Uses for Customized Automation
There are three main situations in which customized automated techniques can be employed to help you attack a web application:
- Enumerating identifiers — Most applications use various kinds of names and identifiers to refer to individual items of data and resources, such as account numbers, usernames, and document IDs. You often will need to iterate through a large number of potential identifiers to enumerate which ones are valid or worthy of further investigation. In this situation, you can use automation in a fully customized way to work through a list of possible identifiers or cycle through the syntactic range of identifiers believed to be in use by the application.
An example of an attack to enumerate identifiers would be where an application uses a page number parameter to retrieve specific content:
In the course of browsing through the application, you discover a large number of valid PageNo values. But to identify every valid value, you need to cycle through the entire range — something you cannot feasibly do manually.
- Harvesting data — Many kinds of web application vulnerabilities enable you to extract useful or sensitive data from the application using specific crafted requests. For example, a personal profile page may display the personal and banking details of the current user and indicate that user's privilege level within the application. Through an access control defect, you may be able ...