Description
-
Please finish the lab according to the attached file , then submit the report of lab 4 based on the lab report template.
-
Please submit your source code in zip file. (4.3.zip)
-
Try to capture session cookie of pms.sustc.edu.cn (yours or your classmates’)
-
Manipulate your cookie of pms.sustc.edu.cn to hijack this session. (Chrome Extension: edit this cookie)
-
Or you can replay the HTTP request using curl. (https://github.com/jullrich/pcap2curl)
-
Write your report:
– How did you capture the cookie? What’s the content of the cookie?
– How did you set your cookie into target values? Show the edit page
– Did you success hijack the session? Describe how did you do it
-
Capture DNS query sent from your computer
– Using capture filter udp port 53
– Using display filter (any domain filter is ok)
-
-
Write your report:
-
– How did you trigger the DNS query ?
– Where did the query send? (IP)
– What did the query said?
– Does the server support recursive query?
– What did the response said?
Enhanced File Browser (Class A Only)
-
Based on Assignment 3.3, implement following features:
– Range Header support
-
-
-
With this feature implemented, user can pause and resume download file from the server.
-
-
– Session Cookie support:
-
-
-
Remember last folder user visited, response with 302 Found if user access root directory.
-
-
Example:
Request: GET http://localhost:8080
Response: 302 Found, Location: http://localhost:8080/lastdir
Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Location
