OWASP TOP 10 Vulnerability principle and harm

top1-Injection

Simply put, the injection is often caused by an application lacking a secure check of the input, and the attacker sends some data that contains instructions to the interpreter, which translates the received data into instruction execution. Common injections include SQL injection,--OS-SHELL,LDAP (Lightweight Directory Access Protocol), XPath (XPath is the XML Path language, which is a language used to determine the location of XML (a subset of standard Universal Markup Language) documents, HQL injection, and so on.

The hazards are as follows:

Injection can lead to data loss or corruption, lack of auditable or denial of service. Injection vulnerabilities can sometimes even lead to a full takeover of the host

How to prevent:

1. Use a secure API to avoid using the interpreter

2. Escape escape for special characters entered

Example: Like '%M% ' ESCAPE ' M '

The Escape keyword, "M", is used to tell the DBMS to search for the second percentile (%) in the string "%M%" as the actual value, rather than as a wildcard character

3. Using the whitelist to normalize the input validation method

Top2-failed authentication and session management

Application features associated with authentication and session management are often not properly implemented, resulting in attackers being able to break passwords, keys, session tokens, or enforce vulnerabilities impersonating other users

The hazards are as follows:

These vulnerabilities could cause some or all of the accounts to be attacked, and if the attack succeeds, the attacker can perform any legitimate action

How to prevent:

1. Use the built-in session management feature

2. Pass the certified greeting

3. Use a single entry point

4. Make sure that you log on to SSL protected web pages at the beginning

top3-Cross-site XSS

Cross-site scripting is the most common Web application security vulnerability. When an application contains user-supplied data in a page that is sent to a browser, but is not properly verified and escaped, it causes cross-site

The hazards are as follows:

Attackers execute scripts in the victim's browser to hijack user sessions, insert malicious content, redirect users, hijack user browsers using malware, and more

Kinds:

Storage type, reflective type, DOM type

How to prevent:

1. Verify the input

2. Encoded output (to ensure that the input characters are treated as data, not as HTML is parsed by the browser)

top4-Direct reference to unsafe objects

means an authorized user accesses an object that is not authorized by changing the access parameter.

The hazards are as follows:

This vulnerability could corrupt all data referenced by the parameter

How to prevent:

1. Use indirect object access based on a user or session, which prevents an attacker from directly attacking an authorized resource

2. Access checks: Access control checks on any objects that are used from untrusted sources

3. Avoid referencing internal file names or database keywords directly in URLs or Web pages

4. Verify user input and URL requests, and reject include./. /The Request

top5-forged Cross-site request (CSRF)

Cross-site request forgery, taking advantage of the site's feature of allowing attackers to predict all the details of a particular operation. Because the browser automatically sends authentication credentials such as session cookies, an attacker can create a malicious Web page to generate a bogus request. These forged requests are hard to distinguish from legitimate requests.

The hazards are as follows:

An attacker could allow the victim user to modify any data that is allowed to be modified, perform any user-permitted actions, such as changing the password, logging off, etc.

How to prevent:

1. Add an unpredictable token to each HTTP request and guarantee that the token is unique to each user session.

The best way to do this is to include the unique token in the hidden field and send it over the HTTP request to avoid exposing it in the URL.

2. Require users to re-certify or judge that they are a true German user

top6-Safe mis-configuration

Security configuration errors can occur at any level of an application stack, including platforms, Web servers, application servers, databases, schemas, and custom code. The attacker accesses the default account, unused Web pages, vulnerabilities of unpatched patches, unprotected files and directories, etc. to gain access to the system for authorization

The hazards are as follows;

The system may be completely compromised under unknown circumstances, and user data may be stolen or tampered with over time. It even caused the whole system to be completely destroyed.

How to prevent:

1. Automated Installation Deployment

2. Timely understanding and deployment of software updates and patch information for each session

3. Implement vulnerability scanning and security audits

top7-Limit URL access failure (missing feature level access control)

This vulnerability is also related to authentication, which specifically refers to the system has already restricted access to the URL, but this limitation does not take effect. A common example is that the system does not check the role of the user, and the user can access the page by modifying the URL's action and pointing to an unauthorized page.

The hazards are as follows:

Attackers can easily change URLs to privileged web pages, allowing anonymous or ordinary users to access unprotected private pages to elevate unauthorized features and related data

How to prevent:

1. Review the process of managing permissions and ensure that it is easy to upgrade and audit

2. By default, execute permissions for all access should be denied. Explicit role authorization is required for each feature to be accessed

3. Check the permissions of each function assignment reasonably and effectively

top8-unauthenticated redirection and forwarding

Redirection is extremely common in web applications, and usually redirects are caused by URLs with user input parameters, and if these redirects are not validated, the attacker can direct the user to the site they want the user to visit

Similarly, forwarding is extremely common, essentially forwarding is to send a request to a new page in the same application, and sometimes the target page is defined with parameters. Similarly, if the parameter is not validated, then the attacker can use it to bypass authentication or authorization checks

The hazards are as follows:

An attacker could attempt to install malicious software or induce a victim to divulge most grateful information such as a password through redirection, bypassing access restrictions

How to prevent:

1. Avoid using redirects and forwards

2. If used, do not involve user parameters when determining the target

3. If you cannot avoid using user parameters, you should ensure that the target parameter values are valid for the current user and are authorized

If you need to log in, you can get the login information from the session and then judge

top9-components that apply known vulnerabilities

Applications that use components with known vulnerabilities can disrupt application defenses and can result in severe data loss or server takeover

How to prevent:

1. Identify the components and versions that are in use, including all dependencies

2. Update the component or referenced library file to the latest

3. Establish a security policy to manage the use of components

top10-Sensitive information exposure

This seems to be nothing to say, focus on the protection of sensitive data can be

Reference URL: 69952026?locationnum=13&fps=1

OWASP TOP 10 Vulnerability principle and harm