Vulnerable Web Services

From Embedded Lab Vienna for IoT & Security
Jump to: navigation, search

JuicebWAPP.png

Introduction

The number of users of online services has increased significantly in the last years. As a result, the relevance of security in the web is also increasing rapidly, because every organization and private person prefers that their data securely tranported and stored in the web. Moreover, Even though we are living in 2020, web application security is the most overlooked aspect of a business. Therefore, hackers' efforts are more focused on websites and the associated applications. To understand why web apps are a popular target of many cyber criminals a few important points are listed here.

  • The application can be accessed 24/7 via the Internet
  • Have sensitive data and often have direct access to backend data
  • Conventional firewalls do not have adequate protection
  • The applications are tailored and therefore very fragile

Nowadays web applications represent a fundamental part in information technologies. Therefore the danger of attacks on the internet is growing and make so-called penetration tests necessary. A penetration test comprises a series of activities which record and identify security gaps. In the attached seminar paper, two intentionally insecure web services are compared with each other. The focus of the practical part includes the testing of the world's most frequently used SQL-injection Attack. In this case, attackers take advantage of specific weaknesses in order to gain access to confidential information. A variation of this SQL injection attack is described.
But there are much more weak points in the web, the main vulnerabilities concerning the web are the OWASP Top Ten:

  • Injection
  • Broken Authentication & Session Management
  • Sensitive Data Exposure
  • XML External Entities (XXE)
  • Broken Access Control
  • Security Misconfiguration
  • Cross Site Scripting (XSS)
  • Insecure Deserialization
  • Using Components with Known Vulnerabilities
  • Insufficient Logging & Monitoring

Most software errors are the result of inappropriate input validation. This leads to an attack targeting confidential information more frequently. SQL injection attacks are very popular because they are executed using simple scripts. Identifying SQL-injection vulnerabilities is often not that easy.Even though the majority of security gaps on the web are performed directly and from a strategic distance, many web designers are surprisingly not security conscious. Testing vulnerabilities for web applications is one way to deal with such problems. Tools like bWAPP and OWASP Juice Shop offer users a fun way to uncover these vulnerabilities.

Penetrating Testing

Penetrating testing is a targeted, permitted attempt to penetrate an IT system. The main objective is to detect and eliminate vulnerabilities in order to improve IT security. Vulnerabilities should be identified before they arise. Methods such as SQL injection, XML External Entities (XEE) and Cross-Site scripting (XSS) are very popular by hackers. For web applications, the Open Web Application Security Project (OWASP) offers materials for pentests.

SQL Injection Vulnerability

With the growing popularity of the World Wide Web, there was an increasing use for advanced technology and dynamic websites.

SQL injection vulnerability is one of the greatest dangers to confidentiality and integrity in Web applications and thus has been included in the OWASP Top 10 list of the most common vulnerabilities since its introduction. For example, attackers can insert malware into an SQL statement through an SQL injection vulnerability. The practical part of this thesis deals with the SQL injection attack. Attackers gain the ability to perform a series of actions if an SQL injection is applied to a vulnerable page. By exploiting this vulnerability, database contents can be added, edited, deleted or read.

Vulnerable Webservices

These are web services that were intentionally implemented insecure, so that there are extremely vulnerable. Thus, security enthusiast such as developers, students or teachers can use it to discover and simulate various vulnerabilities in the web. This ensures that users are better at dealing with a wide variety of vulnerabilities, such as the OWASP Top 10 and many other weaknesses in the web. Moreover, it's like a workout to improve ethical hacking skills. In addition, it is possible to minimize the dangers, because you know what to pay attention
Three services are presented in detail referring to their architecture, installation, as well as a practical example with SQL Injection:

Conclusion

Tools like bWAPP, DVWA and OWASP Juice Shop are very helpful and interesting for anyone interested in trying out various hacking tasks with different levels of difficulty in a playful manner. With the unstoppable development of technology and today's abundance of information it becomes more important to be well informed about the dangers that come with the World Wide Web. An SQL injection example (GET / Search) shows that passwords of any user can be cracked in a short time. The three insecure web services bWAPP, DVWA and OWASP Juice Shop were introduced and compared in terms of installation, architecture and application. Due to the different levels of difficulty in the challenges and additional challenges on special events, users are able to further develop their skills. Further information on this article can be found in the following papers:
seminar paper

References

Open Web Application Security Project (OWASP)

MME Security Audits & Training

OWASP Juice Shop Project

SQL-Injection Vulnerability