.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
Username Enumeration: It seems that the issue is that Green and Blue both have the exploit in which if a username that exists in the system is put into the log-in field that it says unsuccesful user log-in. However if a username that doesn't exist is put into the field the website crashes.
Insecure Direct Object Reference: Blue seems to display the correct user id even if the user isn't directly shown on the users webpage. The other webpages simply show that the server doesn't respond and gives no message/display.
SQL Injection: [email protected]' UNION SELECT Username FROM Users WHERE '1'='1 a' UNION SELECT Username FROM Users WHERE Username=jmonroe99 a' UNION SELECT Name From Name WHERE Name= 'United States I tried these on several text fields without succession.
Cross Site Scripting
In green I put in the comment of the feedback. When you check feedback a box with xss pops up.
Cross-Site Request Forgery:
I was unsuccessful in determining how to do this attack.
Session Hijacking/Fixation: I wasn't able to get past trying to get the actual hijack all I find is that it wont change for blue when you try to log out and in.