AristiPap/E-Class_PenTesting

Open eClass 2.3

Development of XSS, CSRF, SQLi, RFI attacks/defences of an older,vulnerable version of eclass. Project implemented as part of the class YS13 Cyber-Security.

Docker Usage

# create and start (the first run takes time to build the image)
docker-compose up -d
@@ -19,34 +16,25 @@ docker-compose start
docker-compose down -v

Hit http://localhost:8001/ in your browser. If this is your first visit you must run the site installer in the browser.

Eclass Settings

Database
- Host : db
- User : root
- Password : 1234
System Settings
- URL of Open eClass : http://localhost:8001/
- Admin's username : drunkadmin

2020 Project 1

Assignment readings: https://ys13.chatzi.org/assets/projects/project1.pdf

Team Members

1115201800154, Αρίστη Παπασταύρου
1115201800156, Νικόλαος Πασσάκος Χατζηορίδης

About

Exploiting and fixing security vulnerabilities of an old version of E-Class. Project implemented as part of the class YS13 Cyber-Security.

MIT License

Languages

Language:PHP 87.7%Language:JavaScript 7.1%Language:HTML 3.6%Language:CSS 1.4%Language:Shell 0.2%Language:Perl 0.1%Language:Python 0.0%Language:Smarty 0.0%Language:Dockerfile 0.0%Language:Hack 0.0%Language:Roff 0.0%