O'Reilly logo

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition by Marcus Pinto, Dafydd Stuttard

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Questions

Answers can be found at http://mdsec.net/wahh.

  1. An application may use the HTTP Referer header to control access without any overt indication of this in its normal behavior. How can you test for this weakness?
  2. You log in to an application and are redirected to the following URL:
    https://wahh-app.com/MyAccount.php?uid=124112 6841

    The application appears to be passing a user identifier to the MyAccount.php page. The only identifier you are aware of is your own. How can you test whether the application is using this parameter to enforce access controls in an unsafe way?

  3. A web application on the Internet enforces access controls by examining users' source IP addresses. Why is this behavior potentially flawed?
  4. An application's sole purpose is to provide a searchable repository of information for use by members of the public. There are no authentication or session-handling mechanisms. What access controls should be implemented within the application?
  5. When browsing an application, you encounter several sensitive resources that need to be protected from unauthorized access and that have the .xis file extension. Why should these immediately catch your attention?

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required