE\t" HTTP/1.1 \r\n' | nc localhost 8080
  3. Login with user 1 again

Expected 409 Conflict

What actually happened 200 OK