In this lab we experiment with software vulnerabilities and security.
Exploiting software vulnerabilities is an offensive technique. Trying it on real systems is against law and you might be prosecuted. Always do experiments with test hosts and users.
NOTE: The last task is a simple challenge that will give you extra score once you solve it and submit a concise, clear and correct write-up (more detail in the task).
No hurry! You don’t need to complete the challenge by the end of the class! Take your time … deadline is 24 November 2022.
- Task 1: command injection
- Task 2: path traversal
- Task 3: integer overflow
- Task 4: secure programming