Nous avons couvert une introduction aux applications Web et à la manière dont elles sont accessibles. Nous avons également couvert les types de vulnérabilités de sécurité des applications Web, notamment le top 10 de l'OWASP. Le top 10 de l'OWASP représente les vulnérabilités des applications Web les plus courantes pouvant être trouvées et détectées dans les applications Web. Enfin, nous avons démontré un scénario pratique de vulnérabilité IDOR ou de référence d'objet direct non sécurisée classée comme une vulnérabilité de contrôle d'accès rompue selon le top 10 de l'OWASP. TryHackMe Introduction à la sécurité des applications Web chambre.

Obtenez les notes de l'équipe bleue

There are a few main categories of common attacks against web applications. Consider the following steps and related attacks.

  • Log in at the website: The attacker can try to discover the password by trying many words. The attacker would use a long list of passwords with an automated tool to test them against the login page.
  • Search for the product: The attacker can attempt to breach the system by adding specific characters and codes to the search term. The attacker’s objective is for the target system to return data it should not or execute a program it should not.
  • Provide payment details: The attacker would check if the payment details are sent in cleartext or using weak encryption. Encryption refers to making the data unreadable without knowing the secret key or password.

Contrôle d'accès cassé

Access control ensures that each user can only access files (documents, images, etc.) related to their role or work. For example, you don’t want someone in the marketing department to access (read) the finance department’s documents. Example vulnerabilities related to access control include:

  • Failing to apply the principle of the least privilege and giving users more access permissions than they need. For example, an online customer should be able to view the prices of the items, but they should not be able to change them.
  • Being able to view or modify someone else’s account by using its unique identifier. For example, you don’t want one bank client to be able to view the transactions of another client.
  • Being able to browse pages that require authentication (logging in) as an unauthenticated user. For example, we cannot let anyone view the webmail before logging in.

Injection

An injection attack refers to a vulnerability in the web application where the user can insert malicious code as part of their input. One cause of this vulnerability is the lack of proper validation and sanitization of the user’s input.

Identification and Authentication Failure

Identification refers to the ability to identify a user uniquely. In contrast, authentication refers to the ability to prove that the user is whom they claim to be. The online shop must confirm the user’s identity and authenticate them before they can use the system. However, this step is prone to different types of weaknesses. Example weaknesses include:

  • Allowing the attacker to use brute force, i.e., try many passwords, usually using automated tools, to find valid login credentials.
  • Allowing the user to choose a weak password. A weak password is usually easy to guess.
  • Storing the users’ passwords in plain text. If the attacker manages to read the file containing the passwords, we don’t want them to be able to learn the stored password.

Réponses de la salle

You discovered that the login page allows an unlimited number of login attempts without trying to slow down the user or lock the account. What is the category of this security risk?

You noticed that the username and password are sent in cleartext without encryption. What is the category of this security risk?

Check the other users to discover which user account was used to make the malicious changes and revert them. After reverting the changes, what is the flag that you have received?

Vidéo pas à pas

A propos de l'Auteur

Je crée des notes de cybersécurité, des notes de marketing numérique et des cours en ligne. Je fournis également des conseils en marketing numérique, y compris, mais sans s'y limiter, le référencement, les publicités Google et Meta et l'administration CRM.

Voir les Articles