These mechanisms are known as Session Management and, while they're most important in order to increase the ease of
use and user-friendliness of the application, they can be exploited by a penetration tester to gain access to a user account,
without the need to provide correct credentials. In this test, we want to check that cookies and other session tokens are
created in a secure and unpredictable way. An attacker who is able to predict and forge a weak cookie can easily hijack the
sessions of legitimate users.
Method POST
Header Value
| Content-Type | multipart/form-data; boundary=d41d8cd98f00b204e9800998ecf8427e |
| Content-length | 38 |
| 00000000 | 2D | 2D | 64 | 34 | 31 | 64 | 38 | 63 | 64 | 39 | 38 | 66 | 30 | 30 | 62 | 32 | --d41d8cd98f00b2 |
| 00000010 | 30 | 34 | 65 | 39 | 38 | 30 | 30 | 39 | 39 | 38 | 65 | 63 | 66 | 38 | 34 | 32 | 04e9800998ecf842 |
| 00000020 | 37 | 65 | 2D | 2D | 0D | 0A | 7e--.. |
Cokies
akakom_tpl=akakom; __utma=242819602.142294096.1307223034.1307223034.1307430533.2; __utmz=242819602.1307223034.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 69cb2eb0a19889c0e172765110b05475=8t1prvlodibs737lv6i4tf8st4; __utmb=242819602.1.10.1307430533; __utmc=242819602
Burp Suite
Web Scarab
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 Jun 2011 07:34:06 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.5
Set-Cookie: 69cb2eb0a19889c0e172765110b05475=pseoevo6b6n1042tuvdc0gmq13; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location:
Content-length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
TESTING FOR COOKIES ATTRIBUTES (OWASP-SM-002)
TESTING FOR SESSION FIXATION (OWASP-SM_003)
found in picture no 1
TESTING FOR EXPOSED SESSION VARIABLES (OWASP-SM-004)
TESTING FOR CSRF (OWASP-SM-005)
0 komentar:
Posting Komentar