Skip to content

RITSPARSA/ISTS16-ECommerce

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits
app
app
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
run.py
run.py
 
 
secret.starsa
secret.starsa
 
 
webtool.wsgi
webtool.wsgi
 
 

Repository files navigation

ISTS16_Ecommerce

This should be a store application that lets them buy things. Additionally their purchase token will be stored in here. Let’s allow some Appsec vuln to leak the token, but don’t make it easily readable from the filesystem.

Should generate the team’s token based on user login credentials, so that it isn’t stored on disk and that way is harder to steal. Then introduce an appsec vuln to allow you to impersonate another user, or gain access to the app.

This app should allow them to buy things from white team, but the public facing unauthenticated portion should allow people (probably us) to buy things from them to earn them some extra money.

-- Kyle Caretto 2017

About

Ecommerce site for ISTS 16

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages