You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+1-1
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ NOTE: This repo is meant for a demonstration. It does not illustrate good securi
5
5
## Demo Instructions
6
6
7
7
1. Go to the `/admin` URL and change the hashing type to `plaintext`
8
-
- Have people make a new account. Warn them that everyone will be able to see their name and password.
8
+
- Have people make a new account on the main page. Warn them that everyone will be able to see their name and password.
9
9
- Have people go to `/hack` so they can pretend to be a hacker and view the passwords database
10
10
- Explain why it's bad that the attacker can see everyone's passwords
11
11
2. Explain what a hashing algorithm is (use an online SHA-1 calculator as an example). In `/admin`, delete the existing users, then change the hashing type to `sha1`.
0 commit comments