Alice needs to authenticate to the web service using port 380 on the host hw2.csec380.fun. In...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
Alice needs to authenticate to the web service using port 380 on the host hw2.csec380.fun. In this assignment, you will write several python scripts that will allow Alice to authenticate to a remote web server using only sockets and strings without many libraries that were usable in previous assignments. Alice's username will always be alice and Alice's password will always be SecretPassword123!. Each step of the assignment will get progressively more challenging. You must submit a different Python script for each step. Each python script must print the last HTTP response your script received in its entirety. With the exception of Step 1 and Step 2, each step is complete when you receive a 200 HTTP response containing the message "Welcome Alice!". Pay close attention to the HTTP responses you receive. The web server has been build to provide error messages - which can sometimes be a little silly - that inform you of common mistakes. All attempts to log in must be automated. Step 7-The Keymaster Difficulty - Tier-3 Points: 10 Endpoint:/jsonLogin, /jsonSecure Page CSEC 380, ASSIGNMENT #2: A MILLION WAYS TO AUTH ON THE WEB DUE: 09/15/2022 @ 8:00 PM Alice, having signed up for the company's development program, has found out the company is trying to get with the times and set up a new-fangled API to allow the users that want to automate their access to do so without using other endpoints. If you make a POST request to the /jsonLogin endpoint with the same parameters as the last two steps - username and password - you will be issued an API token contained inside a JSON response. That API token can then be provided as the value for the POST variable apikey to access the /jsonSecurePage endpoint without needing to provide other usernames or passwords. "In the real world", you would be able to use the API key without providing any other pieces of information. However, due to implementation limitations on the assignment, you must include the session cookie set by /jsonLogin as you have in steps 4-6. This is used as an anti-cheating to ensure that api tokens are not reused. Note that the API key should only be used once. Alice needs to authenticate to the web service using port 380 on the host hw2.csec380.fun. In this assignment, you will write several python scripts that will allow Alice to authenticate to a remote web server using only sockets and strings without many libraries that were usable in previous assignments. Alice's username will always be alice and Alice's password will always be SecretPassword123!. Each step of the assignment will get progressively more challenging. You must submit a different Python script for each step. Each python script must print the last HTTP response your script received in its entirety. With the exception of Step 1 and Step 2, each step is complete when you receive a 200 HTTP response containing the message "Welcome Alice!". Pay close attention to the HTTP responses you receive. The web server has been build to provide error messages - which can sometimes be a little silly - that inform you of common mistakes. All attempts to log in must be automated. Step 7-The Keymaster Difficulty - Tier-3 Points: 10 Endpoint:/jsonLogin, /jsonSecure Page CSEC 380, ASSIGNMENT #2: A MILLION WAYS TO AUTH ON THE WEB DUE: 09/15/2022 @ 8:00 PM Alice, having signed up for the company's development program, has found out the company is trying to get with the times and set up a new-fangled API to allow the users that want to automate their access to do so without using other endpoints. If you make a POST request to the /jsonLogin endpoint with the same parameters as the last two steps - username and password - you will be issued an API token contained inside a JSON response. That API token can then be provided as the value for the POST variable apikey to access the /jsonSecurePage endpoint without needing to provide other usernames or passwords. "In the real world", you would be able to use the API key without providing any other pieces of information. However, due to implementation limitations on the assignment, you must include the session cookie set by /jsonLogin as you have in steps 4-6. This is used as an anti-cheating to ensure that api tokens are not reused. Note that the API key should only be used once.
Expert Answer:
Answer rating: 100% (QA)
Here is the Python script for Step 7 PYTHON import requests url httpshw2csec380fun380jsonLogin data ... View the full answer
Related Book For
Introduction to Management Science A Modeling and Cases Studies Approach with Spreadsheets
ISBN: 978-0078024061
5th edition
Authors: Frederick S. Hillier, Mark S. Hillier
Posted Date:
Students also viewed these programming questions
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Demand function for a firm is given as P-100e, if the firm's average cost (AC) is AC 5+50, determine the firm's maximum profit. (5marks).
-
Mr Ha is interested in setting up a coffee shop in Canberra, Australia. After consulting with his brother who owns a caf in other town of the territory, he has decided to commence the business in...
-
BT is considering investing in government bonds. The current price of a P100 bond with 10 years to maturity is P88. The bonds have a coupon rate of 6% and repay face value of P100 at the end of the...
-
2-Chloro-2-mcthylpropane reacts with water in three steps to yield 2-methyl- 2-propanol. The first step is slower than the second, which in turn is much slower than the third. The reaction takes...
-
If A is a symmetric n n matrix with triangular factorization LU, then A can be factored further into a product LDLT (where D is diagonal). Devise an algorithm, similar to Algorithm 7.2.2, for...
-
A \(27-\mathrm{kg}\) child stands in the center of a trampoline. (a) If the trampoline center is \(0.32 \mathrm{~m}\) lower than before they got on, what is the spring constant of the trampoline? (b)...
-
Income Effects of Receivables Transactions Sandburg Company requires additional cash for its business. Sandburg has decided to use its accounts receivable to raise the additional cash and has asked...
-
Write the SOP Boolean expressions for the 7 outputs. [ 3 . 5 marks ]
-
On January 1, 2024, DC Ltd. issued bonds with a maturity value of $8 million when the market rate of interest was 4%. The bonds have a coupon (contractual) interest rate of 5% and mature on January...
-
Below is the balance sheet of Tom Ltd. Required: construct the Retained Earnings account to calculate the dividend amount. Any additional information are given as a notes below. B ea c h Ltd S...
-
True Or False Maintaining client records is a frivolous expenditure of valuable time.
-
How does interference with prospective contractual relations differ from the tort of interference with existing contractual relations?
-
In an effort to reduce the number of malpractice cases, some legislatures have modified a. the informed-consent doctrine. b. statute of limitations and evidentiary rules. c. rules regarding burden of...
-
True Or False A plaintiff who is suing for malpractice will be successful if they can prove that the defendant professional was negligent even if they cannot prove that this negligence was the...
-
Under what circumstances is someone liable for abuse of process?
-
The half-life of Sr-90 is 29 years. What fraction of the atoms in a sample would remain after 100 years? How would you compute this?
-
On July 1, 2011, Flashlight Corporation sold equipment it had recently purchased to an unaffiliated company for $480,000. The equipment had a book value on Flashlights books of $390,000 and a...
-
Aberdeen Computer Corp. (ACC) is located in Aberdeen, Washington. The company has developed the Web-Surfer, a low-cost e-mail and Web-surfing appliance. This product is manufactured at four plants,...
-
A major banking institution, Best Bank, plans to open a new branch office in Little-town. Preliminary estimates suggest that two tellers (and teller windows) should be provided, but this decision now...
-
Reconsider Problem 6.5. Suppose now that, for administrative convenience, management has decided that all 130 units per month needed at the distribution center in Los Angeles must come from the...
-
List five types of cancer in which ncRNAs can be involved.
-
What is the role of the Vpr protein during the process of HIV DNA integration?
-
What does a suppressor mutation suppress? What is the difference between an intragenic and an intergenic suppressor?
Study smarter with the SolutionInn App