Answers can be found at http://mdsec.net/wahh.
- An application may use the HTTP Referer header to control access without any overt indication of this in its normal behavior. How can you test for this weakness?
- You log in to an application and are redirected to the following URL:
The application appears to be passing a user identifier to the MyAccount.php page. The only identifier you are aware of is your own. How can you test whether the application is using this parameter to enforce access controls in an unsafe way?
- A web application on the Internet enforces access controls by examining users' source IP addresses. Why is this behavior potentially flawed?
- An application's sole purpose is to provide a searchable repository of information for use by members of the public. There are no authentication or session-handling mechanisms. What access controls should be implemented within the application?
- When browsing an application, you encounter several sensitive resources that need to be protected from unauthorized access and that have the .xis file extension. Why should these immediately catch your attention?