Home 0P3N Blog About Web Application Security - OWASP
Ready to Start Your Career?
Create Free Account
奥力 s profile image
By: 奥力
May 15, 2018

About Web Application Security - OWASP

By: 奥力
May 15, 2018
奥力 s profile image
By: 奥力
May 15, 2018

Security is a very important topic and has gained a lot of prominence in recent years. Developing a secure Web application is a very difficult task nowadays, as there are several technologies involved and consequently several types of attacks that can be carried out against Web applications, with new vulnerabilities and attacks coming up over time.

In companies, in general, it’s common to find some infrastructure environments with outdated software such as operating system, DBMS, application servers and libraries in general. But a large part of the attacks occurs because of vulnerabilities present in the application itself. The software developer has a very important role to codify the best algorithms and to have knowledge of numerous technologies and standards for Web development and the system administrator to design and maintain a good infrastructure environment. In this scenario get up the role of the security professional to make analyzes and security tests in conjunction with the system development and administration team. Therefore it’s very important that companies invest enough in information security, so as not to lose the confidence of their clients and avoid possible damages.

Let's talk about some vulnerabilities that are commonly found in Web applications.

  • SQL Injection

Sample/imagine that this is a form field.:

[ '; delete from usuarios; ]

Notice that the command is simple, but this attack can cause catastrophic damage to a company. We are in this illustrative example trying to insert an SQL statement that serves to delete all records from the user's table of the application. Of course, this assuming that the name of the table that stores the users of the application is users.

In addition to entering SQL commands to erase application information, you can also enter commands to obtain sensitive user information. As was the case with large companies like Yahoo, eBay in the past.

Sample II/imagine that this is a form login field.:

Username: [ 'or 1 or 'a'= 'a ]Password: [ * * * * * * * * * ]

In this other example, we are testing a possibility of concatenating the login and password parameters directly in the String that assembles the SQL command. This is exactly what generates the vulnerability if it were possible to generate the SQL statement:

select * from users where login = '' or 1 or 'a' = 'a' and password = '12345678'

Final result: FALSE or TRUE OR True AND false

And this logical operation will result in true, as if the query had returned a valid user registry of the database, thus causing the application to log in normally.

  • Cross-site Scripting

I learned of this vulnerability after October 4, 2005, when I investigated the attack by Samy Kamkar, a security professional who wrote a malicious JavaScript code. The attack was carried out on the Myspace site, which at that time was considered the largest social network on the internet.

Samy developed a script that made users who visited his profile, automatically add him as a friend, and also added on the victim's page a category called My Heroes with the text: but most of all, Samy is my hero. By the way, Samy had few friends =) … 0/ and less than 24 hours, Samy was the most popular user on Myspace, hitting the mark of 1 million friends.

To check more details of this beautiful story, visit https://samy.pl/popular/

In the case of MySpace, the risk occurred because the application accepted JavaScripts codes being injected into web form fields, due to the lack of adequate treatment of the information entered by the users. In this attack, the objective is to send JavaScript commands that will be executed by the victim's browser, in order to deceive them. Major companies have introduced this vulnerability as Twitter and Orkut in mid-2005.

  • Cross-Site Request Forgery

This attack works by including a link or script on a page that accesses a site where the user is known (or assumed) that the user has been authenticated. This attack is more complicated because we need to know the technologies that we are going to attack, as well as knowing very well the model of authentication and use of cookies and sessions. I'll stop here, otherwise, this article will be too long.

To learn more about these attacks and many others as well as how to prevent them in Web applications, I recommend that you follow the work of OWASP (https://owasp.org), a leading open community focused on application security.

The Open Web Application Security Project is an open community, started in 2001, to enable organizations to keep their applications reliable, with a focus on security. The project offers free documents, tools, forums and security studies.

One of the most popular documents among information security professionals in the Top 10, an elaborate study-based list containing the top 10 most critical risks in applications. The document outlines the risks in detail, shows examples of how they work, and also teaches you how to prevent them.

For those who work or are learning about this field of information security, I strongly recommend analyzing and testing the Owasp Juice Shop Project application. 

Owasp Juice Shop Project focuses on the practice of CTFs. CTF stands for Capture the flag. They are competitions that involve diverse competences of the professionals of this field.



I want to contribute more in my free time. I hope you find something that brings value to you.  If you are new to the area tell me your difficulties, if you already act, we will share knowledge and techniques.

Do not hesitate to contact me!

Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry