Scribd
Upload
31 views

Broke Access Control

Uploaded by

saireddy111jr
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
31 views

Broke Access Control

Uploaded by

saireddy111jr
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

Broke access control:

# Broken Access Control is a type of application security vulnerability that


enables users to access data and functionalities that they should not have access
to. In most cases of Broken Access Control attacks, a malicious user takes
advantage of weak or non-implementation of access control in the target
application.

# Broken Access Control vulnerability is a very critical software security flaw. In


fact, it was 5th on the OWASP top 10 web application security risk in 2017. The
popularity of Broken Access Control even increased in 2021 as it moved to the 1st
spot on the OWASP top 10 list that year.

Types of Broken Access Control Vulnerability:

# Insecure Direct Object References: In this type of vulnerability, an attacker can


exploit a website by specifying the unique identifier (ID) for resources to access
resources that they should not access. This can be done by modifying values in the
URL parameters or other user input systems.

# Violation of the Principle of Least Privilege: The principle of least privilege


is a computer security concept that states that a user should be granted access to
only the resources that they need to do their work. The violation of this concept
will grant users like regular users access to admin features and other resources
they do not have any business accessing.

# Access Control Checks Bypass: Here a user exploits a vulnerable website using
code injection attacks like SQL Injection and Cross-Site Scripting (XSS). The
malicious code the user injects will break or bypass existing access control
features on the website.

Tools Used by the attackers/PT to exploit Broken access control:

# These tools are often used to test the security of web applications and systems,
identify weaknesses, and launch attacks. Some of the commonly used tools include:

# Burp Suite: Burp Suite is a popular toolkit for web application security
testing. It includes a variety of tools for performing different types of security
testing, including scanning for broken access control vulnerabilities, intercepting
and modifying HTTP requests, and analyzing application behavior.

OWASP ZAP (Zed Attack Proxy): OWASP ZAP is an open-source web application security
testing tool that helps identify security vulnerabilities, including broken access
control issues. It can intercept and modify HTTP requests and responses, perform
automated scanning for vulnerabilities, and provide detailed reports.

Nessus: Nessus is a widely used vulnerability scanner that can identify security
vulnerabilities in web applications and systems. It includes plugins for detecting
broken access control issues, misconfigurations, and other security weaknesses.

Acunetix: Acunetix is a web vulnerability scanner that helps identify and remediate
security vulnerabilities in web applications. It can detect broken access control
vulnerabilities, insecure direct object references, and other common security
issues.

Netsparker: Netsparker is an automated web application security scanner that can


identify vulnerabilities such as broken access control, SQL injection, cross-site
scripting (XSS), and more. It provides detailed reports and recommendations for
remediation.

Metasploit: Metasploit is a penetration testing framework that includes tools for


identifying and exploiting security vulnerabilities. While it is primarily used for
exploitation, it can also be used to test for broken access control vulnerabilities
and assess the security of web applications and systems.

SQLMap: SQLMap is a popular tool for detecting and exploiting SQL injection
vulnerabilities, but it can also be used to identify other types of
vulnerabilities, including broken access control issues related to database
queries.

You might also like