CSCD 303 Lab6 XSS and CSRF - Part 2
Due: March 12, 2014

Instructions
Now, you have learned the basics of Cross Site Scripting, CSRF and SQL-Injection you will get to put some of this knowledge into practice. We will be compromising a vulnerable website hosted by Google, called Gruyere.



Steps for the Gruyere Site
1. Start the vulnerable Gruyere Website, Link is: Google Gruyere Site
2. Read the entire page down to the bottom on features and technologies and using Gruyere.
3. Follow directions under using Gruyere
a. Create a user account for yourself and fill out a profile
b. Continue to the next page where you will be dealing with XSS attacks

4. XSS Challenges.
On this page, you will try some of the XSS Challenges
a. Complete the File Upload XSS, create an .html file with the code under the Exploit and Fix link.
Load this file onto the site and access it. Write down what happens.
b. Go down to the Reflected XSS Attack. Read hints and click on the Exploit and Fix. Cut and paste this into a URL to see what it does. Report what it does. Are there other places within the vulnerable Gruyere site where a reflected XSS attack will work? Find and report at least one other place where this attack works.
c. Now, move on to the Stored XSS attacks
Try the attacks under the Exploit and Fix link. Report what happens?
d. Move down to the Stored XSS via HTML Attribute
Look at the hints and do the attack under Exploit and Fix. This is yet another way XSS can be done. What happens when you put your mouse over the snippet link?

5. CSRF Challenges
On the links to the right, click on the CSRF link. Look at the hint but cut and paste the link under the Exploit and Fix link into an .html file and save it on your computer. Then load the file into your browser while you have the Gruyere website open and click on the link you put in the file. What happens? Did it work?

Final Questions on XSS and CSRF
1. As a result of your experiences with XSS and CSRF and reading the material on the Gruyere site, what is the overall strategy to fix these problems?
2. If you had your own website, are there any tools you could use to help you screen for these types of attacks?
3. There are a lot of web development templates currently being used for website development. Do any of these templates claim to prevent these types of attacks?

Turn In
1. Email the answers to the questions and the report of your experiences.
2. Put CSCD303-Lab6 in the subject