Testing Techniques to Find the Sin

The testing techniques youll use to find this problem are also good techniques to use when testing any networked app. The first thing to do is to build both an evil client and an evil server. One good approach to doing both at once is to create a way to proxy the information between the client and the server. The first thing to do is to simply record and view the information as it moves across the wire. If you see anything that would bother you if it were intercepted, you have something to investigate. One item to check for is whether the data is either base 64 encoded, or ASN1 encodedboth of these are really equivalent to clear-text from a security point of view because they are merely obfuscated .

The next test to try is to see what would happen to the client if its pointed at an attacker-controlled server. Try fuzzing the results and sending abusive inputs back, and pay special attention to stealing credentials. Depending on the authentication mechanism, you may be able to redirect the credentials at another system (or even the clients system) and gain access even though you didnt manage to crack the password.

If the server makes assumptions about the client system, as opposed to just authenticating the user , you first need to question the design of the applicationthis is a risky thing to do. If theres some real reason to do this, go place a false entry in the servers hosts file to overrule the DNS results and try connecting from a rogue client. If the server doesnt detect the change, then youve found a problem.



19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net