created at https://en.wikibooks.org/wiki/KS3_Computing/Projects_Ideas/Hack_applications/find-solution-for-find-the-number and https://en.wikibooks.org/wiki/KS3_Computing/Projects_Ideas/Hack_applications (see also http://blog.diniscruz.com/2015/05/teach-kids-how-to-code-by-solving-their.html)
text
A very sexy area of computing is the 'hacking' and 'security/application exploitation'. When done in a non malicious way, hacking an application is the best way to learn about programming
Ideas for hacking challenges:
- Login into without needing password
- Find the Solution for 'find the number'
- Transfer money from one account into another
- Logout user from Website A, by visiting page on Website B
- Crack an encrypted message created by
** Simple cyphers (Letter substitution)
** Algorithm (ie algebra)
** Enigma machine
- Modify web pages content
** adding new logos
** enabling disabled links or buttons
** revealing hidden fields
In the computing industry, Capture the flag are social events that present challenges (like the ones listed above) to teams in a competition where the winner is the team with the most flags. Here is a list of Practice CTF List / Permanant CTF List
We can use vulnerable by design applications like:
code
===1. start with bbc end with ciphertechs===
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://www.google.com'
browser.get(url)
</syntaxhighlight>
{{CASQuestion| open the page http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl }}
{{CASAnswer| make this code change<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
</syntaxhighlight> }}
===2.Open five times (manually)===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
</syntaxhighlight>
}}
===3.Open five times (call the function browser.get five times, each time passing the url argument)===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
browser.get(url)
browser.get(url)
browser.get(url)
browser.get(url)
</syntaxhighlight>
}}
===4.Open five times (with loop))===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
num = 0
while num < 5:
browser.get(url)
</syntaxhighlight>
}}
===5. Open once and enter value in field===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(111)
form = browser.find_element_by_name('F')
form.submit()
</syntaxhighlight>
}}
===6. Open once and enter 5 value in field===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(111)
form = browser.find_element_by_name('F')
form.submit()
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(112)
form = browser.find_element_by_name('F')
form.submit()
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(113)
form = browser.find_element_by_name('F')
form.submit()
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(114)
form = browser.find_element_by_name('F')
form.submit()
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(115)
form = browser.find_element_by_name('F')
form.submit()
</syntaxhighlight>
}}
===7. Open once and enter value using function===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
def try_Number (value):
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(value)
form = browser.find_element_by_name('F')
form.submit()
try_Number(111)
</syntaxhighlight>
}}
===8. Open once and enter 5 values using function===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
def try_Number (value):
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(value)
form = browser.find_element_by_name('F')
form.submit()
try_Number(111)
try_Number(112)
try_Number(113)
try_Number(114)
try_Number(115)
</syntaxhighlight>
}}
===8. Open once and enter 5 values using function and a loop===
{{CASAnswer|
<syntaxhighlight lang=python>
from selenium import webdriver
browser = webdriver.Firefox()
url = 'http://vicnum.ciphertechs.com/cgi-bin/guessnum1.pl'
browser.get(url)
def try_Number (value):
elem = browser.find_element_by_name('userguess') # Find the search box
elem.send_keys(value)
form = browser.find_element_by_name('F')
form.submit()
num = 0
while num < 10:
try_Number("00" + str(num))
num += 1
</syntaxhighlight>
}}
created at https://en.wikibooks.org/wiki/KS3_Computing/Projects_Ideas/Hack_applications/find-solution-for-find-the-number and https://en.wikibooks.org/wiki/KS3_Computing/Projects_Ideas/Hack_applications (see also http://blog.diniscruz.com/2015/05/teach-kids-how-to-code-by-solving-their.html)
text
A very sexy area of computing is the 'hacking' and 'security/application exploitation'. When done in a non malicious way, hacking an application is the best way to learn about programming
Ideas for hacking challenges:
** Simple cyphers (Letter substitution)
** Algorithm (ie algebra)
** Enigma machine
** adding new logos
** enabling disabled links or buttons
** revealing hidden fields
In the computing industry, Capture the flag are social events that present challenges (like the ones listed above) to teams in a competition where the winner is the team with the most flags. Here is a list of Practice CTF List / Permanant CTF List
We can use vulnerable by design applications like:
code