The Mystery of the Leaky Database
The Mystery of the Leaky Database
Embedded Files
all site content is being moved over to EJMEDIA.CA - please visit us there!
ACME Corp is really having a tough go with their cybersecurity. You helped them uncover some serious flaws in their security camera system and now they've asked you to find out how top secret customer data is being exfiltrated from their system. All you've got to go on is their customer registration form so far.
coming soon
coming soon
Scenario Investigation Expectations:
What tables exist?
What is our main customer table called?
What fields exist in this table?
Who is Customer #112?
How many records in this table?
Can you get all the customer data?
Can you corrupt or otherwise manipulate the data?
Important note: some actual server errors may present themselves and some data is simulated due to live server security settings. I will not open server security to better simulate this exercise, but I hope what is presented here does still present a good view of what is possible when security - from user permissions to the database server itself are improperly configured or assigned.
hint 01
hint 01
Page updated
Google Sites
Report abuse