Web Authentication

1. The HTTP protocol is “stateless”, which forces site/app developers to implement their own state-tracking mechanism. What does this have to do with security? How stateful communication is implemented over HTTP?

2. Why must an authenticator-token cookie be tamper-proof and unforgeable?

Web Vulnerabilities

Let us consider the following vulnerabilities?

• CSRF (Cross Site Request Forgery)
• XSS (Cross Site Scripting)
• SQLi (SQL injection)

For each of the, describe:

1. What is the attacker’s goal behind exploiting these vulnerabilities?

2. How would the attacker detect the presence of such a vulnerability in a given web application?

3. How would the attack being setup?

4. What gain can the attacker get if the attack succeeds?