The client has made the following changes to the job.
Client prefers freelancers from:
You are still able to submit a proposal for this job.
The client prefers freelancers from
a different location.
I have a website deployed on a few machines and VPS,
Generally, it contains a front-end on one machine,
I backend accessed on another machine, which is actrually a proxy, and another machine where the actual backend code resides and the DB on a seperate VPS.
I need to test the following:
If the system can be hacked with XSS and Code/SQL injections,
If the system is protected for brute-forcing
If admin privilages can "leak" between different admin types (IE, if a sub-admin user can get system admin priviliages somehow)
If the system can be hacked with session hijacking
If you can somehow find the real backend server (normal users will access the proxy)
If the DB is well protected.
I don't want the tests to take more than 2-3 days all in all.
Further details will be given to the chosen provider.
Deliverable: a PDF report on all attempts carried out, their results, screenshots if any volnurability is found and a suggestion how to fix it.
Sign in or Register to see more