Advance Digital Forensics
Added on 2023-01-23
20 Pages3092 Words89 Views
Advance Digital Forensics
by [student Name]
[Course Name]
Tutor: [Tutor Name]
[Institutional Afflitialiation]
[Department]
10th January 2011
by [student Name]
[Course Name]
Tutor: [Tutor Name]
[Institutional Afflitialiation]
[Department]
10th January 2011
TABLE OF CONTENTS
1 Executive Summary.............................................................................................................................3
1.1 Sensitive Data Exposure...............................................................................................................3
1.1.1 Prevention...........................................................................................................................3
1.2 Broken Authentication.................................................................................................................4
1.2.1 Prevention...........................................................................................................................4
1.3 XSS...............................................................................................................................................4
1.3.1 Prevention...........................................................................................................................4
2 Introduction.........................................................................................................................................5
3 Methodology.......................................................................................................................................5
3.1 Information gathering..................................................................................................................6
3.2 Threat Modelling.........................................................................................................................6
3.3 Vulnerability Analysis...................................................................................................................7
3.4 Exploitation..................................................................................................................................7
3.5 Post Exploitation..........................................................................................................................7
3.6 Reporting.....................................................................................................................................8
4 Detailed Testing Procedure.................................................................................................................8
4.1 XSS...............................................................................................................................................8
4.2 Broken Authentication...............................................................................................................12
4.3 Sensitive Data Exposure.............................................................................................................14
5 Vulnerabilities....................................................................................................................................16
5.1 Sensitive Data Exposure.............................................................................................................17
5.1.1 How It can be Exploited.....................................................................................................17
5.1.2 Recommendations.............................................................................................................17
5.2 Broken Authentication...............................................................................................................17
5.2.1 How it can be exploited.....................................................................................................18
5.2.2 Recommendations.............................................................................................................18
5.3 XSS.............................................................................................................................................18
5.3.1 How it can be exploited.....................................................................................................19
5.3.2 Recommendations.............................................................................................................19
6 Conclusion.........................................................................................................................................19
7 References.........................................................................................................................................20
1 Executive Summary.............................................................................................................................3
1.1 Sensitive Data Exposure...............................................................................................................3
1.1.1 Prevention...........................................................................................................................3
1.2 Broken Authentication.................................................................................................................4
1.2.1 Prevention...........................................................................................................................4
1.3 XSS...............................................................................................................................................4
1.3.1 Prevention...........................................................................................................................4
2 Introduction.........................................................................................................................................5
3 Methodology.......................................................................................................................................5
3.1 Information gathering..................................................................................................................6
3.2 Threat Modelling.........................................................................................................................6
3.3 Vulnerability Analysis...................................................................................................................7
3.4 Exploitation..................................................................................................................................7
3.5 Post Exploitation..........................................................................................................................7
3.6 Reporting.....................................................................................................................................8
4 Detailed Testing Procedure.................................................................................................................8
4.1 XSS...............................................................................................................................................8
4.2 Broken Authentication...............................................................................................................12
4.3 Sensitive Data Exposure.............................................................................................................14
5 Vulnerabilities....................................................................................................................................16
5.1 Sensitive Data Exposure.............................................................................................................17
5.1.1 How It can be Exploited.....................................................................................................17
5.1.2 Recommendations.............................................................................................................17
5.2 Broken Authentication...............................................................................................................17
5.2.1 How it can be exploited.....................................................................................................18
5.2.2 Recommendations.............................................................................................................18
5.3 XSS.............................................................................................................................................18
5.3.1 How it can be exploited.....................................................................................................19
5.3.2 Recommendations.............................................................................................................19
6 Conclusion.........................................................................................................................................19
7 References.........................................................................................................................................20
1 EXECUTIVE SUMMARY
This report target was to conduct a penetration test based on the OWASP three vulnerabilities
listed. The three under test are cross-site scripting, broken authentification, sensitive data
exposure. It was discovered that cross-site scripting enables the attacker to run harmful computer
code on a target without the proper authentification. This is very bad in case of sensitive data
involved. The broken authentication was found to allow user login to a service without the need
to properly identifying themselves and authenticating the same. This poses a key business risk as
users who are not in the system can access the data owned by the company. Finally, the sensitive
data exposure is very bad as it was found a man in the middle could be eavesdropping on the
communication between the client and the server. The test team has enumerated some
recommendation based on each of the categories as shown below
1.1 SENSITIVE DATA EXPOSURE
The is caused by not implementing any cryptographic functions to encrypt or hash data
making them vulnerable to the man in the middle attack who can easily sniff and get access
to the data which are in plain text
1.1.1 Prevention
there is a need for data classification based on the need for the security
avoid the storage of sensitive user information in nonencrypted formats and instead opt
for the HTTPS protocol which provides TLS over the SSL making it difficult to breach.
The web application should avoid the catching of sensitive user information since this
cache can often be used by the attacker to compromise a user identity to the web server
This report target was to conduct a penetration test based on the OWASP three vulnerabilities
listed. The three under test are cross-site scripting, broken authentification, sensitive data
exposure. It was discovered that cross-site scripting enables the attacker to run harmful computer
code on a target without the proper authentification. This is very bad in case of sensitive data
involved. The broken authentication was found to allow user login to a service without the need
to properly identifying themselves and authenticating the same. This poses a key business risk as
users who are not in the system can access the data owned by the company. Finally, the sensitive
data exposure is very bad as it was found a man in the middle could be eavesdropping on the
communication between the client and the server. The test team has enumerated some
recommendation based on each of the categories as shown below
1.1 SENSITIVE DATA EXPOSURE
The is caused by not implementing any cryptographic functions to encrypt or hash data
making them vulnerable to the man in the middle attack who can easily sniff and get access
to the data which are in plain text
1.1.1 Prevention
there is a need for data classification based on the need for the security
avoid the storage of sensitive user information in nonencrypted formats and instead opt
for the HTTPS protocol which provides TLS over the SSL making it difficult to breach.
The web application should avoid the catching of sensitive user information since this
cache can often be used by the attacker to compromise a user identity to the web server
1.2 BROKEN AUTHENTICATION
This is caused by poor session management which make the session data of user not
protected hence could be easily compromised
1.2.1 Prevention
there is need to improve the password length to 8 alphanumeric characters with the
inclusion of special character to cub brute force attack chances of succeeding.
there is a need to enforce account disabling after some number of attempt to log in failed.
The period of account disable should be sufficient to ensure brute force don’t succeed in
gaining the user authentication credentials.
there is a need to have Username/Password enumeration and failures on the
authentication should not tell the user which part has failed but rather be vague as output
invalid username and or password.
1.3 XSS
This happens when a malicious user injects some scripts into the web application input
framework. This scripts can be used to cause harm to the production database
1.3.1 Prevention
the developer must sanitize all their inputs data before it reaches the server. This can be
done by use of escaping mechanism to ensure the browser don’t misinterpret the given
data as code.
This is caused by poor session management which make the session data of user not
protected hence could be easily compromised
1.2.1 Prevention
there is need to improve the password length to 8 alphanumeric characters with the
inclusion of special character to cub brute force attack chances of succeeding.
there is a need to enforce account disabling after some number of attempt to log in failed.
The period of account disable should be sufficient to ensure brute force don’t succeed in
gaining the user authentication credentials.
there is a need to have Username/Password enumeration and failures on the
authentication should not tell the user which part has failed but rather be vague as output
invalid username and or password.
1.3 XSS
This happens when a malicious user injects some scripts into the web application input
framework. This scripts can be used to cause harm to the production database
1.3.1 Prevention
the developer must sanitize all their inputs data before it reaches the server. This can be
done by use of escaping mechanism to ensure the browser don’t misinterpret the given
data as code.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Penetration Testing Penetration Testinglg...
|52
|9148
|85
Cyber Security: Vulnerabilities, Exploitation, and Security Controlslg...
|10
|2384
|453
Analysis of Security Vulnerability of WidgetsInc Virtual Machine Imagelg...
|23
|3636
|97
Incident Response Plan for PeopleSharz: Analysis, Threats, and Recommendationslg...
|14
|3628
|158
Ethical Hacking: Case Study on Virtual Machine with Flags and Techniqueslg...
|21
|2782
|194
Ethical Hacking: Case Study on Virtual Machine with Flags, Web Server, Web Shells, Password Cracker, TCP Port Scanner and Privilege Escalationlg...
|21
|2782
|157