This lab is about Web Application Security and all student should be able to:
* Describe the flaw of web application and how it is exploited.
* Exploit web application vulnerabilities.
* List prevention method that can be taken to overcome web application vulnerabilities.
What is Web Application Security?
Web application can be accessed using a web browser over a network, either the Internet or within the Local Area Network. It is developed using browser-supported language such as HTML, JavaScript, PHP, ASP and etc.Web application let user to access application or system anywhere and at any time provided the user is connected to a network connection. A Web application system should be carefully and safely develop because it is the first line of defense, any fault or flaws in it development stage, the server configuration and even the scripting used in it development can bring a major loop hole that can be manipulated by intruder to be used as the backdoor to the entire network.
The Open Web Application Security Project (OWASP) is an open community that focuses on improving the security of application software.
The top 10 web vulnerabilities based on OWASP top 10 2007 are:
1. Cross site scripting
2. Injection flaws
3. Malicious file execution
4. Insecure direct object reference
5. Cross site request forgery
6. Information leakage and improper error handling
7. Broken authentication and session management
8. Insecure crypto storage
9. Insecure comms
10. Failure to restrict URL access
What is WebGoat and WebScarab?
WebGoat is a simulation toolkit used to demonstrate how we can exploit the vulnerabilities of a poorly design web application. The design of the web application in the WebGoat is deliberately designed with insecure J2EE framework so that user can understand the security issue by applying the security knowledge they have into exploiting a real vulnerability in WebGoat application.
WebScarab is designed to be a tool for anyone who needs to expose the workings of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that the application has been designed or implemented.
p/s : More details, refer to others references.^_^
