Java Reference
In-Depth Information
Figure 5.6
Detailed Web application error message revealing sensitive details.
Upon input of arbitrary code, to induce error conditions, detailed stack traces, failed SQL
statements, and debug information are displayed as an error page to the attacker, which can be
used to perpetrate SQL injection attacks and other attacks to exploit the Web application. Figure
5.6 is a screenshot of an application throwing a detailed, default error message containing sensitive
information.
5.4.2.7 Authentication and Session Management Flaws
he Web application must ensure that only users with a valid username and password are identi-
ied and authenticated by an application. Session identiiers in the form of cookies are used to build
and track user session activities while he/she is logged in to the Web application. Authentication
laws and session management laws are quite common in Web applications. Developers write
their own session handlers, which is not a random value, thereby resulting in attackers being able
to easily guess session information and use this to access accounts of other users of the Web appli-
cation. For instance, if the session cookie generated by the application for the attacker is “1001,”
then the attacker might tamper with it and increment the value to “1002” and may gain access to
the session of another user.
*
In some other cases, the application might authenticate a user without
invalidating an existing session ID, thereby allowing an attacker to gain access to another user's
account. his type of an attack is called
session ixation
. Let us explore session ixation with the
help of an example:
*
Session hijacking attack: http://www.securitydocs.com/library/3479.
Search WWH ::
Custom Search