Watch your door.-Authentication mechanism is attacked (6)-User Role Change System vulnerability

The first thing to declare is that this article is purely an ignorant view of a little developer without foresight and knowledge, and is intended only for reference in Web system security.

1. Brief description

The application of user role change is very rare in the general pure Internet application. But in some other industries, such as the voice industry I am familiar with, it is very common.
We also often see on TV, a financial giant to call the broker, this stock, buy me 10 million, the stock, the price is thrown immediately.
At this point, the broker answering the phone changed the role of the financial giant.

2. Common "Role change" vulnerability

If we want to dress ourselves as financial predators, we need to get a lot of information, such as the phone number of the financial predators, the tone of speech and the simulation of sound, the usual habits, etc., these are often not common loopholes, if you want to simulate these behavior, I am afraid to seriously violate the law.
But for brokers, the systems they use are inherently "role-changing" possibilities. Common vulnerabilities in these systems are typically these:

• A: Hidden features

Some hidden features are not managed by regular access control. For example, some sites use url:admin/super/control.jsp to do a lot of things to replace their operations, why this happens, because many people assume that others do not know this information, of course, this is not all, many of the old system, originally as a special, and important systems are built, and these systems are often used only on internal LANs. Later experienced some of the impact of the internet era, and immediately carried out the net. Many systems are moving directly from the internal LAN to the Internet ... It was a safe system, and suddenly there was a security risk.

• B: Trust user-submitted data

The application may trust user-submitted data when judging whether the user is pretending. For example, to submit a normal user authentication information, but also to submit a special key. But at the time of data transmission, there might be an attacker who has modified this value ...

• C: Back Door

The backdoor is present in many applications, and these backdoors are usually accounts or passwords that are not subject to regular rules. For example, the previous system, developers for testing convenience, set the verification code if it is "9999", no verification code verification, this similar situation in some "verification code" is a very complex system in a wide range of existence.
The more extreme one is the special backdoor password, which can be used with any user name. Why is there such a design? For example, we just mentioned the financial giant to call the broker, then the broker may use the financial giant's account to place orders, but a broker may have to serve hundreds of people, so many passwords where to live, simply use the same good ....

Watch your door.-Authentication mechanism is attacked (6)-User Role Change System vulnerability