Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Web Application Security 101 - 08 Access Control

315 views

Published on

In part 8 of Web Application Security 101 we explore the various security aspects of the access control system of modern web applications. In particular we look into A-To-B attacks, privilege escalation and more.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Web Application Security 101 - 08 Access Control

  1. 1. Access Control Privilege escalation attacks and more.
  2. 2. Privilege Escalation A-to-C Attacks Business Logic Flaws Unrestricted Download
  3. 3. A-to-C Attacks Works like this: a, b(skipping), c. Features that are available but hidden from the user.
  4. 4. Example 1 Admin Panel Feature 1 /feature1 Feature 2 /feature2 Feature 3 /feature3 Feature 4 /feature4 User Panel Feature 3 /feature3 Feature 4 /feature4 It looks like Feature 1and Feature 2are missing from the User Panel but this doesn't mean that they cannot be accessed directly.
  5. 5. Example 2 User Panel Feature 3 /feature3 Feature 4 /feature4 Feature 1 /feature1 Feature 2 /feature2 Feature 3 /feature3 Feature 4 /feature4 Web Service Although Feature 1and Feature 2are missing from the User Panel it doesn't mean that they cannot be accessed directly via the web service.
  6. 6. Business Logic Flaws Any logic flow that can be used to bypass the login.
  7. 7. Example 1 Cookies are used to specify if admin. Cookie: is_admin=1
  8. 8. Unrestricted Download Common in apps that use a static directory to store user-provided files.
  9. 9. Example 1 Attacker /private/file/1 /private/file/2 /private/file/3 /private/file/4 Static Dir Common in apps that use a static directory to store user-provided files.
  10. 10. Lab Let's test some of these in the lab.

×