Security Testing a Website_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-03-07 05:57 出处：网络

I am currently working on a school assignment which requires us to perform security testing on a website created by one of our peers. The website is created using ASP.Net 3.5/4 and an MS-SQL database.

The website's main features are:

Reg开发者_如何学运维istration & Login using Roles
Uploading documents
Sharing of uploaded documents
Leaving comments on shared documents

I already have started testing the website using:

XSS in the Register, Login and Leave Comment Sections
SQL Injection in the Register and Login pages
Upload of executables, with a different extension (I have changed an executable file to .doc to test whether the system is checking the extension of the file or the actual contents)

These tests have been carried out manually and I have access to the source code!

Can you suggest any other tests I might want to carry out?

Cheers

A good resource for things to lock-down would be OWASP - I linked to their "top ten" items as I have followed it myself for locking down apps and found it really helpful.

Drilling down into any item on their top ten list will discuss how to recognize a particular vulnerability and suggest how to remove the vulnerability. All code-agnostic stuff, high-level descriptions so it can be applied to any project be it .Net, Ruby, PHP, etc.

Check for Local File Inclusion and Remote File Inclusion vulnerabilities as well.

You can also check the login system: If the website lets you login (and you have an account or can make one), login and check to see how the login code works (i.e. check your cookies to see if they are PHP sessions [secure] or some other method [usually not secure]). If you find a vulnerability in the login system, you could elevate your privileges from regular user to admin.

Also, "Upload of executables, with a different extension." Could you clarify that for me?

The best thing to do is to use your imagination.

You should also use Cat.NET's engine (which is a free Microsoft provide security focused static analysis tool).

I have been working on making Cat.NET easier and faster to use inside VisualStudio and here is a pretty cool PoC of how it in action: Real-time Vulnerability Creation Feedback inside VisualStudio (with Greens and Reds)

If you are interested in Cat.NET you can download it from http://www.microsoft.com/en-us/download/details.aspx?id=19968