With this text , we list a number of the common web application attacks, impacts, and possible mitigation. partially -1 we are covering the subsequent attacks.
- Local File Inclusion
- Malicious File Upload
- Clear Text Traffic
- Http parameter pollution attack
- Link Injection
- Session ID without session attribute
- Auto-Complete Attribute Not Set to Off
Local File Inclusion
Local File Inclusion is that the process of including files on a server through the online browser. This vulnerability occurs when a page include isn't properly sanitized and allows directory traversal characters to be injected.
Impact
An attacker can gain access to the server and launch further attacks to compromise the service.
Mitigation
It is recommended to filter metacharacters from user input. make sure that the newest version of the webserver is installed and every one patches are applied.
Malicious File Upload
when the appliance has options to upload files. the appliance allows executable files also to be uploaded. this is able to allow an adversary to upload a malicious file to the online server and plan to execute it.
Impact
An attacker could also be ready to upload malicious files like Trojans or files with a malicious server-side script, potentially resulting in server compromise
Mitigation
It is recommended implementing server side validation routine which performs filtering based on:
a) File extensions, b) Content-Types, c) Magic Numbers, d) File Size
The application should validate the sort of the file that's uploaded by the user before accepting and parsing the file. more, all files uploaded should be scanned by anti-virus software updated with the newest signatures and to get rid of execute permissions on your file upload directory
a) File extensions, b) Content-Types, c) Magic Numbers, d) File Size
The application should validate the sort of the file that's uploaded by the user before accepting and parsing the file. more, all files uploaded should be scanned by anti-virus software updated with the newest signatures and to get rid of execute permissions on your file upload directory
Clear Text Traffic
when entire traffic is served over HTTP. a person within the middle can obtain tons of sensitive information by sniffing this cleartext traffic.
Impact
An attacker who is in a position to smell network traffic may obtain sensitive information.
Mitigation
It is recommended to implement TLS1.1, TLS 1.2 encryption
Http Parameter Pollution Attack
HTTP Parameter Pollution pollutes the HTTP parameters of an internet application so as to perform or achieve a selected malicious task/attack different from the intended behavior of the online application.
This attack are often realized is because the input isn't sanitized. HPP injects encoded query string delimiters in existing or other HTTP parameters (i.e. GET/POST/Cookie), which make it feasible to supersede parameter values that exist already to inject a replacement parameter or exploit variables from direct access.
This attack are often realized is because the input isn't sanitized. HPP injects encoded query string delimiters in existing or other HTTP parameters (i.e. GET/POST/Cookie), which make it feasible to supersede parameter values that exist already to inject a replacement parameter or exploit variables from direct access.
Impact
Supersede existing hardcoded HTTP parameters.
Alter or modify the intended/normal application behavior.
Access and potentially exploit variables that aren't been controlled properly.
Bypass WAF’s rules or input validation mechanisms.
Alter or modify the intended/normal application behavior.
Access and potentially exploit variables that aren't been controlled properly.
Bypass WAF’s rules or input validation mechanisms.
Mitigation
proper input validation should be performed
Link Injection
when Application accepts a user-controlled input that specifies a link to an external site, and uses that link during a Redirect.
Impact
The user could also be redirected to an un-trusted page that contains malware which can then compromise the user’s machine or for phishing attacks. URL redirection also facilitates CSRF(Cross-Site Request Forgery)
Mitigation
It’s recommended to disable redirection to external sites supported parameter values and implement input validation for critical parameters.
Session ID without session attribute
session attributes like “HTTPOnly”, “Secure” & “Domain” name aren't set with Session IDs.
Impact
The “HTTPOnly” attribute confirm that the cookies are often accessed via HTTP methods only. Without this attribute, other entities (mainly java code) are often wont to access the cookies.
This increases the threat posed by XSS attacks because the cookies are often stolen using them. However, if this attribute is applied, java scripts cannot access the session cookies.
Without “Secure” attribute the appliance can transfer the cookie over unencrypted channel
Without “Domain” attribute the cookie are often employed by other domains and facilitate cross-site request forgery.
This increases the threat posed by XSS attacks because the cookies are often stolen using them. However, if this attribute is applied, java scripts cannot access the session cookies.
Without “Secure” attribute the appliance can transfer the cookie over unencrypted channel
Without “Domain” attribute the cookie are often employed by other domains and facilitate cross-site request forgery.
Mitigation
It’s recommended to line the session attributes like HTTPOnly, Secure and name with Session ID.
Auto-Complete Attribute Not Set to Off
The value of the “AutoComplete” attribute isn't set to “off”. this enables browsers to store information entered by the user within the cache memory.
Impact
An attacker may use this flaw to recover the entered “username” and “password” from the browser cache.
Mitigation
The attribute “autocomplete” should be added to the ASCII text file for all the input fields accepting sensitive information
and therefore the value of this attribute should be set to “off”.
Comments
Post a Comment