O'Reilly logo

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition by Marcus Pinto, Dafydd Stuttard

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Questions

Answers can be found at http://mdsec.net/wahh.

  1. How can data be transmitted via the client in a way that prevents tampering attacks?
  2. An application developer wants to stop an attacker from performing brute-force attacks against the login function. Because the attacker may target multiple usernames, the developer decides to store the number of failed attempts in an encrypted cookie, blocking any request if the number of failed attempts exceeds five. How can this defense be bypassed?
  3. An application contains an administrative page that is subject to rigorous access controls. It contains links to diagnostic functions located on a different web server. Access to these functions should also be restricted to administrators only. Without implementing a second authentication mechanism, which of the following client-side mechanisms (if any) could be used to safely control access to the diagnostic functionality? Do you need any more information to help choose a solution?
    • (a) The diagnostic functions could check the HTTP Referer header to confirm that the request originated on the main administrative page.
    • (b) The diagnostic functions could validate the supplied cookies to confirm that these contain a valid session token for the main application.
    • (c) The main application could set an authentication token in a hidden field that is included within the request. The diagnostic function could validate this to confirm that the user has a session on the main application.
  4. If a form field ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required