Im not hacking, Im testing!
During my 6th week I worked over a system called the Dashboard in which clients & designers can edit email [image based] templates using a WYSIWYG [What You See Is What You Get] editor.
My specific task was building a new template for generic products, this required me to code the layout and use pre-made assets with no changes made (as they were supplied by the client and images such as the logo follow strict guidelines).
The design brief for this template was a 2-colloumn wide layout with automatically generated header & footer text with an Intel logo of agreed image dimensions placed at the top of the right column without any user interaction required.
When I had successfully completed the layout I started to “plug it into the Dashboard” which involved replacing all of my placeholder content with function calls to pull through any of the content the designer or client may have added for this specific template. I also added the code to generate the header & footer text depending on the language / translation selected for the template.
Once this was completed I put my end result forward to the accountant that requested for this to be made and after I worked through a basic list of amends which involved changing the template name & checking over the Intel logo that its size dimensions are the same as the other templates to ensure that no issues will come up later on.
The other task that I have been given was to work on debugging / finding security flaws in my line managers own framework which allowed me to use what I have so far learnt about Object Orientated PHP and I had successfully found and exploited 3 “SQL Injections” (In which you write tailored “database code” directly into a form box and the database then runs this code.
This can have the consequence of deleting all rows from a table, or allowing a malicious user to by-pass the login checks and act as a site administrator.
Another exploit I found was XSS [Cross Site Scripting] in which I wrote tailored JavaScript directly into several input areas that could display to other customers if the site was live and then the JavaScript code exploit would run. While in my example I wrote this only to display a basic alert box in a real life scenario this could be as serious as redirecting a user towards a 3rd party website which contains executable Virus-ridden code that could then download an infected file directly onto the customers computer.
Once I discovered these issues I then went into the code and added the appropriate verification checks e.g. checking that date inputs only contain numbers, and everything is escaped or “made safe” before being entered into the database so it is looked at as a row entry rather than potentially containing a command that could be ran.
18:45:12 25/10/11