Django

Discuss the many weaknesses of browser security and ways to mitigate the threat

Django

Post by masterflex on Thu Feb 03, 2011 10:39 am
([msg=53140]see Django[/msg])

Hi all,
This year I'm taking a computer class in Network Security and was given an assignment to manipulate a form. (obviously, this is something simple but it was the first lab of the semester)

Anyway, we can get oodles of extra credit if we can get to the admin shell through his website.. So currently, his form /server are hosted on a university server. However, his server is relatively weak with security, it even has some traceback errors because of a python scripting error. From this, I now know he is running a django config.. I'm sure he probably has it on mostly defaults.. so anyway, I did some research and found out that django has a default admin interface path, but I'm not sure where it is... it seems like the webserver is hosting only one website and a simple form...

I've tried some paths but it gets me nowhere, most times I just get the traceback of the python template error.

Any ideas??

-- Thu Feb 03, 2011 10:43 am --

masterflex wrote:Hi all,
This year I'm taking a computer class in Network Security and was given an assignment to manipulate a form. (obviously, this is something simple but it was the first lab of the semester)

Anyway, we can get oodles of extra credit if we can get to the admin shell through his website.. So currently, his form /server are hosted on a university server. However, his server is relatively weak with security, it even has some traceback errors because of a python scripting error. From this, I now know he is running a django config.. I'm sure he probably has it on mostly defaults.. so anyway, I did some research and found out that django has a default admin interface path, but I'm not sure where it is... it seems like the webserver is hosting only one website and a simple form...

I've tried some paths but it gets me nowhere, most times I just get the traceback of the python template error.

Any ideas??



Btw, I already checked the website source, I even downloaded Htttrack and tried seeing if there was anything I was missing.. nothing really returned of any value besides the USR of the linux box the server is running on.. I tried adding this to the path and it still just returns the traceback error
masterflex
New User
New User
 
Posts: 1
Joined: Thu Feb 03, 2011 10:31 am
Blog: View Blog (0)


Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests