Milkshak3s / CSEC-380-G5

Group 5 Repo for CSEC-380, Fall 2019

Milkshak3s/CSEC-380-G5 Issues

Create a video of us exploiting the SSRF vulnerability
Closed 5 years ago1
Describe how we prevent XSS when displaying the username of the user who uploaded the video
Closed 5 years ago1
Describe how we prevent users from deleting videos that they don't own
Closed 5 years ago1
Fix broken auth check for deleting videos
Updated 5 years ago
Make a video demonstrating classic SQL injection against our site
Closed 5 years ago1
Make a video demonstrating blind SQL injection against our site
Closed 5 years ago1
Record video demonstrating RCE execution
Closed 5 years ago1
Modify our login (or something) to directly query the database with a prepared statement
Closed 5 years ago1
Describe how we would fix our code so that this SSRF issue is no longer present
Closed 5 years ago1
Describe how our test demonstrates SSRF as opposed to just accessing an endpoint
Closed 5 years ago1
Describe how we would fix our code to fix these issues
Closed 5 years ago1
Modify our backend to be vulnerable to SSRF
Closed 5 years ago1
Write a test that demonstrates our backend is vulnerable to SSRF
Closed 5 years ago
Describe the limitations of the SQL injection vulnerabilities we have
Closed 5 years ago1
Write a test that shows blind SQL Injection
Closed 5 years ago1
Write a test that shows classic SQL injection
Closed 5 years ago1
Frontend component for an upload prompt
Closed 5 years ago1
Add a bad eval() or similar to backend to enable RCE
Closed 5 years ago
Backend function to processes a thumbnail from a video file
Updated 5 years ago
Frontend component for a video link prompt
Closed 5 years ago1
Hookup delete button functionality on frontend
Closed 5 years ago1
Test case for user authenticating, uploading video, viewing video, then deleting video
Updated 5 years ago
Frontend component to display and play a single video
Closed 5 years ago1
Link to the test cases used in this project
Closed 5 years ago1
Describe how we would fix this vulnerability in our code
Closed 5 years ago1
Remove hashlib from backend/requirements.txt
Closed 5 years ago
Project fails to docker-compose up
Closed 5 years ago
Test case that logs into into web app succesfully
Closed 5 years ago1
Test case that logs into web app with incorrect pass but correct user
Closed 5 years ago1
Test case that logs into web app with incorrect user but correct pass
Closed 5 years ago1
Implement password hashing on the backend auth check
Closed 5 years ago1
Backend endpoint to get metadata for ALL videos
Closed 5 years ago1
Backend endpoint to get a video file and metadata by ID
Closed 5 years ago1
Backend endpoint to delete a video by ID
Closed 5 years ago1
Backend endpoint for posting video files from a URL
Closed 5 years ago1
Have frontend video list component pull from backend endpoint
Closed 5 years ago1
Backend endpoint to handle file upload
Closed 5 years ago1
SQLA model for a single video
Closed 5 years ago1
Add backend static file hosting
Closed 5 years ago1
Frontend component to display uploaded videos
Closed 5 years ago1
Have frontend login component check for a valid token and redirect if so
Closed 5 years ago1
Create backend API endpoint to get user data based on auth token
Closed 5 years ago1
Have frontend login component send POST request with login data when button pressed
Closed 5 years ago1
Create sqlalchemy (or whatever language) database model
Closed 5 years ago1
Create backend API endpoint to validate auth and provide token
Closed 5 years ago1
Create database setup script with basic user data
Closed 5 years ago1
Add backend server to docker-compose
Closed 5 years ago1
Create basic login frontend component in react
Closed 5 years ago1
Add react frontend server to docker-compose
Closed 5 years ago1
Add MySQL to docker-compose
Closed 5 years ago1