1. Open the Terminal:

   • Navigate to the directory where the app.py file is located.

2. Run the Application:

   • Use the following command in the terminal:

     python app.py
     

     or, if using Python 3,

     python3 app.py
     

   • Alternatively, you can use the 'Run' button in your IDE for the app.py file.

3. Access the Web Application:

   • Open your browser.
   • Go to the URL displayed in the terminal. For example:

     http://127.0.0.1:5000
     

   • This URL will open the home page of your web application.

1. Customer View
   • A customer can only access these tables.
   • A customer is only allowed to view the tables and not make any changes.
2. Admin View
   • Admin has access to all the tables.
   • Admin is allowed to perform various operations on the tables.

1. Select
2. Insert
   • Before
   • After
3. Update
   • Before
   • After
4. Delete
   • Before
   • After

1. Customer
2. Order
3. smart_laundry
4. belongs_to
5. gsj_employee
6. item_of_clothing
7. vehicles
8. places_order
9. transaction

XSS is an attack in which we input some malicious JavaScript in the input box which then gets embedded in the HTML and later gets executed when the infected page is opened.

If we enter the following script in the Input Box-

We are redirected to the error page where we are received with this prompt. This shows that JS can be executed on the server using the input box. This means DOM elements and other data can be accessed using XSS.

To prevent XSS we have made a variable name “autoescape” true in all the HTML files where input entered is rendered to the site. This is done in the following way-

To prevent XSS we have made a variable name “autoescape” true in all the HTML files where input entered is rendered to the site. This is done in the following way- At the starting of the HTML file add{% autoescape true %}

An SQL injection involves embedding SQL code into an input field that lacks proper sanitization. If this input can cause the backend server to execute the injected SQL, despite the application not officially supporting direct SQL command execution, the SQL injection attempt is considered successful.

Even though the "item_of_clothing" table is not directly accessible, using the inspection tools could reveal ways to bypass the intended user interface and access or manipulate the data directly through the database.

The defense against such an SQL injection is to sanitize the input whenever it is received from the user. We shouldn’t directly take user input as it is. We should first do some checks and only display data if the input is validated and secure. The check I’m performing is whether the tableName input is in the list of tables accessible to the “user” - this way I throw an error whenever I receive a value which is not a valid name of a table.

The login credentials are requested on the initial welcome page. However, if an attacker enters a direct URL to a page that should require authentication, access is granted. The code snippet provided does not include measures to prevent this security lapse. For instance, by appending '/adminindex’' to the URL, an attacker could bypass the login process and gain admin-level access to the database, which is set as the default role..

We’ve implemented a role-based access control (RBAC) system in a Python web application using the Flask framework to prevent unauthorized access through URL manipulation. This method checks the user's role stored in the session before serving the requested page. The code differentiates between 'admin' and 'user' roles. When an 'admin' tries to access the admin index (/adminindex), or a 'user' tries to access the user index (/userindex), it works fine. However, if someone with a different role, or someone who is not logged in, tries to access these URLs, they get redirected to the home page (/).

There is a hidden WHERE clause in the HTML of the codebase. The codebase, once accessed via inspect-element available on most leading browsers, can be used to execute arbitrary code via the WHERE clause. However, it was required by our backend code to function properly.

Can be fixed by requiring a randomly generated key from the database whenever queried. The attacker won’t have access to the token and won’t be able to add SQL code.

A traditional DoS attack can be executed by rapidly pinging the server holding the database, especially when locally hosted on IITGN-SSO. This has been done for multiple websites before.

A simple description of the attack.

We hosted our website on Netlify and also via free credits on DigitalOcean, a secure web platform that handles DoS as well as DDoS attacks by their server-side security protocols.

Karan Khajanchi

• Worked on developing the backend using Flask
• Worked on integration with MySQL
• Ideated the design for the frontend

Lakshya Mehta

• Developed the frontend using HTML, CSS, and Tailwind CSS
• Tested the database and web app
• Fixing bugs found during testing

Abhinab Mondal

• Worked on developing the backend using Flask and MySQL
• Set up the integration pipeline and query processing functionality
• Developed the wireframe for the frontend
• Worked on the integration of pages with the backend

Progyan Das

• Developed the query processing functionality
• Set up connections to different databases and tables in the web app
• Worked on designing backend routes

Akshay Mishra

• Contributed to the styling of the front end
• Helped in writing the README file for the web app

Meet Hariyani

• Created different views for different roles/users
• Worked on developing the final rendered HTML pages for the web application

Divyanshu Borana

• Contributed to writing the README file
• Documented the testing output and snapshots

Vinit Singh

• Developed the front end of HTML pages using CSS and Tailwind to make it look user-friendly
• Worked on different views for different roles
• Debugged errors found during testing

Link to Assignment 4 - https://docs.google.com/document/d/18m7vYecykn5-7eIbg1wQbKXirrBDvyp8zujJakU6uKQ/edit