Uncover four major vulnerabilities of Web application services

If you know yourself and know what you want, you can win a hundred battles. To improve Web Service Security, you must first understand the vulnerabilities of Web Services. Then, take corresponding measures based on the vulnerabilities. In this article, I will analyze the Web Service Vulnerabilities Based on my work experience, and these vulnerabilities are easily used for attacks. I believe this content will be of great help to improve Web security.

Weakness 1: Unreliable Default Value

In Web application design, many default values are set to improve user input efficiency. However, these default values are a double-edged sword. That is, it can increase the speed of user input, but also affect the security of Web applications. Here is a simple example. What is the default port of the Web server? 80. Correct. Anyone with a little Web Knowledge knows this information. Now the problem is that everyone knows this information, so attackers can easily attack through this port. For example, you can use a tool to scan port 80 to determine whether the server has enabled the Web service. Therefore, if the Web service does not change the default port value, many security problems will occur. For another example, some administrators may leave the user's default username blank or the same name as the administrator account when setting the user name and password. Although they may remind users to change their passwords as soon as possible. However, based on my experience, many users do not have this security awareness.

It can be seen that setting the default value for a Web application is not reliable. For this reason, we recommend that you do not use the default value for some key applications, such as ports, Administrator account names, and passwords. This reduces the security performance of Web applications.

Weakness 2: Key information is not encrypted

I have previously studied a Compiere ERP system, which has two architectures: B/S and C/S. During login, you must enter the user name and password. When entering this information, the password is in the form of a mask, which can indeed provide a certain protection effect. However, the user name is stored in the backend database and transmitted from the webpage client to the application server and database server. That is to say, as long as attackers use some sniffing tools or break through the database, attackers can perform some destructive operations smoothly for this application. On the contrary, if we encrypt these key information. Therefore, even if attackers have the data, it is useless for them.

Whether on the database server or on the client's Cookies, do not directly store unencrypted thoughts, such as passwords or other private data. This is a primary principle for improving data security. If the data is exposed, the encryption scheme will prevent exposing the user's password.

After understanding this basic principle, the administrator needs to pay attention to which encryption technology should be used. The different encryption technologies selected directly affect the security of Web services. However, encryption is also a double-edged sword. Generally, the higher the encryption level, the higher the resource overhead required. In short, the encryption level and system performance are reversed.

Weakness 3: Web Service Overflow

This is the most traditional and harmful weakness. The earliest and still widespread attack that was damaged was the assumption that developers could trust the data input by end users. In fact, this assumption is very dangerous. Our security personnel should maintain a skeptical attitude towards practice. Assume that the user is an attacker. Only in this way can we do a good job in security. However, many developers do not have this security awareness. Here is a simple example. If a user understands the relevant content of the PowerPoint file format, they can use a text editor to compile a PowerPoint file. Editing is quite simple, but it only makes the data in the internal field more than the data allowed by the system, which will cause the system to crash. Then attackers can execute any program they want to execute. This attack is called an overflow attack. It is applicable to most Web servers.

To put it simply, overflow attacks are caused by putting too much data into the space that the original program designer thinks is sufficient. The extra data overflow will store the package in the nearby memory and overwrite the data irrelevant to the original usage of this region. When other applications are executed, the program uses new data. That is to say, If attackers can use the wrong data to fill up enough space and add malicious code to the data, the application may execute malicious code, to achieve the purpose of the attack. Such as deleting data and updating the website homepage. If the attacked application is started by a system administrator, malicious code may be executed as part of the original program, thus granting the attacker administrator privileges. When attackers obtain administrator privileges, the consequences can be imagined.

For Web Services, pay special attention to buffer overflow attacks. In the buffer overflow attack instance, the internal value of the program will be exceeded, thus changing the running mode of the program. During normal operation of the application, when a function is called, all parameters of the called function and the pointer to the return position will be stored in the memory. After the job specified by this function is completed, the return pointer will return to the original location and continue executing other programs. This process can be changed by exploiting buffer overflow attacks. That is, let the function execute the program or code that attackers want to execute. You can input enough data to overwrite the original parameters and input new return pointers to different functions.

It can be seen that overflow is critical to Web Services. However, it is not very difficult to make up for this vulnerability. In general, developers only need to do relevant checks during the development process to make up for it. For example, in the text box, perform necessary checks before the user saves the data. Including the data type and whether the data contains special characters that are not allowed. That is to say, when developing Web applications, we should maintain a necessary attitude of doubt to users. Only in this way can we think about how to test user data. After completing this operation, you can avoid overflow attacks to a large extent and improve the security of the application server.

Weakness 4: SQL injection attacks

The SQL injection attack is a buffer overflow attack. In addition to overflow vulnerabilities, SQL injection is another type of attack that relies on developers not testing input data. For example, most people have character numbers or secrets, or security-conscious people have character digital passwords with other keyboard symbols, which improves the security of passwords. For this security, developers may allow users to enter any character as the password. However, if strict check is not performed during the development process, it may cause SQL injection attacks on the Web server.

The principle of SQL injection attacks is very simple. There are also some technical documents on the Internet. For this reason, I will not elaborate too much here. I just stressed that SQL injection attacks should be paid attention by developers when developing Web applications. Take positive measures to eliminate this weakness.

Based on previous attack cases, we can know that this weakness is one of the most effective attack methods for Web applications. In addition, as you increase your trust in Web applications, such as online transfer and other business applications, the dangers will become greater and greater.

In fact, it is easy to prevent this attack. This mainly means that when developing applications, it is necessary to strengthen the detection of user input data. For example, strict restrictions on the length and format of characters entered by users are imposed, and strict checks are performed before the user inputs and saves the data. You only need to check the input to eliminate the security threats caused by this vulnerability.

1. Anheng Information Identification Web application vulnerability scanner Product Introduction
2. Web Security Series: Use WVS to protect Web Application Security