Francisco Javier Espinosa Pineda Task 1: Description and Analysis of the Collection Data Scripts This is the report for the analysis of requested demo site with URL: http://fh-demo-site.groupib.com/, in order to make an identification of scripts that are meant to collect user data and be sent to a remote server through GET/POST methods, following are the descriptions of the scripts that are in charge of doing this tasks: 1.- Identification of the script The script in charge of collecting the user data is the sb.js which initially only gets the next parameters identified through the object navigator which basically gets only the data of the browser used to visit the website through the UserAgent property, as seen in the next visualization of the console debbuger: 2.- Identification of the method to pass the parameters collected It can be seen in the console that all are XMLHttpRequests that the sb.js script passes the parameters through a POST request: The parameters passed are the next ones, including the “User-Agent” parameter which contains the data collected from the user: 3 & 4.- identification of the server and the state of the script As per the previously analysis performed, we can see that all parameters are sent to the sbbe.group-ib.ru server and it looks like the script doesn’t change as time passes, it only keeps sending the same information repeatedly.
![Backtrack 5 Metasploit Penetration Testing Cookbook [Ingles, 269]](http://s2.studylib.es/store/data/009383697_1-e84a6812a31a4b00e479db75b79a8151-300x300.png)
