[Owasp-Malaysia] Jalrsberg

Muhammad Najmi Ahmad Zabidi najmi.zabidi at gmail.com
Wed May 5 21:41:14 EDT 2010


Hello,

http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2010/05/04/businessinsider-google-releases-vulnerable-bug-ridden-microblogging-app-to-show-coders-what-not-to-do-2010-5.DTL
http://jarlsberg.appspot.com/


"Jarlsberg /yärlz'·bərg/, a small, cheesy web application that allows
its users to publish snippets of text and store assorted files.
"Unfortunately," Jarlsberg has multiple security bugs ranging from
cross-site scripting and cross-site request forgery, to information
disclosure, denial of service, and remote code execution. The goal of
this codelab is to guide you through discovering some of these bugs
and learning ways to fix them both in Jarlsberg and in general.

The codelab is organized by types of vulnerabilities. In each section,
you'll find a brief description of a vulnerability and a task to find
an instance of that vulnerability in Jarlsberg. Your job is to play
the role of a malicious hacker and find and exploit the security bugs.
In this codelab, you'll use both black-box hacking and white-box
hacking"


More information about the Owasp-Malaysia mailing list