CSC-405 Introduction to Computer Security
Assignment 1 - Web Attacks Intro
Your goal is to break a series of web challenges using the full range of your hacking skills.
Every challenge is at
You can access any level at any time, so if you get stuck in one of them you can still work on the others.
Once you break the level and discover the flag, you want to verify it on our submission page
https://hw1.kapravelos.com/flag. Our submission page will record if you successfully solved the level, but you will need to also submit a report with a description of how you exploited that level along with all the code that you used.
Note that some of the levels are not straightforward and you would need to try several different strategies until you land with the correct one. This means that you should start early so that you have time to work on difficult/challenging levels.
You will need to sharpen your web hacking toolbelt. You will probably need to become familiar with the following tools to understand the web applications that you want to break:
Using automated tools that scan for web vulnerabilities against the server is prohibited.
You will be awarded points based on how many levels are broken. All levels are worth 10 points each. However, who needs points when you see your hacker alias in all its glory on the scoreboard?
You will need to submit a description for each level of how it was attacked and what the vulnerability was. The description is important and will affect how we grade your assignment. The submission page for the reports will be posted on piazza.