Академический Документы
Профессиональный Документы
Культура Документы
Final Assignment
Semester: 2 A. Y.: 2019/2020
Student Name
Student ID
Exam Set (A, B, C, etc.) Set A
Instructions:
1. Make sure to read and understand the General College Guidelines and Student Declaration Terms and
Conditions found in the Cover Page.
2. Send the scanned SIGNED COPY of the Declaration Form along with this answer scripts to the Lecturer.
The Lecturer will NEVER mark any answer scripts without this signed Declaration Form. [If printer is not
available, write the Declaration Form in A4 paper and affix your signature.]
3. Upload the ANSWER SCRIPTS ALONG WITH THE DECLARATION FORM in the appropriate
platform/tool as written on the exam paper.
7 B
40 Total
Signature: Signature:
Date : Date :
1 Page
Information Technology Department
2. Starting from the posting of the question test papers online, the students are given exactly 48 hours to submit their
answers.
At the end of the 48 hours, the submission link shall be deleted or deactivated. NO EXTENSION WILL BE
GIVEN. Failure to submit the answer within the 48-hour period will result to ZERO mark.
3. In case of technical problems, inform the Lecturer immediately through the HCT Email or through chat message in
MS Teams, at least two (2) hours before the expiration of the 48-hour period.
4. For IT exams, there is a separate Answer Script Template where students should type their answers.
For Math exams, handwritten answers are allowed. Make sure to include Student Name on each page and the
question number to avoid confusion.
5. Do the proper citation in every answer taken from other sources, if applicable.
6. For handwritten answers, submit a SCANNED COPY of the answers IN SINGLE FILE. [You can use any available
mobile app scanner if in case you do not have a scanner device.]
7. Send the scanned SIGNED COPY of this Declaration Form along with the answer scripts to the Lecturer. The
Lecturer will NEVER mark any answer scripts without this signed Declaration Form. [If printer is not available, write
this Declaration Form in A4 paper and affix the signature.]
8. Upload the ANSWER SCRIPTS ALONG WITH THE DECLARATION FORM in the appropriate platform/tool
as written on the exam paper.
9. Always abide by the College Academic Integrity and Honesty Policy found at
https://www.hct.edu.om/pdf/pms/academic-integrity-and-honesty-policy.pdf.
10. Abide by the guidelines mentioned above and any violation of the same will be subjected for a disciplinary action or
get ZERO mark, as the case may be.
STUDENT DECLARATION
I also understand that plagiarism and cheating are offenses that can lead to disciplinary action and GRADE OF ZERO, as the
.case may be
..………………………………………… :Signature
.…………………………… :Date (dd-mm-yyyy)
Analyze the scenario and answer the following questions: (33 marks)
2 Page
I: Case Scenario:
Cookie values:
Tracking: 3457842253454757834434569823081726
Prod_Status: 3456127456788356464233245234543543
Code snippets:
3 Page
i. What is the maximum quantity allowed for the product Mackbook Air? [1]
MacBook Air
……………………………………………………………
MacBook
……………………………………………………………
……………………………………………………………
ii. How a hacker can bypass the restriction imposed on the Item Counts? ( Explain two methods
of exploitation for this vulnerability). Suggest a security solution to this problem. [3]
iii. Identify other vulnerability found in the above scenario than what is identified in Q1.ii.?
Suggest a security solution the security solution for the identified vulnerability. [2]
4 Page
iv. In your point of view, is it advisable to store the price as a cookie along with cookie values to
improve the security? Justify your answer [1]
Tracking: 3457842253454757834434569823081726
Prod_Status: 3456127456788356464233245234543543
Price: 1998
- Assume that changepass.aspx shown in the above can only be accessible after a successful login.
ii. Explain or Draw the Correct design of the change password page. [2]
5 Page
3. Analyze the scenario given below and answer the questions. [3 Marks]
#1 Vulnerability:
#2 Vulnerability:
6 Page
#3 Vulnerability:
4. In this scenario, the pages shown below are from an online training website. As a White Hat
hacker, you have identified that there are SQL injection vulnerabilities in these pages. [7 Marks]
Login Page
7 Page
Search for Training Details Page
Analyze the pages (Login page and Search for Training Details page) above and answer the following questions.
i. Suggest the SQL injection code for the two scenarios below where a normal user can login as admin
b. Scenario2: If the user doesn’t know both the userid of the admin and the password. Assume that
here in this scenario, the system even blocks the comment symbol from the input.
[1]
ii. Suppose you have decided to use the UNION operator to display another table contains confidential
data like password or credit card details. Write down the steps involved to show the userid and
password within the search result? [5]
8 Page
5. Analyze the Guestbook page shown below and answer the following questions.
9 Page
[7 Marks]
i. Identify the type of Cross-Site Scripting vulnerability that can be in the above scenario. [1]
ii. Demonstrate the steps for stealing the session token of a user by exploiting the above vulnerability.
Also, write any Javascript code snippets for stealing the cookie values. [6]
10 Page
6. Below is a page from shoppingwebsite.com called bill.php which has input controls to be filled
by the user. [4 Marks]
11 Page
Identify the kind of Input Handling approach that is used for the following scenarios:
ii. Remove special characters from the 1st Line Address input before processing it.
iv. The system verifies the Phone submitted belongs to the user who owns it.
7. Below are the two cases from the Burp suite proxy for intercepting the web traffic.
12 Page
Case1: Request and Response messages :-
GET / HTTP/1.1
Host: ebay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
GET / HTTP/1.1
Host: www.ebay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
13 Page
HTTP/1.1 200 OK
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self' blob: wss: data: https:; img-src 'self' data: https:; script-src
'self' 'unsafe-eval' 'unsafe-inline' blob: data: https:; style-src 'self' 'unsafe-inline' data: https:;
Content-Type: text/html;charset=utf-8
rlogid: t6klaook%60b0%3D%3C%3Dosuojbnkmcc4%3B(5030%3E%3E%3A-172221f9924-0x303
strict-transport-security: max-age=31536000
x-envoy-upstream-service-time: 28
Server: ebay-proxy-server
X-EdgeConnect-MidMile-RTT: 52
X-EdgeConnect-Origin-MEX-Latency: 38
Date: Sun, 17 May 2020 10:13:15 GMT
Connection: close
Set-Cookie: dp1=bbl/OM6283753b^; Domain=.ebay.com; Path=/; Expires=Tue, 17 May 2022
10:13:15 GMT
Set-Cookie: nonsession=BAQAAAXAiGIjaAAaAADMAAWZlZjllNd99OBJnwcH4eFl67ujODIjgomJk*;
Domain=.ebay.com; Path=/; Expires=Tue, 17 May 2022 10:13:15 GMT
Set-Cookie: s=CgAD4ACBewl+7MjIxZjk5MzAxNzIwYWE2NjM2YTZlZjVlZmVmOWU1MGW0OOx8;
Domain=.ebay.com; Path=/; HttpOnly
Set-Cookie: ebay=%5Esbf%3D%23000000%5E; Domain=.ebay.com; Path=/
Content-Length: 190201
<!DOCTYPE html>
<!--[if IE 9 ]>
<html class="ie9"> <![endif]-->
<html lang="en">
-----------------------------
-----------------------------
-----------------------------
14 Page
- Analyze the messages in each case above to answer the following questions.
i. Does the Client request accept the Arabic page from the server? Justify your answer from the
given messages.
iii. Will the server maintain the TCP connection even after the client request is processed? Justify.
iv. What is the size of the body (in Bytes) of the response message in Case2?
vi. Identify the below statement is true about the messages above? Justify your answer.
15 Page