Sometimes, to identify security flaws in our applications,
we don’t need a tool. By repeating a simple test multiple times, we can easily find the
security flaws in our application. Following are a few ways to find security
flaws by the mantra:
Session ID Sequence
Generally, a Session ID will be created once after the user
logs in to a website and used to maintain session or state for that particular
user interacting with website.
A few web servers generate these session Ids just by
incrementing a static number instead of using a complex method or algorithm which
generates random session Ids. These kind of security issues can be found easily
by testing a scenario repeatedly.
When a test is executed for the first time, note down the
session id parameter value. Repeat the steps for 10 times. If you observe that
the session ID is being increased by a static number or some predicted
randomness, then it’s easy to crack and your web application is at risk.
Captcha sequence
Captcha, an image with different alphanumeric characters is
used to differentiate human and robots while logging in to the websites.
It is really easy to notice the pattern of the captcha if we
repeat the test. If we note down the captcha each time the test is executed, it’s
easy to find if captcha’s follows a particular pattern or algorithm. Check and
see if you can predict a patters between words. Another way – Repeat your test
for 100 times. One predicted randomness is to have 100 captchas and then rotate
them randomly. Definitely crackable, right?
Number of login attempts
Write a test to login with wrong credentials. Repeat the
test. After a particular login attempts, if the application login is still
active, then it’s a major security flaw and can be broken by brute force
attacks. If there are different login attempts, the web application should
block authentication for a few hours and then block completely after a specific
number of attempts.
Security issues can be easily found by following the mantra
– Repeat the tests and try to find a pattern. Isn’t this the way hacking works?
Image references:
http://tr1.cbsistatic.com/hub/i/2013/08/05/1b80a46a-99ff-4c01-a4a8-36c5e6be326a/Kill%20Captcha.png
Image references:
http://tr1.cbsistatic.com/hub/i/2013/08/05/1b80a46a-99ff-4c01-a4a8-36c5e6be326a/Kill%20Captcha.png
No comments:
Post a Comment