SY110 Homework Alpha: ________ Name: __________________
Page 1 of 2
Collaboration Policy: Default
MIDN Last, F.
choose one: □ None □ XS110 □ EI with:
(or more)
□ MGSP
□ Discussed with: ______________________
Homework: /SY110/Cyber Battlefield/Injection Attacks & XSS
1. Go to http://www.amazon.com/ and, in the Search box near the upper portion of the page,
enter as a search term: look<U>out</U>
The resulting webpage shows your search results, including echoing back your search term.
a. [ 10 / 8 / 5 / 0 ] What do you see echoed back as your search term?
b. [ 10 / 8 / 5 / 0 ] Does the page appear to be vulnerable to an HTML injection attack?
Explain why you hypothesize this; use complete sentences, spelling and grammar count.
2. [ 20 / 15 / 10 / 0 ] Circle the correct word client or server in each section below so that the text
is accurate:
A cookie is a small piece of data stored on the hard drive of the web
server / client .
For a given web site, the server / client asks the server / client to store the cookie,
and to then send it when any GET requests are made by the server / client for files at the site.
3. [ 10 / 8 / 5 / 0 ] When I enter the URL amazon.com in a browser on my laptop, the page I get
always welcomes me by name at the top; cookies make that possible. I recently entered the same
URL in a browser on a computer at the library, but the resulting page did not welcome me using
my Amazon login name. Explain why the computer at the library did not welcome me by name;
use complete sentences, spelling and grammar count.
4. Below is a link to a special SY110 message board. Some user has nuked the message board
with some kind of injection attack.
http://rona.academy.usna.edu/~sy110/lec/wwwAtks/hw/mbNuked.html
a. [ 10 / 8 / 5 / 0 ] The name of the user who attacked the message board is:
SY110 Homework
Collaboration Policy: Default
Page 2 of 2
b. [ 10 / 8 / 5 / 0 ] Describe exactly what you did to discover the answer to 4.a.; use complete
sentences, spelling and grammar count.
5. [ 10 / 8 / 5 / 0 ] Suppose you have an account at insecurebank.com. Someone named Guy
Bad sends you an email that tricks you into pointing your browser at the URL:
http://insecurebank.com/transfer.cgi?amount=1000.00&toAcct=780023
transfer.cgi is a server side script that transfers money between accounts. Explain why
$1000.00 will be transferred from your account to account 780023 only if you happen to be
logged into your account at insecurebank.com at the time you open the email from Guy Bad,
but not otherwise; use complete sentences, spelling and grammar count.
6. There is yet another message board at the URL:
http://rona.academy.usna.edu/~sy110/lec/wwwAtks/hw/msg/mb.html
This version of the message board uses a client side script to escape < >’s in message posts. Find
a way to post a message that renders as: baseball , despite this input sanitization. Note: this
message board auto-wipes itself every 60 seconds, just in case someone inadvertently attacks its
Availability. DO NOT intentionally attack this message board.
a. [ 5 / 3 / 0 ] What is the raw HTML that you want to post as a message to the message
board?
b. [ 15 / 10 / 5 / 0 ] Describe what you did to inject the code; use complete sentences,
spelling and grammar count.