Quality is delighting customers
<urgent>Security Testing Documents
Replies to This Discussion
-
Permalink Reply by Sufala Pendurkar on -
Here are few top security vulnerabilities discussed in this :
Improper input validation
Improper escaping of output or encoding
SQL injection
Cross-site scripting
Race conditions
Information leak in error messages
Error while transmitting sensitive information
Memory leak
External control of critical data and file paths
Improper initialization
Improper authorization
Client side security checks -
-
Permalink Reply by vamshi on -
I completely agree with the points posted by sufala...they cover the most and needed things to be known in Security Aspects.
SQL injection---this is the most happening type of attack now a days.
Apart from that need to check for Vulnerabilities -
-
Permalink Reply by parag on -
Hi sufala ...good one but from bussiness prospective what are the security concern that must be looked in to ?
-
-
Permalink Reply by Hitesh Shah on -
Hi, nice list , have U any example of SQL injection & how to apply on any Interface of web page.
Pl reply me soon
Thanks -
-
Permalink Reply by Srikanth Koushal V on -
SQL INJECTON:
If the application doesn't have proper security...the the web application is very much vulnerable to the outer attacks...SQL injection is a method to attack on the database of a website (as SQL is related to DB)..where a attacker could pass string input to the web applicaton inorder to gain unauthorized access to the database therby hacking the database..... -
-
Permalink Reply by Rakesh Hansalia on -
Add to Shrikanth's point for SQL Injection- You can also install SQL Injection Mozilla AddOns for Firefox. This AddOns provide some injectors(combination od string) as well as you can also add string input to it so you can check your webapplication in order to check your access.
-
-
Permalink Reply by Hitesh Shah on
-
What is Race conditions ? pl explain with example.
Thanks -
-
Permalink Reply by Nandakumar on -
Can you give examples for each points... it will be helpful.
-
-
Permalink Reply by pyla on -
Anu,
please go through the following URL..you will get good Idea
http://www.owasp.org/index.php/Main_Page
Regards
Pyla -
-
Permalink Reply by Nandakumar on
-
Hi Anu,
Security Testing is like an ocean , will share you some of the key security features needs to be carried out Web Based Applications.
1. Session Handling ( Check cookies were deleted [on logout, close window, network disconnect, session timeout ]
2. SQL Injection ( passing parameterization on address bar and trying to insert/update/drop (deleting tables) from the front end.
3. XSS Testing(Cross Site Scripting) - Using javascripts/html tags can hack the user details and call it from the hackers place.
4. Tampering (Tamper IE ) - if the DB/Server validations is not done properly we can alter the values and pass the alternate value and insert into the system.
5. Vulnerablity - Renaming a virus .exe file to .jpg or .doc and try to upload it in the server ( e.g. my profile section or upload document section)
Banking application related testing is very advanced level of security testing - if anybody knows more on that kindly share...
Thanks
-
-
Permalink Reply by Teemu Vesala on -
Session handling is very exciting issue and it has plenty of bugs. I'll write briefly about it what things can go wrong. Not just proper deletion, but there is multiple different issues which I've found at different projects.
First is session id randomness. I recommend that there's always at least 512 random bits at session cookie. To analyze the randomness requires some mathematical and statistical skills and Excel playing.
Second is proper handling of session id. It should be changed everytime and previous one should invalidated every time when authentication status changes. So cookie handling in case where user does following steps: goes to main page, logs in, checks page which requires authentication, logs out should have:
Main page - Create session id for non authenticated session
After successfull login - remove the previous session id and invalidate it, create new session id
View page which requires authentication - no changes to the session id
Log out - invalidate the previous session id and give new one.
This prevents accidents and some nasty attack vectors.
Third any of the cookies should NEVER be enough to authenticate the user. I've seen many times that there is properly handled session id. I can't reuse it to get back as logged out user. But then there is something like "USERSTATE" which has good looking hex coded something. And if I take that USERSTATE, start new session, insert USERSTATE to copied one, the user gets logged in. That should NEVEN happend. Random session id should be only thing which connects user to session.
Forth: System accepts externally generated session id. Well.. if second is handled correctly, this is not the HUGE issue, but it still is the issue. Many php-applications are accepting any session id which is sent by browser as long as its syntax is correct. That should never happend. It's the timebomb.
Fifth - proper configurations. If the web application is using https, the cookie should never be sent over http. So there should be flagged as 'secure'. And if javascript doesn't need to know session id, it should be flagged with httponly-flag.
Then external thing which I usually note: Same domain should never have http- and https-services. If you look at Facebook - it has https- and http-protocols at http://facebook.com/ It's very difficult to notice when some link ends up to https- or http-protocol. That is confusing users. And anything which confuses users should be seen as bad thing.
Hopefully people get the point - security testing has plenty of things. I've written only a bit about cookie handling only. XSS, SQL injection, network security, error messages, etc. requires more knowledge. Good way to learn is to read security news, read about the security bugs, reproduce the issues reported by others and so on.
-
TTWT Magazine
Advertisement
You Can
Call for Articles
Advertisement
Quality Jobs Portal
Videos
Badge
© 2012 Created by Quality Testing.
