Penetration Testing Report

Full Name: Rajesh Kumar

Program: HCPT
Date: 21/2/2024

Introduction
This report document hereby describes the proceedings and results of a Black Box security
assessment conducted against the Week 01 Labs. The report lists the findings and
corresponding best practice mitigation actions and recommendations.

1. Objective
The objective of the assessment was to uncover vulnerabilities in the Week 1 Labs and
provide a final security assessment report comprising vulnerabilities, remediation strategy
and recommendation guidelines to help mitigate the identified vulnerabilities and risks during
the activity.

2. Scope
This section defines the scope and boundaries of the project.

Application HTML Injection, Clickjacking

Name

3. Summary
Outlined is a Black Box Application Security assessment for the Week 1 Labs.

Total number of Sub-labs: 8 Sub-labs

High Medium Low

1 3 4

High - Number of Sub-labs with hard difficulty level

Medium - Number of Sub-labs with Medium difficulty level

Low - Number of Sub-labs with Easy difficulty level

1. HTML Injection
1.1. HTML’S are Easy.
Reference Risk Rating
HTML’S are Easy Low
Tools Used
Manual Analysis
Vulnerability Description
HTML Injection Vulnerabiltiy
How It Was Discovered
Manual Analysis
Vulnerable URLs
https://labs.hacktify.in/HTML/html_lab/lab_1/html_injection_1.php
Consequences of not Fixing the Issue
Potential for unauthorized access, data manipulation, and site defacement.
Suggested Countermeasures
-Avoid using special characters or code when typing text into website fields.
-Double-check the text you enter to make sure it appears as expected on the website.
-If you notice anything unusual, inform someone responsible for the website's security, such as a
teacher or administrator.
References
https://owasp.org/www-project-web-security-testing-guide/latest/4-
Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection

Proof of Concept
1.2. Let Me Store Them
Reference Risk Rating
Let Me Store Them Low
Tools Used
Manual Analysis
Vulnerability Description
HTML Stored Injection
How It Was Discovered
Manual Analysis
Vulnerable URLs
https://labs.hacktify.in/HTML/html_lab/lab_2/register.php
Consequences of not Fixing the Issue
Risk of malicious code being permanently stored on the website
Suggested Countermeasures
Avoid entering any HTML code into text fields or input areas on the website.
References
OWASP HTML Injection Prevention
PortSwigger - HTML Injection

Proof of Concept
1.3. File Names are also Vulnerable.
Reference Risk Rating
File Names are also vulnerable Low
Tools Used
Burp suite
Vulnerability Description
HTML Injection in files
How It Was Discovered
Manual Analysis with Burp Suite
Vulnerable URLs
URLs of the vulnerable pages in the lab
Consequences of Not Fixing the Issue
Risk of displaying unintended HTML content to users, potentially leading to confusion or manipulation
of file names.
Suggested Countermeasures
Validate and sanitize file names before displaying them on the web page
References
OWASP HTML Injection Prevention
PortSwigger - HTML Injection

Proof of Concept
1.4. File Names Content and HTML Injection A Perfect Pair!
Reference Risk Rating
File Content and HTML Injection a Perfect Pair Medium
Tools Used
Manual Analysis
Vulnerability Description
HTML Injection in file content
How It Was Discovered
Manual Analysis with HTML file
Vulnerable URLs
https://labs.hacktify.in/HTML/html_lab/lab_4/html_injection_4.php
Consequences of Not Fixing the Issue
Risk of executing unintended HTML content uploaded via file content.
Suggested Countermeasures
Implement strict validation of uploaded file content to prevent execution of HTML code.
References
OWASP Cross-Site Scripting (XSS) Prevention Cheat Sheet
PortSwigger - Cross-Site Scripting (XSS)

Proof of Concept
1.5. Injecting HTML Using URL
Reference Risk Rating
HTML Injection using URL Medium
Tools Used
Manual Analysis
Vulnerability Description
HTML injection via URL
How It Was Discovered
Manual Analysis
Vulnerable URLs
[https://labs.hacktify.in/HTML/html_lab/lab_5/html_injection_5.php?id=<h1> Injecting HTML Using
URL</h1><br><h1>Solved</h1>]
Consequences of Not Fixing the Issue
Risk of allowing malicious HTML code to be injected into the webpage via the URL parameter.
Suggested Countermeasures
Validate and sanitize user inputs, especially those coming from URL parameters, to prevent the
execution of injected HTML code.
References
OWASP HTML Injection Prevention
PortSwigger - HTML Injection

Proof of Concept
1.6. Encode it.
Reference Risk Rating
Encode it Hard
Tools Used
Manual Analysis
Vulnerability Description
HTML injection via encoded URL
How It Was Discovered
Manual Analysis
Vulnerable URLs
https://labs.hacktify.in/HTML/html_lab/lab_6/html_injection_6.php
Consequences of Not Fixing the Issue
Risk of executing unintended HTML content injected via encoded URL parameters.
Suggested Countermeasures
Implement input validation to filter out encoded HTML content from URL parameters.
References
OWASP HTML Injection Prevention
PortSwigger - HTML Injection

Proof of Concept
2. Clickjacking
2.1. Let’s Hijack
Reference Risk Rating
Let’s Hijack Low
Tools Used
Tools that you have used to find the vulnerability.
Vulnerability Description
Clickjacking Vulnerability
How It Was Discovered
Automated Tools / Manual Analysis
Vulnerable URLs
https://labs.hacktify.in/HTML/clickjacking_lab/lab_1/testclickjacking.php
Consequences of not Fixing the Issue
Risk of users being tricked into clicking on elements unknowingly.
Suggested Countermeasures
- Implement X-Frame-Options HTTP header to prevent the website from being embedded within frames.
References
URLs to the sources used to know more about this vulnerability

Proof of Concept
2.2. Re-Hijack!
Reference Risk Rating
Re-Hijack Medium
Tools Used
Manual Analysis
Vulnerability Description
Clickjacking Re-hijacking vulnerability
How It Was Discovered
Manual Analysis
Vulnerable URLs
https://labs.hacktify.in/HTML/clickjacking_lab/lab_2/testclickjacking.php
Consequences of not Fixing the Issue
Risk of users being tricked into submitting sensitive information, such as usernames and passwords, to
an attacker-controlled form, leading to unauthorized access to user accounts and potential data
breaches.
Suggested Countermeasures
Implement X-Frame-Options HTTP header with the "deny" directive to prevent the website from being
embedded within frames.
References
OWASP Clickjacking Defense Cheat Sheet
OWASP Top Ten

Proof of Concept