17 lines
728 B
Plaintext
17 lines
728 B
Plaintext
== Relying on Obscurity
|
|
|
|
One could rely on HTML, CSS or javascript to hide links that users don't normally access.
|
|
In the past there has been a case where a network router tried to protect (hide) admin functionality with javascript in the UI: https://www.wired.com/2009/10/routers-still-vulnerable.
|
|
|
|
=== Finding Hidden Items
|
|
|
|
There are usually hints to finding functionality the UI does not openly expose in ...
|
|
|
|
* HTML or javascript comments
|
|
* Commented out elements
|
|
* Items hidden via CSS controls/classes
|
|
|
|
=== Your Mission
|
|
|
|
Find two invisible menu items in the menu below that are, or would be, of interest to an attacker/malicious user and submit the labels for those menu items (there are no links right now in the menus).
|