osusec / osusec.github.io-archive

The official website for OSU Security Club

GNU General Public License v2.0

3 stars 5 forks source link

Closed pop closed 6 years ago

pop commented 8 years ago

Today: Website Vulnerabilities

To demonstrate Sean ( @rettigs ) made a python flask application which was vulnerable to

Injections Attack.
- Shell injection attacks
- SQL Injection Attacks
CSRF attacks.
- Essentially you run a piece of malicious code on site B which affects site A by loading a mlicious GET request.
Cross Site Scripting.

After the vulnerabitlies demo we went back to working on natas11 and beyon.

rettigs commented 8 years ago

Thanks for the notes!

pop commented 6 years ago

Well this is a blast from the past.