Weak Login Function

Weak Login Function

Overview of the Vulnerability

Weak login functionality arises from improperly configured authentication practices which weakens the security of the authentication process of an application. This can lead to an attacker gaining access to user data and functionality of the application by taking advantage of the broken authentication and session management mechanisms.

Business Impact

Weak login function can lead to indirect financial loss through an attacker accessing, deleting, or modifying data from within the application. This could also result in reputational damage for the business through the impact to customers’ trust. The severity of the impact is dependent on the sensitivity of the data being stored in, and transmitted by the application, as well as the privileges of the account the attacker gains access to.

Steps to Reproduce

  1. Enable a HTTP interception proxy, such as Burp Suite or OWASP ZAP

  2. Use a browser to navigate to: {{URL}}

  3. Forward the following request to the endpoint:

{{request}}

  1. Observe in the HTTP interception proxy a 200 OK in the HTTP response indicating valid access

Proof of Concept (PoC)

The following screenhots show the full exploit:

{{screenshot}}

Guidance

Your submission must include evidence of the vulnerability and not be theoretical in nature. For a broken authentication or session management vulnerability, please include a simple URL or HTTP payload that can be executed to easily demonstrate and reproduce the issue. This can also include a cURL response from the website. For example, showing that HTTP is default or HTTPS is not available.

Attempt to escalate the broken authentication or session management to perform additional actions (such as an account takeover or CSRF bypass to perform a sensitive action). If this is possible, provide a full Proof of Concept (PoC).

Recommendation(s)

Weak login function can be remediated by implementing a handful of best practices relating to authentication and session management to ensure secure implementation. These include:

  • Keeping all systems, software and operating systems up-to-date with a repeatable patch management process

  • Validate all user input server-side

  • Ensure that the authentication mechanisms and logic are robust and that each request for a resource passes through an authorization process

The verification logic of the application, as well as all of the above, should be thoroughly tested during the development and QA phases of an application build.

For further information, refer to Open Web Application Security Project(OWASP) guides located at:

PreviousLogin BypassNextHTTP And HTTPS Available

Last updated