Last active
September 4, 2018 17:55
-
-
Save venkatavamsy/2e43b85c41d36c1875cc83021b30ef1f to your computer and use it in GitHub Desktop.
Revisions
-
venkatavamsy revised this gist
Sep 4, 2018 . 1 changed file with 8 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -55,8 +55,16 @@ https://www.owasp.org/index.php/Testing_for_Vulnerable_Remember_Password_(OTG-AU Desktop Folders Paths: c:\website\bank\account.aspx c:\downloads\AltoroMutual_v6\website\App_Code\LineItemTable.cs This server's certificate is not trusted, see below for details. Certificate uses an insecure signature. Upgrade to SHA2 to avoid browser warnings. This server uses SSL 3, which is obsolete and insecure. Grade capped to B. MORE INFO » This server accepts RC4 cipher, but only with older protocols. Grade capped to B. This server does not support Forward Secrecy with the reference browsers. Grade capped to B. This server does not support Authenticated encryption (AEAD) cipher suites. Grade capped to B. Mitigations: URL Validation -
Sep 4, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,73 @@ Summary Overall risk level: High Risk ratings: High: 1 Medium: 2 Low: 2 Info: 5 Findings Passwords are submitted unencrypted over the network Login form: http://demo.testfire.net/bank/login.aspx Details Insecure HTTP cookies Cookie Name Flags missing ASP.NET_SessionId Secure amSessionId Secure, HttpOnly Details Communication is not secure http://demo.testfire.net/bank/login.aspx admin , admin weak passwords Details Missing HTTP security headers HTTP Security Header Header Role Status X-Frame-Options Protects against Clickjacking attacks Not set X-XSS-Protection Mitigates Cross-Site Scripting (XSS) attacks Not set X-Content-Type-Options Prevents possible phishing or XSS attacks Not set Details Password auto-complete is enabled <input id="passw" name="passw" style="width: 150px;" type="password"/> Details Risk description: When password auto-complete is enabled, the browser will remember the password entered into the login form, such that it will automatically fill it next time the user tries to login. However, if an attacker gains physical access to the victim's computer, he can retrieve the saved password from the browser's memory and use it to gain access to the victim's account in the application. Furthermore, if the application is also vulnerable to Cross-Site Scripting, the attacker could steal the saved password remotely. Recommendation: We recommend you to disable the password auto-complete feature on the login forms by setting the attribute autocomplete="off" on all password fields. More information about this issue: https://www.owasp.org/index.php/Testing_for_Vulnerable_Remember_Password_(OTG-AUTHN-005). Server software and technology not found No vulnerabilities found for server-side software (missing version information) Robots.txt file not found No security issue found regarding client access policies Desktop Folders Paths: c:\website\bank\account.aspx Mitigations: URL Validation Sessiion Validation Input Validation Certificate Maitainence Server and client Validation It takes very less time to write a script and destroy this site.