0% found this document useful (0 votes)
2K views10 pages

Demoblaze Data

The document describes potential security vulnerabilities of a website including the use of weak TLS versions and cipher suites, clickjacking, user enumeration, lack of password complexity requirements, ability to perform brute force login attempts, missing security headers like HSTS and CSP, and lack of input validation and secure configuration of cookies.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
2K views10 pages

Demoblaze Data

The document describes potential security vulnerabilities of a website including the use of weak TLS versions and cipher suites, clickjacking, user enumeration, lack of password complexity requirements, ability to perform brute force login attempts, missing security headers like HSTS and CSP, and lack of input validation and secure configuration of cookies.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 10

https://www.demoblaze.

com/

- TLS 1.0 and TLS 1.1 Supported


- Multiple Weak Cipher Suites Supported

Steps:
1. Run SSL Scan of the target.
2. Assess the results of the scan to identify potential vulnerabilities.
Other Vulnerabilities:

- Clickjacking
Steps:
1. Write a HTML code to load the target website in iframe.
2. SAve the code as .html and open the file.
3. The target website will be opened in an iframe.

- User Enumeration
1. On the target website, click on login.
2. Enter correct username and incorrect password, Message will be displayed as Wrong
Password.
3. Enter Incorrect Username and any password, Message will be displayed as User does
not exist.
- Brute Force Possible on Login
1. On the target website, click on login.
2. Enter the correct username and any password.
3. Click on login and capture request in Intruder
4. Provide 10 payloads and run the attack
5. Notice, No prevention is implemented and users can execute multiple login requests.
6. It can also be assessed manually if usage of tool is prohibited or can affect the target
environment.
- Missing Strict Transport Security
1. Assess the Target Website headers using securityheaders.com OR Manually using the
Network tab under Inspect Element.

- Referrer Policy - Missing Header


1. Assess the Target Website headers using securityheaders.com OR Manually using the
Network tab under Inspect Element.

- Content Type - Missing Header


1. Assess the Target Website headers using securityheaders.com OR Manually using the
Network tab under Inspect Element.
- Password Policy Not Implemented
1. On the target website, Click on Sign Up.
2. Attempt to create a user account with a single digit password (Weak Password)
3. Notice, It gets accepted as no password policy is being implemented.
- Cross Origin Resource Sharing
1. On the target website login page, attempt to login and capture the request in Burp.
2. Modify the Origin header to an arbitrary domain.
3. In the response, Notice the arbitrary domain is accepted with Allow Credentials as True.
- Missing Input Validation across application
1. On the target application, Open any form which accepts input from users.
2. Enter Invalid Data or Special Characters and submit.
3. Notice, All Invalid Inputs have been Accepted by application without validation. (Server
and Client)
- Misconfigured Cookie Attributes (SameSite, HTTPOnly, Secure)

1. Login to the target application


2. Using Inspect, Locate the cookie and assess the set properties.

You might also like