Quality is delighting customers
security testing
in security testing:-
1. Vulnerability
This is a type of weakness in the web application. The cause of such a “weakness” can be bugs in the application, an injection (SQL/ script code) or the presence of viruses.
2. URL manipulation
Some web applications communicate additional information between the client (browser) and the server in the URL. Changing some information in the URL may sometimes cause unconditional behavior by the server.
3. SQL injection
This is the process of inserting SQL statements through the web application user interface into some query that is then executed by the server.
4. XSS (Cross Site Scripting)
When a user inserts HTML/ client-side script in the user interface of a web application and this insertion is visible to other users, it is called XSS.
5. Spoofing
The creation of fraud look-alike websites or emails is called spoofing.
Security defects
1. Password cracking
A password cracker is an application program that is used to identify an unknown or forgotten password to a computer or network resources. It can also be used to help a human cracker obtain unauthorized access to resources.
Password crackers use two primary methods to identify correct passwords: brute-force and dictionary searches. When a password cracker uses brute-force, it runs through combinations of characters within a predetermined length until it finds the combination accepted by the computer system. When conducting a dictionary search, a password cracker searches each word in the dictionary for the correct password. Password dictionaries exist for a variety of topics and combinations of topics, including politics, movies, and music groups.
Some password cracker programs search for hybrids of dictionary entries and numbers. For example, a password cracker may search for ants01; ants02; ants03, etc. This can be helpful where users have been advised to include a number in their password.
A password cracker may also be able to identify encrypted passwords. After retrieving the password from the computer's memory, the program may be able to decrypt it. Or, by using the same algorithm as the system program, the password cracker creates an encrypted version of the password that matches the original.
2. URL manipulation:-
HTTP GET request user information is passed to server for authentication or fetching data. Attacker can manipulate every input variable passed from this GET request to server in order to get the required information or to corrupt the data. In such conditions any unusual behavior by application or web server is the doorway for the attacker to get into the application.
3. SQL Injection
SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.
The primary form of SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and executed. A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. When the stored strings are subsequently concatenated into a dynamic SQL command, the malicious code is executed.
4. Cross Site Scripting (XSS)
Cross Site Scripting (or XSS) is one of the most common application-layer web attacks. XSS commonly targets scripts embedded in a page which are executed on the client-side (in the user’s web browser) rather than on the server-side. XSS in itself is a threat which is brought about by the internet security weaknesses of client-side scripting languages, with HTML and JavaScript (others being VBScript, ActiveX, HTML, or Flash) as the prime culprits for this exploit. The concept of XSS is to manipulate client-side scripts of a web application to execute in the manner desired by the malicious user. Such a manipulation can embed a script in a page which can be executed every time the page is loaded, or whenever an associated event is performed.
1. Vulnerability
This is a type of weakness in the web application. The cause of such a “weakness” can be bugs in the application, an injection (SQL/ script code) or the presence of viruses.
2. URL manipulation
Some web applications communicate additional information between the client (browser) and the server in the URL. Changing some information in the URL may sometimes cause unconditional behavior by the server.
3. SQL injection
This is the process of inserting SQL statements through the web application user interface into some query that is then executed by the server.
4. XSS (Cross Site Scripting)
When a user inserts HTML/ client-side script in the user interface of a web application and this insertion is visible to other users, it is called XSS.
5. Spoofing
The creation of fraud look-alike websites or emails is called spoofing.
Security defects
1. Password cracking
A password cracker is an application program that is used to identify an unknown or forgotten password to a computer or network resources. It can also be used to help a human cracker obtain unauthorized access to resources.
Password crackers use two primary methods to identify correct passwords: brute-force and dictionary searches. When a password cracker uses brute-force, it runs through combinations of characters within a predetermined length until it finds the combination accepted by the computer system. When conducting a dictionary search, a password cracker searches each word in the dictionary for the correct password. Password dictionaries exist for a variety of topics and combinations of topics, including politics, movies, and music groups.
Some password cracker programs search for hybrids of dictionary entries and numbers. For example, a password cracker may search for ants01; ants02; ants03, etc. This can be helpful where users have been advised to include a number in their password.
A password cracker may also be able to identify encrypted passwords. After retrieving the password from the computer's memory, the program may be able to decrypt it. Or, by using the same algorithm as the system program, the password cracker creates an encrypted version of the password that matches the original.
2. URL manipulation:-
HTTP GET request user information is passed to server for authentication or fetching data. Attacker can manipulate every input variable passed from this GET request to server in order to get the required information or to corrupt the data. In such conditions any unusual behavior by application or web server is the doorway for the attacker to get into the application.
3. SQL Injection
SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.
The primary form of SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and executed. A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. When the stored strings are subsequently concatenated into a dynamic SQL command, the malicious code is executed.
4. Cross Site Scripting (XSS)
Cross Site Scripting (or XSS) is one of the most common application-layer web attacks. XSS commonly targets scripts embedded in a page which are executed on the client-side (in the user’s web browser) rather than on the server-side. XSS in itself is a threat which is brought about by the internet security weaknesses of client-side scripting languages, with HTML and JavaScript (others being VBScript, ActiveX, HTML, or Flash) as the prime culprits for this exploit. The concept of XSS is to manipulate client-side scripts of a web application to execute in the manner desired by the malicious user. Such a manipulation can embed a script in a page which can be executed every time the page is loaded, or whenever an associated event is performed.
Views: 4
Comment
-
Comment by Hitesh Shah on December 28, 2009 at 1:49pm -
Thanks for URL. This is very helpful . Have U any live example of web application security ?
Thanks
TTWT Magazine
Advertisement
You Can
Call for Articles
Advertisement
Quality Jobs Portal
Videos
Badge
© 2012 Created by Quality Testing.
You need to be a member of Quality Testing to add comments!
Join Quality Testing