> How did I end up here? Whenever a user is sent to some unexpected (and perhaps malicious) third-party site, an Unvalidated Redirection is said to have occurred. Though it is also known by quite a few other names: unvalidated redirect, open redirection, unvalidated forward, and so on.
This post will walk you through how to set up the basics needed to do web app pentesting. More specificly, we’ll be setting up a web browser for pointing and clicking, an attack proxy for hackety hacking – all while covering the configuration needed.
CVE-2018-6324 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6324 Summary The application will upon successfully logging in redirect the user to a user-controlled destination. A victim user may not recognise that a redirection takes place as they expect to be sent to a new page. Vendor Description F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows you to identify […]
> Is your address really street”/><script>doStuff();</script>? Cross-Site Scripting attacks are tremendously prevalent, which I find surprising because it is an easy problem to detect and to remediate. There are even a lot of decent mitigation alternatives out there as well. What is Cross-Site Scripting (or XSS, if you prefer)? Cross-Site Scripting occurs whenever someone else […]
> Hello, I’m user number fiftysev…. Fiftyeight. Insecure Direct Object References are types of authorization issues, where a user can access information (objects) which they are not supposed to. For example, imagine a bank application where you can view your personal info via: example.com/users/profile.php?id=57 Now, what does “57” refer to? Probably some kind of reference […]
> I didn’t even know we had this old thing! You know, keeping things up to date is something you pretty much have to do, but the web doesn’t really make it easy. There’s a plethora of things to remember to patch: the proxies, the web server, the web application, any dependencies, and even the […]