Security Diaries All About Security
Related Articles
When you look in the requirements of any information security analyst OWASP top ten will be there for sure.
Firm knowledge on OWASP top 10
OWASP stands for Open Web Application Security Project. This is a non-profit organization with the mission to make web securely visible. Web is made to be available not secure so it’s our responsibility to make it secure. OWASP top 10 represents a most critical web application vulnerability where web applications are susceptible to attacks.
In this article you will understand what those top 10 areas are and what do that vulnerabilities do
Here are the OWASP top 10 vulnerability
A1 – injection
A2 – Broken authentication and session Management
A3 – Cross-site scripting (XSS)
A4 – Broken Access Control (NEW)
A5 – Security Misconfiguration
A6 – Sensitive data exposure
A7 – Insufficient Attack Protection (NEW)
A8 – Cross-site request Forgery (CSRF)
A9 – Using Components with Known Vulnerabilities
A10 – Under protected APIs (NEW)
A1 – Injection
Injection vulnerability allows any user or hacker to insert code into any form or URL which helps to interact directly with the server without any authorization.
Effects
Effect of this vulnerability is unlimited possibilities. When hacker has direct contact with the server then what’s not he left with.
What does OWASP do?
- Tests for SQL injection
- Tests for LDAP injection
- Tests for ORM injection
- Tests for XML injection
- Tests for SSL injection
- Tests for Xpath Injection
- Tests for IMAP/SMTP Injection
- Tests for Code Injection
- Tests for Command Injection
- Tests for Buffer Overflow
These are the areas in which alone injection vulnerability is carried out.
A2 – Broken Authentication & Session Management
This vulnerability happens when web application can’t able to authorize as it meant to be. Weak authorization allows hacker to gain administrative rights using user role.
Effects
Many more possibilities but either way hacker will have complete rights to execute any command like deleting data, creating new users, install scripts and many more.
What does OWASP do?
- Test role definitions
- Test user registration process
- Test account provisioning process
- Test for account enumeration and guessable user account
- Test for weak or unenforced username policy
- Test for credentials transported over an encrypted channel
- Test for default credentials
- Test for weak lock out mechanism
- Test for bypassing authentication schema
- Test for vulnerable remember password
- Test for browser cache weakness
- Test for weak password policy
- Test for weak security question and answer
- Test for weak password change or reset functionality
- Test for weaker authentication in alternative channel
- Test for bypassing authorization schema
- Test for privilege escalation
- Test for session management
- Test for cookie attributes
- Test for session fixation
- Test for exposed session variables
- Test for logout functionality
- Test for session timeout
- Test for session puzzling
A3 – Cross-site Scripting(XSS)
Attacker can insert any malicious code into any webpage and it will help him to hijack sessions of browser which can lead to initiate man in the middle attack(MITM)
Effects
Hackers can deface websites, inject malware and effect users from malware, can spread ransomware to make money, can hijack user accounts, can get debit or credit card details while sending them to wrong page.
What does OWASP do?
- Test for reflected cross site scripting
- Test for stored crosses site scripting
- Test for DOM-based cross site scripting
- Test for javascript execution
- Test for HTML injection
- Test for cross site flashing
- XSS filter evasion cheat sheet
A4 – Broken Access Control
This vulnerability gives privileged access to non-privileged user i.e administrative or root access to normal user. Usually in URL userID number will be displayed if we change that number that will lead to view another user account who belongs to that number.
Effects
Hacker will have access to core and confidential files, ghost account creation and admin account hijacking
What does OWASP do?
- Test directory traversal/file include
- Test for insecure direct object references
- Test for local file inclusion
- Test for remote file inclusion
- Test for bypassing authorization schema
- Test for bypassing authentication schema
A5 – Security misconfiguration
This vulnerability deals with weak default passwords and configuration errors. Usually when setting up any tool or software many people use default configuration which is dangerous.
Effects
Unlimited possibilities again. Loss of data, data theft, crashing system and many more
What does OWASP do?
- Fingerprint web server
- Fingerprint web application framework
- Fingerprint web application
- Test network/infrastructure configuration
- Test application platform configuration
- Test file extensions handling for sensitive information
- Review old, backup and unreferenced files for sensitive information
- Enumerate infrastructure and application admin interfaces
- Test HTTP methods
- Test RIA cross domain policy
- Test for Error code
- Test for stack traces
A6 – Sensitive data exposure
When any security breach happened, hackers may have access to files and data. If you have something like that keep it encrypted and while deleting shred the files.
Effects
Loss of data, passwords, payment card details, addresses, bank statements and many more
What OWASP does?
- Test for weak SSL/TLS ciphers, insufficient transport layer protection
- Test for padding oracle
- Test for sensitive information sent via unencrypted channel
- Test HTTP Strict Transport Security
- Test for credentials transported over an encrypted channel
A7 – Insufficient Attack Protection
This is new in OWASP. This deals with application capability to detect automated and manual attacks. If detected can it handle patching itself and if patched how much time it will take. Sanitizing data and many more.
Effects
Injection, DoS, DDoS and XSS exploitations can be done using bots. Application should have capability to understand what bot is and what is manual attack.
What does OWASP do?
OWASP does nothing about this because it’s the way your web application needs to be functioned. You must build application in a way it should atleast protect from small common attacks. Even though application can’t do that. Installing firewalls and configuring them perfectly will get the work done.
A8 – Cross-site Request Forgery(CSRF)
This vulnerability helps to hijack sessions and send requests from external sessions.
Effects
CSRF vulnerability can compromise complete web application. Wire money, executing rogue commands in a web application. Fraud purchases and many more.
What does OWASP do?
Include CSRF token in all input forms.
A9 – Using Components with known vulnerabilities
There are some modules, frameworks and mechanisms like WEP which are completely broken and vulnerable. Using those components comes under this vulnerability.
Effects
Complete web application can be compromised. XSS, injections and many more.
What can OWASP do?
OWASP won’t do anything. It’s your wish stop using old tools and build with best modules and sleep peacefully.
A10 – Under protected APIs
Most of the web applications are built with JavaScript and APIs are everywhere these days. Hackers can reverse engineer APIs and can observe API communication to find vulnerabilities and sensitive data.
Effects
Loss of information, sending phishing emails, delete data and many more.
What does OWASP do?
OWASP does nothing it’s your application stop asking OWASP for help. start pentesting your API and secure it.
Write good code and sleep peacefully. Never use old versions it’s a sin that cannot be forgiven.
Web is made to be available not to be secure.
