How to bypassing Client-Side Controls

Chuyên đề thảo luận về Security Testing.
Forum rules
Chuyên đề này chỉ thảo luận về Security Testing.
Để có kết quả nhanh, các bạn nên search trước khi tạo chủ đề mới.
Post Reply
nvnhan282
Hoc Tester
Posts: 5
Joined: Fri 16 Jan, 2015 11:27 am
Contact:

How to bypassing Client-Side Controls

Post by nvnhan282 » Fri 16 Mar, 2018 8:14 am

Bypassing Client-Side Controls

Transmitting Data Via the Client
  • a) Hidden Form Fields
    b) HTTP Cookies
    c) URL Parameters
    • o Locate all instances within the application where hidden form fields, Cookies and URL parameters are apparently being used to transmit data via the client.
      o Attempt to determine or guess the role that the item plays in the application’s logic, based on the context in which it appears and on clues such as the parameter’s name.
      o Modify the item’s value in ways that are relevant to its purpose in the application. Ascertain whether the application processes arbitrary values submitted in the parameter, and whether this exposes the application to any vulnerability.
    d) The Referrer Header
    • o Locate all instances within the application where hidden form fields, cookies, and URL parameters are apparently being used to transmit data via the client.
      o Attempt to determine or guess the role that the item plays in the application’s logic, based on the context in which it appears and on clues such as the parameter’s name.
      o Modify the item’s value in ways that are relevant to its purpose in the application. Ascertain whether the application processes arbitrary values submitted in the parameter, and whether this exposes the application to any vulnerability.
    e) Opaque Data
    • o If you know the value of the plaintext behind the opaque string, you can attempt to decipher the obfuscation algorithm being employed.
      o As described in Chapter 4, the application may contain functions elsewhere that you can leverage to return the opaque string resulting from a piece of plaintext you control. In this situation, you may be able to directly obtain the required string to deliver an arbitrary payload to the function you are targeting.
      o Even if the opaque string is impenetrable, it may be possible to replay its value in other contexts to achieve a malicious effect. For example, the pricing token parameter in the previously shown form may contain an encrypted version of the product’s price. Although it is not possible to produce the encrypted equivalent for an arbitrary price of your choosing, you may be able to copy the encrypted price from a different, cheaper product and submit this in its place.
      o If all else fails, you can attempt to attack the server-side logic that will decrypt or deobfuscate the opaque string by submitting malformed variations of it — for example, containing overlong values, different character sets, and the like.
    f) The ASP.NET ViewState



nvnhan282
Hoc Tester
Posts: 5
Joined: Fri 16 Jan, 2015 11:27 am
Contact:

Re: How to bypassing Client-Side Controls

Post by nvnhan282 » Tue 20 Mar, 2018 5:57 pm

It nguoi thich chu de nay nhi?



tvn
Admin
Posts: 4789
Joined: Tue 10 Aug, 2010 10:11 am
Location: HCM
Contact:

Re: How to bypassing Client-Side Controls

Post by tvn » Fri 23 Mar, 2018 5:32 pm

Không phải không thích đâu nvnhan282, mà mọi người ít biết về nó áh.
Rất nhiều bạn đang quan tâm đến lĩnh vực này.

Cám ơn bạn đã chia sẻ.



Post Reply

Return to “Security Testing - Kiểm thử bảo mật”