OWASP Testing for Authorization and Weak Crypto
Testing for Authorization
Directory traversal/file include
Bypassing Authorization Schema
Insecure Direct Object References
Testing for weak Cryptography
Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection
Various types of information which must be protected can be also transmitted in clear text. It is possible to check if this information is transmitted over HTTP instead of HTTPS.
Example 1. Basic Authentication over HTTP
Basic Authentication, after log in, credentials are encoded — and not encrypted — into HTTP Headers.
Testing for Weak SSL/TLS Ciphers/Protocols/Keys vulnerabilities
Example 2. SSL service recognition via nmap
The first step is to identify ports which have SSL/TLS wrapped services. In this example we search for SSL services using nmap with “-sV” option, used to identify services and it is also able to identify SSL services
Example 3. Checking for Certificate information, Weak Ciphers and SSLv2 via nmap
Example 4 Checking for Client-initiated Renegotiation and Secure Renegotiation via openssl (manually)
Example 5. Testing supported Cipher Suites, BEAST and CRIME attacks via TestSSLServer
TestSSLServer is a script which permits the tester to check the cipher suite and also for BEAST and CRIME attacks. BEAST (Browser Exploit Against SSL/TLS) exploits a vulnerability of CBC in TLS 1.0. CRIME (Compression Ratio Info-leak Made Easy) exploits a vulnerability of TLS Compression, that should be disabled.
Example 6. Testing SSL/TLS vulnerabilities with sslyze
Sslyze is a python script which permits mass scanning and XML output.
Example 7. Testing SSL/TLS with testssl.sh
Testssl.sh is a Linux shell script which provides clear output to facilitate good decision making.
Example 8. Testing SSL/TLS with SSL Breacher
Testing SSL certificate validity — client and server
Example 1. Testing for certificate validity (manually)
Example 8. Testing via HTTP proxy
Testing for padding oracle vulnerabilities
First the possible input points for padding oracles must be identified. Generally the following conditions must be met
1. The data is encrypted. Good candidates are values which appear to be random.
2. A block cipher is used. The length of the decoded (Base64 is used often) cipher text is a multiple of common cipher block sizes like 8 or 16 bytes. Different cipher texts (e.g. gathered by different sessions or manipulation of session state) share a common divisor in the length.