Scribd
Upload
50 views8 pages

SecurityFirst SampleReport

Uploaded by

michaelhorn124
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
50 views8 pages

SecurityFirst SampleReport

Uploaded by

michaelhorn124
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Vulnerability Assessment and

Systems Assurance Report -


Security First

Security First Sample Report

Chase Blackwelder

ITIS 4221/5221

January 18th, 2021

*This sample report is intended to help students with the formatting of the Tunestore I Report project for ITIS
4221/5221. This sample report is based on the Security First VM. ​Sections 1-2.1 of this report are fully completed.
The sections following 2.1 contain descriptions of what would be expected in order to receive full points for that
specific section.​*

Vulnerability assessment and System Assurance Report 1


VULNERABILITY ASSESSMENT AND SYSTEMS ASSURANCE REPORT

TABLE OF CONTENTS

Section Page #

1.0 General Information 3


1.1 Purpose 3

2.0 SQL Injection Vulnerability 4


2.1 Logging in as a Random User 3
2.2 Logging in as a Specific User 7

3.0 XSS Vulnerability 8


3.1 Stored XSS 8
3.2 Reflected XSS 8

Vulnerability assessment and System Assurance Report 2


1.0 General Information

1.1 Purpose
The objective of this Security First Bank & Trust application security assessment is to identify
and analyze vulnerabilities that are present within the application. More specifically, the purpose
of this security assessment and penetration test is to determine the overall security of the
application that is within the scope of the engagement. The vulnerabilities being discussed in this
report include several SQL injection and cross-site scripting (XSS) vulnerabilities.

Vulnerability assessment and System Assurance Report 3


2.0 SQL Injection

The Security First Bank & Trust application is vulnerable to several SQL injection attacks. An
SQL injection attack can occur when a user is asked to enter normal input, but instead gives an
SQL statement that will unknowingly be run on the database server that is behind the web
application. This gives an attacker the opportunity to execute malicious SQL statements on the
database. For instance, using SQL injection, an attacker can find the credentials of other users in
the database, which they could then use to impersonate these users. Additionally, they could
access, modify, or delete the data that is contained in the database. In the case of the Security
First Bank & Trust application, SQL injection could be used by an attacker to login as a random
user without needing to know their credentials.

2.1 SQL Injection - Logging in as a random user

One instance of an SQL injection vulnerability in the Security First Bank & Trust application
allows an attacker to login as a random user. This vulnerability exists in the logging in
functionality on the login page of the application. The logging in functionality uses an SQL
statement to check if the entered username and password inputs exist in the database. If the
username and password does exist, then the user will successfully be logged in. Below is a
screenshot of the login form on the login page of the Security First Bank & Trust application.

Vulnerability assessment and System Assurance Report 4


An attacker is able to log in as a random user by exploiting the password field of the login
functionality. This can be done using the Tamper Data extension for Firefox. Once the tamper
has started, the attacker can change the value in the password field to the following:

' OR '1'='1

The ' OR '1'='1 input causes the SQL query that is run on the database to be TRUE, since 1=1 is
always TRUE. Since the password check portion of the SQL query is TRUE, the username field
is not needed, and the user is logged in as the first user in the database. The screenshots below
illustrate how an attacker can login as a random user by exploiting this SQL injection
vulnerability.

First, the attacker will need to start the tamper using the Tamper Data extension.

Next, a few random letters or numbers need to be entered into both the username and password
field and submitted using the submit button.

Vulnerability assessment and System Assurance Report 5


The Tamper Data extension will now allow the attacker to edit the POST parameters for the
login form.

Vulnerability assessment and System Assurance Report 6


After completing the steps above, the attacker will have successfully gained access to customer
Thomas Dunlin’s account.

2.2 SQL Injection - Logging in as a random user

Complete all subsequent sections similar to how the section above was completed. Provide a
​ ith screenshots ​that show the
description of the specific vulnerability, and include examples w
vulnerability being maliciously exploited.

Vulnerability assessment and System Assurance Report 7


3.0 XSS Vulnerability

Explain what an XSS vulnerability is, and describe how it can be maliciously exploited by an
attacker.

3.1 Stored XSS

Provide a brief description of a stored XSS vulnerability that is present in the application, and
provide examples with screenshots that show this vulnerability being maliciously exploited.

3.2 Reflected XSS

Provide a brief description of a reflected XSS vulnerability that is present in the application, and
provide examples with screenshots that show this vulnerability being maliciously exploited.

Vulnerability assessment and System Assurance Report 8

You might also like