Isec4001 Extended Cyber Crime And Assessment Answer
Your task is to produce a simple online shop web application that will allow users to buy and sell items (similar to gumtree). The application will involve a simple LAMP based stack which is one of the popular options for PHP based applications. Your website has to both be functional but also contain exploitable vulnerabilities which you must document and demonstrate how to successfully exploit.
There is no set theme regarding your web application, merely that it does what is re- quired. As such you are free to give your application its own name, logo etc. Just have some fun with it!
System Specifications
For this assignment you will be provided with a virtual machine that will already have a LAMP stack setup and ready for you. LAMP is a software stack commonly used for web applications that employ a PHP back-end. LAMP is defined as the following:
L: Linux
A: Apache Web Server M: MYSQL Database P: PHP
As third year students you should be strong enough programmers that learning a new language shouldnt be to much of an obstacle.
The application needs to allow the following features:
1 Create accounts
2 Additions of funds for users 3 Search for items by name
3 Search for items by name
4 Search for items by seller 5 Put item up for purchase
6 Purchase items using funds 7 Disable/lock regular users 8 Remove items up for sale
The application needs to support the following two types of users: 1 Regular user
2 Administrator user
Regular users need to be able to only perform operations 1-6 and administrators need to be able to perform all operations.
Users and items information will be stored in the database and must be edited when operations are done on the website. Your application should not be performing real money transactions. Instead just emulate such transactions with virtual funds. When an item is purchased, the funds are to be transferred from the buyer to the seller.
Virtual Machine
As noted above, you will be provided a virtual machine already configured for you to host the website on. The machine has the following version details
Linux Ubuntu Server 18.04 Apache 2.4.29
MySQL 14.14
PHP 7.2.19
The machine has been configured with a static IP address of 192.168.56.150 for a host only adapter. This can be changed by editing the configuration file in /etc/netplan/ to have a different address.
Credentials = student:CCSEP2019 (this is for everything)
The VM has also been setup to run a samba server that you can use to access the files from your main device, and also allows remote connection to the mysql database (i suggest using a tool such as MySQL Workbench).
Some extra resources has already been included in the VM for making the website easier to create if you wish to use them. These are:
bootstrap – A set of pre-made styling rules that make things look nice jquery – Makes basic javascript stuff easier
fontawesome – For a collection of glyphs (They’re pretty sweet) webfonts – a folder that fontawesome uses.
Required Exploits
While your web application needs to be perform the tasks noted above, it also needs to have vulnerabilities built into it. Note that these vulnerabilities must be apart of your functional implementation and as such a feature that is purely designed to be bad will not be counted as valid. ie. a button that runs ”DROP TABLES”
You are required to have at least 1 vulnerability in the following categories:
- XSS - Reflected
- XSS - Stored
- SQL Injection
- SQL Injection - Blind
- Broken Access Control
- Broken Cryptographic Algorithm
- PHP File Include
Choose 2 more vulnerabilities from the following list to implement.
- Server Misconfiguration
- Unrestricted File Upload
- Use of hard-coded passwords
Buy Isec4001 Extended Cyber Crime And Assessment Answer Online
Talk to our expert to get the help with Isec4001 Extended Cyber Crime And Assessment Answers to complete your assessment on time and boost your grades now
The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.
Get Online Support for Isec4001 Extended Cyber Crime And Assessment Answer Assignment Help Online
Resources
- 24 x 7 Availability.
- Trained and Certified Experts.
- Deadline Guaranteed.
- Plagiarism Free.
- Privacy Guaranteed.
- Free download.
- Online help for all project.
- Homework Help Services