# Задание
#### 1) Which hashing method is better to choose for storing passwords in the database. Why?
- MD5
- AES256
- SHA512
- SHA256 + salt
#### 2) What command should be entered in bash so that the file has the following rights:
-rwxr-x--x
#### 3) Is there a vulnerability in the code, if so, where exactly? Name the type of vulnerability, suggest a remedy
```php
<?php
$id=mysql_real_escape_string($_GET['id']);
$result = mysql_query("select * from news where id=".$id);
while ($row = mysql_fetch_assoc($result)) {
echo $row['id'];
echo $row['title'];
echo $row['date'];
echo $row['description'];
}
?>
```
#### 4) Is there a vulnerability in the code, if so, where exactly? Name the type of vulnerability. Write parameter values to exploit the vulnerability
```php
<?php
$username=$_GET['username'];
$password=$_GET['password'];
$result = mysql_query("select * from users where username='" .$username. "' and password='".$password."'");
$rowno=mysql_num_rows($result);
if ($rowno == 1)
{
echo "Successful login";
}
?>
```
#### 5) Are there vulnerabilities in the code, if so, where exactly? Name the type of vulnerability
```php
<?php
$page=$_GET['page'];
echo "Page number". $page;
include($page);
?>
```
#### 6) Which of the following types of attacks are related to the type of attacks on the server:
- XSS
- CSRF
- HSTS
- XXE
#### 7) There is an HTTP request
```
GET /api/load/myprofile HTTP/1.1
Host: https://mydomain.com
Cookie: PHPSESSID=BiOFBRcFhOWXdaTTZLTDlzcGR6aFE9PSIsI
Origin: https://sub.mydomain.com
```
The response to such a request would be:
```
HTTP/1.1 200 OK
Date: Mon, 11 Jul 2016 11:14:46 GMT
Content-Type: application/html
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: content-type, x-requested-with, authorization
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 61
{
"data": {
"name": "Peter",
"lastName": "Winter<script>alert(1)",
"email": "peter_winter@mymail.com",
"passport": "129457821"
},
"result": "OK"
}
```
What are the errors in the response that lead to client vulnerabilities? How to fix them?
#### 8) Tell about the billion laughs and XXE attacks: what does each one allow you to do? How are they similar?
#### 9) There is an access.log file with logs of requests to the system for one day in the format
HH:MM:SS IP_addr URL resp_status_code
Display the top 10 IP addresses that received the most 403 statuses today with the number of these statuses received.
Write a program to solve the problem. Sample output:
57.23.123.10 200
79.91.33.5 100
...
Sign in with Wallet
Connect another wallet