Sample WAPT Report V1.4

8/17/2019 Sample WAPT Report V1.4

1/116

WEB APPLICATION

PENETRATION TESTINGREPORT

FOR

FROM

Assessment:


2/116

Penetration Testing Report

CONTENTS1 EXECUTIVE SUMMAR !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! "

1!1 SUMMAR !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"

1!# O$%ECTIVE!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"

1!& 'URATION!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"

1!( APPROAC)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!*

1!+ SCOPE OF ,OR- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.

1!" T PE OF ASSESSMENT SE/ECTE' $ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!0

1!* STAN'AR'S AN' FRAME,OR- FO//O,E'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!11

1!. SUMMAR OF FIN'INS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1#

1!0 TA$U/AR SUMMAR !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1&1!12...............................................................................................RAP)ICA/ SUMMAR 1&

1!11......................................................................................................SEVERIT RATIN1(

1!1#..............................................................................................EASE OF EXP/OITATION1+

# TEC)NICA/ REPORT !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 1"

#!1 ,E$ APP/ICATION VU/NERA$I/ITIES!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1"

2.1.1 SQL INJECTION......................................................................................................162.1.2 NRESTRICTE! "ILE PLOA!....................................................................................222.1.# APPLICATION ALLOWS REPLAY O" AT$ENTICATION TO%EN............................................2&2.1.' INS""ICIENT AT$ENTICATION.................................................................................#12.1.( INS""ICIENT AT$ORI)ATION..................................................................................#22.1.6 !ANGEROS MET$O!S ENABLE!...............................................................................#(2.1.* REP!IATION ATTAC% ..............................................................................................#*2.1.& WEA% PASSWOR! RECO+ERY MEC$ANISM..................................................................',2.1.- CROSS SITE SCRIPTING /SS0..................................................................................'62.1.1, L!AP INJECTION..................................................................................................(12.1.11 PA!!ING ORACLE A TTAC% ......................................................................................(#

2.1.12 SESSION "I/ATION................................................................................................(62.1.1# SESSION $IJAC%ING...............................................................................................(-2.1.1' INSECRE !IRECT OBJECT RE"ERENCES....................................................................622.1.1( CROSS SITE REQEST "ORGERY CSR"0..................................................................662.1.16 CLIC%JAC%ING +LNERABILITY..............................................................................*,2.1.1* !IRECTORY IN!E/ING............................................................................................*#2.1.1& PASSWOR! TRANSMITTE! O+ER $TTP.....................................................................*(2.1.1- IMPROPER ERROR $AN!LING..................................................................................**


3/116


2.1.2, CAPTC$A NOT IMPLEMENTE!................................................................................&,2.1.21 SENSITI+E IN"ORMATION !ISCLOSRE.......................................................................&22.1.22 PASSWOR! +ISIBLE W$ILE RESETTING PASSWOR!.......................................................&'2.1.2# SESSION TO%EN IN RL.........................................................................................&62.1.2' "RAME INJECTION..................................................................................................&*

2.1.2( OPEN RE!IRECTION..............................................................................................&-2.1.26 ABSE O" "NCTIONALITY.....................................................................................-,2.1.2* INSECRE IMPLEMENTATION O" WS!L......................................................................-22.1.2& WEA% PASSWOR! POLICY......................................................................................-(2.1.2- CONTENT SPOO"ING.............................................................................................-&2.1.#, COO%IE NOT MAR%E! $TTPONLY.........................................................................1,,2.1.#1 +ERSION !ISCLOSRE IISASP.NET.......................................................................1,22.1.#2 BAC% BTTON BROWSING....................................................................................1,(2.1.## +IEWS TATE IS NOT ENCRYPTE!..............................................................................1,&2.1.#' "ORM ATOCOMPLETE ENABLE!..........................................................................11,

& O,ASP TOP TEN #21& !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 11#

( APPEN'IX !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 11&


4/116


'OCUMENT '3TAI/S'OCUMENT VERSION CONTRO/

'OCUMENT SU$MISSION 'ETAI/S!3te 1. May #21"C4assi56ation $4578 C9n;ent437'o67ment Type Penet3t49n Test4n5 Re=9tS78mitte9 To'esignationA99ressConta6tN7m8erE:Mai4

'OCUMENT 'ISTRI$UTION /IST


5/116


NOTICE

T4s ;9?ment 9nt34ns 4n@9m3t49n 4 4s te 4nte77et?37 =9=et8 9@ Net9

Inte7745ene In;430 Pt. Lt;. 37s9 377e; Net9 Inte7745ene0. T4s ;9?ment 4s

ee4e; 4n 9n;ene 3n; 4ts 9ntents 3nn9t De ;4s79se; 9 9=4e; 4t9?t te=49 4tten 9nsent 9@ Net9 Inte7745ene.

N9t4n5 4n t4s ;9?ment 9nst4t?tes 3 5?33nt8 33nt8 9 74ense eF=esse; 9

4m=74e;. Net9 Inte7745ene ;4s734ms 377 743D474t8 @9 377 s? 5?33nt4es 33nt4es

3n; 74enses 4n7?;4n5 D?t n9t 74m4te; t9: "4tness @9 3 =3t4?73 =?=9se

me3nt3D474t8 n9n 4n@4n5ement 9@ 4nte77et?37 =9=et8 9 9te 45ts 9@ 3n8 t4;

=3t8 9 9@ Net9 Inte7745ene 4n;emn4t8 3n; 377 9tes. Te e3;e 4s 3;4se; t3t

t4; =3t4es 3n 3e 4nte77et?37 =9=et8 45ts t3t 3n De e7e3nt t9 t4s

;9?ment 3n; te ten97954es ;4s?sse; ee4n 3n; 4s 3;4se; t9 see te 3;4e 9@

9m=etent 7e537 9?nse7 4t9?t 9D7453t49n 9@ Net9 Inte7745ene.

Net9 Inte7745ene et34ns te 45t t9 m3e 3n5es t9 t4s ;9?ment 3t 3n8 t4me

4t9?t n9t4e. Net9 Inte7745ene m3es n9 33nt8 @9 te ?se 9@ t4s ;9?ment

3n; 3ss?mes n9 es=9ns4D474t8 @9 3n8 e9s t3t 3n 3==e3 4n te ;9?ment n9

;9es 4t m3e 3 9mm4tment t9 ?=;3te te 4n@9m3t49n 9nt34ne; ee4n.

COPYRIG$TC9=845t. Net9 Inte7745ene In;430 Pt. Lt;. A77 45ts esee;.

TRA!EMAR%SOte =9;?t 3n; 9=93te n3mes m38 De t3;em3s 9@ 9te 9m=3n4es 3n; 3e

?se; 9n78 @9 eF=73n3t49n 3n; t9 te 9nesH Denet 4t9?t 4ntent t9 4n@4n5e.

NII CONTACT 'ETAI/SN3me T4t7e M3n35e Se?4t8 AssessmentC9m=3n8A;;ess Te7. N9M9D47e N9E M347


6/116


1 E/ECTI+E SMMARY

1.1 SMMARY

3; 3ss45ne; Net9 Inte7745ene I0 Pt. Lt;. te t3s 9@

384n5 9?t 3ssessment 3s 4n7?;e; 4n te s9=e 9@ 9.

1.2 OBJECTI+E

Te =?=9se 9@ te test 3s t9 ;etem4ne se?4t8 ?7ne3D474t4es 4n te4 eD

3==743t49nsnet9 3s 74ste; 4n te s9=e. Te tests ee 34e; 9?t 3ss?m4n5 te

4;ent4t8 9@ 3n 3tt3e 9 3 ?se 4t m37449?s 4ntent. !?e 3e 3s t3en n9t t9

3m te sees 3s e?este;.

1.# !RATION

T4s Penet3t49n Test 3s =e@9me; @9m . Te ;et347e; e=9t 3D9?t

e3 t3s 3n; 9? n;4n5s 3e ;es4De; De79.


7/116


1.' APPROAC$

1. Pe@9me; D93; s3ns t9 4;ent4@8 =9tent437 3e3s 9@ eF=9s?e 3n; se4es2. Pe@9me; t35ete; s3ns 3n; m3n?37 4nest453t49n t9 374;3te ?7ne3D474t4es#. n;est3n; te A==743t49n'. B?47; D?s4ness D3se; test 3ses(. I;ent4e; 9m=9nents t9 534n 3ess6. I;ent4e; 3n; 374;3te; ?7ne3D474t4es*. R3ne; te ?7ne3D474t4es D3se; 9n te3t 7ee7 79ss =9tent437 3n; 74e7499; 9@

eF=794t3t49n&. I;ent4e; 4ss?es 9@ 4mme;43te 9nse?ene 3n; e9mmen;e; s97?t49ns-. !ee79=e; 79n5tem e9mmen;3t49ns t9 en3ne se?4t81,.T3ns@ee; n97e;5e t9?5 t4s e=9t


8/116

'e;e4opt


9/116


1.6 T YPE O" ASSESSMENT SELECTE! BY Sr!N

o!

Type o= PenetrationTest approa6

'es6ription Asapp4i6a84e an9

se4e6te98y ,CO1 B73 B9F

Assessment

In t4s 3==93 e 9n78 n9 te RL 9@ te

eDs4te. En?me3t49n 9@ ten97954es m3==4n5

9@ te eDs4te 4;ent43t49n 9@ @3?7t 4net49n

=94nts ;etem4n4n5 4n=?t 374;3t49n

?7ne3D474t4es 9 795437 se?4t8 ?7ne3D474t4es

3n; te OWASP t9= 1, 3tt3s 3e 377 =3t 9@ t4s

eFe4se.

N9

# G38 B9FAssessment

O@ten en9?5 3 eD 3==743t49n 4n97es

3?tent43t49n 3n; 3?t943t49n 9m=9nents. In

9;e t9 De 3D7e t9 test tese e e?est @9 3

;?mm8 ?se 39?nt 4t te 7e3st 7ee7 9@

=447e5es 4t4n te 3==743t49n. s4n5 t4s

39?nt e 3e 3D7e t9 795 4n 3n; test @9

349?s 3s 4n te 3?tent43t49n seme 3s

e77 3s 3ttem=t t9 es373te 9? =447e5es 3n;

D8=3ss 3?t943t49n est4t49ns.

Yes

& W4e7essAssessment

W4e7ess 34n5 4s ;9ne t9 53te 377 799=97es

=9ss4D7e 4n 3n 953n43t49ns 4e7ess

4n@3st?t?e. T4s 4s ;9ne 4t 3n 4ntent49n t9

534n ?n3?t94e; 3ess 3n; t9 t8 3n; eF=794t3s m? 3s es9?es 33473D7e. T4s 3t44t8

37s9 4n97es ;94n5 3 ;44n5 3n; 977et4n5

te st3t4st4s 74e s45n37 sten5t en8=t49n

t8=e SSI! et.

N9

( S9437En54nee4n5

C9nt97s 3n De =?t 9n s8stems 3n; ;e4es D?t

s3me ;9es n9t 97; t?e @9 te 9Dets ?s4n5

tese s8stems em=798eestem=934es0. S9437

En54nee4n5 4s te met9; D8 4 377 te

3es t8 3n; 5et te 9n;ent437 3n;

D?s4ness 4t437 4n@9m3t49n D8 ?s4n5 349?s

ten4?es. T4s test @9?ses 9n eF=794t4n5 3n;

n;4n5 9?t 377 te =9ss4D7e 799=97es =et34n4n5

t9 t4s ;9m34n s9 t3t 89? 953n43t49n 4s

5e3e; ?= t9 @3e s9437 en54nee4n5 3tt3s 4n

e37 74@e.

N9

+ R4s B3se;Penet3t49n

T3;4t49n37 Penet3t49n Test4n5 3==93 9n78

@9?ses 9n te ten437 ?7ne3D474t4es. B?t

N9


10/116


Test4n5 B?s4ness R4s D3se; 3==93 n9t 9n78 @9?ses

9n te ten437 ?7ne3D474t4es D?t 37s9 9n te

4ss =es?me; t9 te D?s4ness 9@ Pe9=7e

Inte3t4e "4st test 3ses =et34n4n5 t9 te

D?s4ness te3t m9;e7 3e ;ee79=e; 3n;Penet3t49n test 4s 34e; 9?t @9?s4n5 m3978

9n te 3ses. T4s met9; 3s m3n8 3;3nt35es

9e te t3;4t49n37 Penet3t49n Test

met9;97958. An; 9ne 9@ te D455est

3;3nt35es 4t 3s 4s t3t 9@ De4n5 D?s4ness

@9?se;." S9?e C9;e

Re4e

S9?e 9;e e4e @9?ses 9n ;etet4n5 te

?7ne3D474t4es e378 4n te S9@t3e

!ee79=ment L4@e C87e S!LC0 s? 3s !3t39

3tt3s C9ss S4te S4=t4n5 /SS0 Inet49n

SQL "47e /PAT$ eet49n et.0 "47e

In7?s49neFe?t49n 3n; In@9m3t49n Le335e.

T4s met9;97958 477 e7= Pe9=7e Inte3t4e t9

79se te 799=97es ;?4n5 te ;ee79=ment 3n;

test4n5 =3se.

N9

* Penet3t49n Test4n5

Penet3t49n Test @9?ses 9n 4;ent4@84n5

?7ne3D474t4es t3t 3e 4;ent4e; ;?4n5 te

?7ne3D474t8 3ssessment =3se 3n; eF=794t4n5

te s3me t9 =94;e te 4m=3t 9@ te s3me.

N9

. +?7ne3D474t8

Assessment

+?7ne3D474t8 Assessment 4s te =9ess 9@

4;ent4@84n5 ?3nt4@84n5 3n; =494t44n5 te?7ne3D474t4es 9@ te 9m=9nents 9@ IT

4n@3st?t?e.

Yes

0 B?s4ness L954Pentest

T3;4t49n37 Penet3t49n Test4n5 3==93 9n78

@9?ses 9n te ten437 ?7ne3D474t4es. B?t

B?s4ness R4s D3se; 3==93 n9t 9n78 @9?ses

9n te ten437 ?7ne3D474t4es D?t 37s9 9n te

4ss =es?me; t9 te D?s4ness 9@ Pe9=7e

Inte3t4e "4st test 3ses =et34n4n5 t9 te

D?s4ness te3t m9;e7 3e ;ee79=e; 3n;

Penet3t49n test 4s 34e; 9?t @9?s4n5 m3978

9n te 3ses. T4s met9; 3s m3n8 3;3nt35es

9e te t3;4t49n37 Penet3t49n Test

met9;97958. An; 9ne 9@ te D455est

3;3nt35es 4t 3s 4s t3t 9@ De4n5 D?s4ness

@9?se;.

Yes


11/116


(To know more kindly press control key and click on the type of Penetration Test

approach.)

Te Penet3t49n Test t8=es se7ete; D8 74ent 3e 3s ee; 4n te t3D7e 3D9e. It 4s4578 e9mmen;e; t9 59 4n @9 9te t8=es 9@ Penet3t49n Test t8=es 4n @?t?e=9ets @9 4m=94n5 te 9e377 se?4t8 =9st?e 9@ 89? esteeme; 953n43t49n.


12/116


1.* S TAN!AR!S AN! "RAMEWOR% "OLLOWE!

1. O=en WeD A==743t49n Se?4t8 P9et "3me9 OWASP02. WeD A==743t49n Se?4t8 C9ns9t4?m WASC0#. Te O=en S9?e Se?4t8 Test4n5 Met9;97958 M3n?37 OSSTMM0'. N3t49n37 Inst4t?te 9@ St3n;3;s 3n; Ten97958 NIST0

http://www.owasp.org/index.php/The_OWASP_Testing_Frameworkhttp://www.webappsec.org/http://en.wikipedia.org/wiki/The_Open_Source_Security_Testing_Methodology_Manualhttp://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technologyhttp://www.owasp.org/index.php/The_OWASP_Testing_Frameworkhttp://www.webappsec.org/http://en.wikipedia.org/wiki/The_Open_Source_Security_Testing_Methodology_Manualhttp://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology


13/116


1.& SMMARY O" "IN!INGS

"97794n5 t3D7e t3t s?mm34es te 74st 9@ n;4n5s ;4s9ee; ;?4n5 te =9et:Sr!No!

Tit4e Se;erity Rating Ease o= E?p4oitation

1 SQL Inet49n )I) EAS # nest4te; "47e =793; )I) EAS & A==743t49n A779s Re=738 9@

A?tent43t49n T9en

)I) MO'ERATE

( Ins?4ent A?tent43t49n )I) MO'ERATE+ Ins?4ent A?t943t49n )I) MO'ERATE" !3n5e9?s Met9;s En3D7e; )I) MO'ERATE* Re=?;43t49n Att3 )I) MO'ERATE. We3 P3ss9; Re9e8

Me3n4sm

)I) MO'ERATE

0 C9ss S4te S4=t4n5 /SS0 )I) MO'ERATE12 L!AP Inet49n )I) MO'ERATE11 P3;;4n5 O37e Att3 )I) MO'ERATE1# Sess49n "4F3t49n )I) MO'ERATE1& Sess49n $434n5 ME'IUM MO'ERATE1( Inse?e !4et ODet Re@eenes ME'IUM MO'ERATE1+ C9ss S4te Re?est "95e8 CSR"0 ME'IUM MO'ERATE1" C7434n5 +?7ne3D474t8 ME'IUM MO'ERATE1* !4et98 In;eF4n5 ME'IUM MO'ERATE1. P3ss9; T3nsm4tte; Oe $TTP ME'IUM MO'ERATE10 Im=9=e E9 $3n;74n5 ME'IUM MO'ERATE#2 CAPTC$A N9t Im=7emente; ME'IUM 'IFFICU/T

#1 Sens4t4e In@9m3t49n !4s79s?e ME'IUM 'IFFICU/T## P3ss9; +4s4D7e W47e te Resett4n5P3ss9;

/O, EAS

#& Sess49n T9en 4n RL /O, EAS #( "3me Inet49n /O, EAS #+ O=en Re;4et49n /O, EAS #" AD?se 9@ "?nt49n374t8 /O, MO'ERATE#* Inse?e Im=7ement3t49n O@ WS!L /O, MO'ERATE#. We3 P3ss9; P9748 /O, MO'ERATE#0 C9ntent S=99n5 /O, MO'ERATE&2 C994e N9t M3e; 3s $TTPOn78 /O, MO'ERATE&1 +es49n !4s79s?e IISASP.NET /O, MO'ERATE

B3 B?tt9n B9s4n5 /O, 'IFFICU/T&& +4eSt3te Is N9t En8=te; /O, 'IFFICU/T&( "9m A?t9C9m=7ete En3D7e; /O, 'IFFICU/T


14/116


1.- TABLAR SMMARY Te @97794n5 t3D7e s?mm34es te S8stems +?7ne3D474t8 Assessment:

C3te598 !es4=t49nS8stems +?7ne3D474t8 Assessment S?mm38N?mDe 9@ S8stemsIP A;;ess #'N?mDe 9@ +?7ne3D474t4es @9?n; 1-WeD A==743t49n0

$45 Me;4?m 3n; L9 See4t8+?7ne3D474t4es

1& . 1&

VU/NERA$I/IT SUMMAR

1.1, GRAP$ICAL SMMARY

$45

Me;4?m

L9

1#

&

1#

O;era44 V74nera8i4ity rap


15/116


1.11 SE+ERITY RATING

T4s 3t4n5 4s esee; @9 s8stem ?7ne3D474t4es t3t 477 es?7t 4n se49?s 4m=3t t9

te 953n43t49n. !e=en;4n5 9n te 4t4374t8 9@ te s8stem 4ss 9@ t4s m35n4t?;e

9?7; e=esent 3 n3n437 4m=3t 9 ;3m35e ?st9me 3n; =3tne e73t49ns4=s.

)I)It 4s 4m=e3t4e t3t e9ts De ?n;et3en 4mme;43te78 t9 m4t453te te ?7ne3D474t4es4n t4s 3te598. A77 $45 see4t8 7ee7s 3e ;ene; D8 te @97794n5 eF3m=7es:

P9tent4370 T93n $9sesP9tent4370 B3;99"47e Re3; 3n; W4tes EF=794tRem9te C9mm3n; EFe?t49n!3t3D3se Aess

!en437 9@ Se4e

ME'IUMMe;4?m te3ts 3e ;ene; D8 s9me 9@ te @97794n5 eF3m=7es:

!en437 9@ Se4enen8=te; =9t997 3ess!4s79s?e 9@ see ;et347sA==743t49n e9s

/O,

L9 te3ts 3e ;ene; D8 s9me 9@ te @97794n5 eF3m=7es:

Se4es en3D7e; 4t 3 =3st 4st98 9@ se?4t8 3sL4m4te; eF=794t 9@ e3;!4et98 D9s4n5In@9m3t49n !4s79s?eO7; s9@t3eGene37 se?4t8 e9mmen;3t49ns


16/116


1.12 EASE O" E/PLOITATION

Tee 3e n9 579D37 =33metes t9 3ssess te 37?e 9@ t4s =33mete. Tee 3e

349?s @3t9s t3t 4n?ene te 37?e 9@ te E3se 9@ EF=794t3t49n.

EASY

An8 ?7ne3D474t8 73ss4e; 3s e3s8 9?7; De st345t@93; t9 eF=794t. Tee 9?7;De n9n te eF=794t 9;e 4n te =?D74 ;9m34n t3t 9?7; De ?se; t9 9m=9m4se tet35et. Te =9st eF=794t3t49n 4m=3t 9?7; ;e=en; 9n te t8=e 9@ se4e 9ee; 9nte s8stem.

MO'ERATEAn8 ?7ne3D474t8 73ss4e; 3s m9;e3te 9?7; nee; 3;;4t49n37 e9t 4n tems 9@ t4me

es9?es n9 9@ s8stems =9ess4n5 s=ee; et.0 A7s9 t9?5 tee 4s st345t

@93; eF=794ts 33473D7e te8 m38 9 m38 n9t 9 ;?e te 34tet?e 9 te

;es45n 9@ te net9. In t4s 3se een 4@ tee 4s 3 9m=9m4se 4t 9?7; Dee3s9n3D78 3; t9 9n7?;e. Tee 9?7; De 9te @3t9s t3t 9?7; De nee;e; t9

34; te 3tt3.

'IFFICU/TAn8 ?7ne3D474t8 73ss4e; 3s ;4?7t 9?7; De =?e78 4n@9m3t49n37. $9ee t9?5

te8 9?7; 9n78 ee37 s9me 4n@9m3t49n 3D9?t te t35et D?t 9?7; n9t 3e 3n8

n9 4ss?es 4n te =?D74 ;9m34n


17/116


2 TEC$NICAL REPORT

2.1 WEB APPLICATION +LNERABILITIES

2.1.1 SQL INJECTION

SEVERIT /EVE/)I)

EASE OF EXP/OITATIONMO'ERATE

VU/NERA$I/IT C/ASSIFICATIONIns?4ent A?t943t49n

AFFECTE' SAMP/E UR/

'ESCRIPTIONSQL Inet49n 4s 3n 3tt3 ten4?e ?se; t9 eF=794t 3==743t49ns t3t 9nst?t SQL

st3tements @9m ?ses?==74e; 4n=?t. Wen s?ess@?7 te 3tt3e 4s 3D7e t9 3n5e

te 7954 9@ SQL st3tements eFe?te; 3534nst te ;3t3D3se.

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t 3ete; =33mete 9@ eD 3==743t49n 3s

?7ne3D7e t9 SQL Inet49n.

As eD 3==743t49n ;4; n9t 3e =9=e es @9 4n=?t 374;3t49n t9 st9= SQL

4net49n 3tt3s s? 3s 4te74sts =33mete4e; ?e4es 3n; ?se =33mete4e;

st9e; =9e;?es.

An 3tt3e 3n s?==78 3@te; 4n=?t t9 De3 9?t 9@ te ;3t3 9nteFt 4n 4 te4

4n=?t 3==e3s 3n; 4nte@ee 4t te st?t?e 9@ te s?9?n;4n5 ?e8.

$e4oB is te samp4e Ae6te9 Samp4e UR/Dtt=:2,#.1-6.2,6.1(2G79D37UP9t379=en9?se5et=3ss9;.3s=F

P33mete N3me: ttn9

E?tra6te9 In=ormation o= 'ata8aseB3en; !3t3D3se: O37e

E?tra6te9 'ata8ase Name• CTXSYS

• MDSYS

• OLAPSYS

• PMSTM

• PORTAL

• SUGWEB

• SYS

• SYSTEM

http://203.196.206.152/Global_Portal/openhouse/getpassword.aspxhttp://203.196.206.152/Global_Portal/openhouse/getpassword.aspx


18/116


• TMMLDEV

• UGLOBAL

• WKSYS

WMSYS

FIURE 1D S/ ERROR ON PARAMETER /OIN I'

FIURE #D S/ IN%ECTION ERROR ENERATE' $ APP/ICATION


19/116


FIURE &D EXTRACTIN 'ATA$ASE NAME USIN S/ IN%ECTION

A7s9 4t 3s @9?n; t3t WeD se4e 4s 37s9 ?7ne3D7e t9 SQL 4net49n.

We 3e 3D7e t9 eFe?te se7et ?se @9m ;?37 ?e8 De79 4s te seens9ts @9 te

s3me:

FIURE (D ,E$ SERVICE S/ ANA/GER


20/116


A7s9 ;?e t9 SQL Inet49n 4t 3s @9?n; t3t 3==743t49n st9es =3ss9; 4n 7e3 teFt@9m3t.

E?tra6te9 In=ormation =rom Ta84e CVH/OIN =orm Porta4I' /OINI' /HNAME /HSTAT 'EPT/O SU$H'EPT /HPASS,OR/'

1 , ACE "ACT ! ACE "ACT ACE "ACT ACE "ACT

2 , =2-*&, ENGINE "AC ENGINE "AC en54ne

# 1 A!MIN , ACE "ACT A!MINC+B A!MIN

' , AMS , AMS AMS AMS

( , APL , APL APL APL

IMPACT+349?s 3tt3s 3n De ;e74ee; 43 SQL 4net49n 4n7?;4n5 e3;4n5 9 m9;4@84n5

4t437 3==743t49n ;3t3 4nte@e4n5 4t 3==743t49n 7954 es373t4n5 =447e5es 4t4n

te ;3t3D3se 3n; eFe?t4n5 9=e3t4n5 s8stem 9mm3n;s. We ee 37s9 3D7e t9

D8=3ss OTP =3ss9; @?nt49n374t8 ?s4n5 SQL 4net49n.

An 3tt3e 3n 3ess C7e3 teFt =3ss9; 4 4s st9e; 4n ;3t3D3se.

RECOMMEN'ATION"97794n5 3e te e9mmen;3t49n t9 =eent SQL 4net49n 3tt3.

1. W4te 74st 9@ 3e=t3D7e 37?es

if (Request.QueryString[0] != null)

{

string procuctname = Request.QueryString[0];

ar rege = ne" Rege(#$%0&['][0*]&+$);

if (!rege.,s-atc(procuctname))

{

l/lmessage.et = $'n inali1 pro1uct name as /een

specifie1.$; return;

2

2

2. se P33mete4e; Q?e4es

if (Request.QueryString[0] != null)

{

string procuctname = Request.QueryString[0];


21/116


Sql3onnection con = ne"

Sql3onnection(3onfiguration-anager.3onnectionStrings[$4563onnectionString$].3onnect

ionString);

Sql3omman1 comman1 = ne" Sql3omman1($S7873 9ro1uct6:ame

3ategory6:ame4escription ?7R7 9ro1uct6:ame =#9ro1uct6:ame$);

comman1.3omman1ype = System.4ata.3omman1ype.et;

comman1.9arameters.'11($#9ro1uct6:ame$ Sql4/ype.@ar3ar

A0).@alue = procuctname;

comman1.3onnection = con;

con.pen();

Bri1@ie"C.4ataSource = comman1.7ecuteRea1er();

Bri1@ie"C.4ata5in1();

con.3lose();

2


22/116


#. se P33mete4e; St9e; P9e;?es

if(Request.QueryString[0] != null)

{

Sql3onnection con = ne"

Sql3onnection(3onfiguration-anager.3onnectionStrings[$4563onnectionStringC$].3onnec

tionString);

string 9ro1uct6:ame = Request.QueryString[0];

Sql3omman1 comman1 = ne" Sql3omman1($sp6Bet9ro1ucts$ con);

comman1.3omman1ype = System.4ata.3omman1ype.Store19roce1ure;

comman1.9arameters.'11($#9ro1uct6:ame$ Sql4/ype.@ar3ar).@alue =

9ro1uct6:ame;

comman1.3onnection = con;

con.pen();Bri1@ie"C.4ataSource = comman1.7ecuteRea1er();

Bri1@ie"C.4ata5in1();

con.3lose();

2

A7s9 4t 4s e9mmen;e; t9 se 3 8=t953=43778 se?e 3s 74e S$A2 @9 st94n5

=3ss9;

tt=:etet4.netD7952,12#2-st9n5=3ss9;3s4n5@93s=net.tm7.

REFERENCESQL Inet49n

tt=:en.44=e;43.9544SQLU4net49n

St9= SQL Inet49n Att3s De@9e Te8 St9= Y9?

tt=:ms;[email protected];nm354ss?es,',-SQLInet49n

$9 T9: P9tet "9m Inet49n Att3s 4n ASP.NET

tt=:ms;[email protected]?s74D386'*#-*.3s=F

http://en.wikipedia.org/wiki/SQL_injectionhttp://msdn.microsoft.com/msdnmag/issues/04/09/SQLInjection/http://msdn.microsoft.com/en-us/library/ff647397.aspxhttp://en.wikipedia.org/wiki/SQL_injectionhttp://msdn.microsoft.com/msdnmag/issues/04/09/SQLInjection/http://msdn.microsoft.com/en-us/library/ff647397.aspx


23/116


2.1.2 NRESTRICTE! "ILE PLOA!

SEVERIT /EVE/)I)


VU/NERA$I/IT C/ASSIFICATIONnest4te; "47e =793;

AFFECTE' SAMP/E UR/

'ESCRIPTION=793;e; 7es e=esent 3 s45n43nt 4s t9 3==743t49ns. Te st ste= 4n m3n8

3tt3s 4s t9 5et s9me 9;e t9 te s8stem t9 De 3tt3e;. Ten te 3tt3 9n78 nee;s

t9 n; 3 38 t9 5et te 9;e eFe?te;. s4n5 3 7e ?=793; e7=s te 3tt3e

39m=74s te st ste=.

Te 9nse?enes 9@ ?nest4te; 7e ?=793; 3n 38 4n7?;4n5 9m=7ete s8stem

t3e9e 3n 9e793;e; 7e s8stem @93;4n5 3tt3s t9 D3en; s8stems 3n;

s4m=7e ;e@3ement. It ;e=en;s 9n 3t te 3==743t49n ;9es 4t te ?=793;e; 7e

4n7?;4n5 ee 4t 4s st9e;.

ANA/SIS

Te Aete; S3m=7e RL 4s ?7ne3D7e t9 ?nest4te; 7e ?=793;.10 As te eD 3==743t49n ;9esnHt 374;3te 9ntent t8=e @9 te ?=793;e; 7es e9?7; s?ess@?778 ?=793; 3 m37449?s 7e eD se770 9n te see.We ee 3D7e t9 D8=3ss te 374;3t49n ten4?es ?se; D8 te 3==743t49n D8s?==784n5 te 7en3me st4n5 3s 7en3me.3s=F=e5

FIURE + UP/OA'IN A MA/ICIOUS FI/E STE P 1


24/116


FIURE "D UP/OA'IN A MA/ICIOUS FI/E STEP #

FIURE *D UP/OA'IN A MA/ICIOUS FI/E STEP &

20 A@te ?=793;4n5 te 7e e ee 3D7e t9 3ess te se77 3n; D9se t9?5 te3==743t49n S9?e 7es. A7s9 3D7e t9 eFe?te OS 7ee7 9mm3n;.E?tra6te9 In=ormationDC9mm3n;: net ?seDser accounts for EE-9:7R330C


25/116


'3Dser '1ministrator 'S9:7


26/116


!e4e; n;4n5s 3e 4ss?es 4 3e ;4s9ee; ;?4n5 te =9ess 9@ eF=794t3t49n 9@ s9me 9te 4ss?es. Tese n;4n5s 3e Deen 45745te; De3?se te 3tt3e 3n7ee35e tese 4ss?es 4n 3 9m=9m4se; s8stem t9 ;45 ;ee=e 4nt9 te net97e3;4n5 t9 5e3te ;3m35e.$e4oB are te 'eri;e9 5n9ingsD

• WeD.9n5 3s 9n5?e; 4t $3;9;e; !3t3D3se C9nnet49n St4n5E?tra6te9 In=ormationD4ata Source=-HJJ Dser ,4=portal 9ass"or1=portalCKH

4ata Source=9'L>756:7> Dser ,4=m/suser 9ass"or1=m/suserCKH

FIURE .D CONNECTION STRIN IN ,E$!CONFI• Encryption key w! "o#n$ to %e &r$co$e$ in t&e !o#rce co$e'

IMPACTs4n5 7e ?=793; ?7ne3D474t8 3n 3tt3e 3n ?=793; m37449?s 9;e t3t 3n ?n

s8stem 7ee7 9mm3n;s D9se s8stem 7es 3n; 3n =enet3te 4ns4;e te net9.

A7s9 e 3e 37s9 3D7e t9 ;9n793; ent4e s9?e 9;e 9@ te A==743t49n ?s4n5

?=793;e; se77.

RECOMMEN'ATIONIt 4s e9mmen;e; t9 374;3te te @97794n5

• T8=e 9@ te 7es t9 De ?=793;e; 9n te see s4;e.

• C9ntentt8=e s9?7; De 374;3te; 9n te see s4;e.

• S4e 9@ te 7e

• !9 n9t sen; ?=793;e; es?mes ;4et78 43 em347 t9 te 4nten3778 em=798ees. Its9?7; De s3nne; @9 4?ses.

"47e eFtens49n 374;3t49n

string filepat = $$;

protecte1 oi1 /tnuploa163licG(o/Mect sen1er 7ent'rgs e)

{

NN@ulnera/le 3o1e

if (uploa1er.?as


27/116


{

filepat = Serer.-ap9at($..NfilesN$ O

uploa1er.9oste1


28/116


tt=s:.93s=.954n;eF.==nest4te;U"47eU=793;

https://www.owasp.org/index.php/Unrestricted_File_Uploadhttps://www.owasp.org/index.php/Unrestricted_File_Upload


29/116


2.1.# APPLICATION ALLOWS REPLAY O" AT$ENTICATION TO%EN

SEVERIT /EVE/)I)

EASE OF EXP/OITATIONEAS

VU/NERA$I/IT C/ASSIFICATIONInse?e Im=7ement3t49n 9@ A?tent43t49n T9enRe=78 Att3

AFFECTE' SAMP/E UR/

'ESCRIPTIONA e=738 3tt3 9?s en 3n 3tt3e 9=4es 3 ste3m 9@ mess35es Deteen t9

=3t4es 3n; e=738s te ste3m t9 9ne 9 m9e 9@ te =3t4es. n7ess m4t453te; te9m=?tes s?Det t9 te 3tt3 =9ess te ste3m 3s 7e54t4m3te mess35es es?7t4n54n 3 3n5e 9@ D3; 9nse?enes s? 3s e;?n;3nt 9;es 9@ 3n 4tem.

ANA/SIS Te WeD D3se; SSO 4m=7ement3t49n 3s @9?n; t9 De ?7ne3D7e t9 e=738 3tt3. Tet9en 5ene3t49n 3s @9?n; t9 De 8=t953=43778 e3 4 ;9es n9t 5ene3te3n;9m 4=e teFt @9 3 54en ?se 3n; 97e =33mete. Te ?se s=e4 4=e teFt3n De 5ene3te; @9m te De79 RL 3n; ten te s3me t9en 3n De ?se; t9 7954n9n De37@ 9@ te ?se.

FIURE 0D TO-EN ENERATION

FIURE 12D TO-EN FOR PERSONA/ NO ! 11.&1*


30/116


FIURE 11D SUCCESSFU/ /OIN ,IT) T)E TO-EN

IMPACTAn8 ?se 3n 7954n 4nt9 te s8stem 9n De37@ 9@ te 9te ?se D8 n94n5 4s=es9n37 n?mDe 3n; 5ene3t4n5 te 8=t953=4 37?e @9 te ?7ne3D7e RL.

RECOMMEN'ATIONBe79 3e te e9mmen;3t49ns @9 Re=738 9@ 3?tent43t49n t9ens:

• Gene3te 3 8=t953=4 sten5t 9net4me 3n;9m t9en 4 m?st De:o A779e; t9 De ?se; 9neo s3D7e @9 te ?se 4t 3s e3te;o T3nsm4tte; 43 $TTPS

• It 4s e9mmen;e; t9 4m=7ement n9ne t9en 3s t4s 477 =eent @9m Re=78

3tt3.• T4me st3m=4n5 4s 3n9te 38 9@ =eent4n5 3 e=738 3tt3 D8 s45n4n5 te

e?est 4t 3 t4meD3se; t9en 3s 3 =33mete 3n; set 3n eF=43t49n t4me 9nt3t t9en. Te ?sen3me 3n; t4mest3m= 3n De 3se; 3n; =3sse; 3s 3=33mete 3n; ten te s3me =33mete s9?7; De ee; @9 4ts 374;4t8.

I@ @e3s4D7e ?se W4n;9s I;ent4@8 "9?n;3t49n @9 eD D3se; S4n57e S45nOn.

REFERENCERe=78 Att3

tt=s:.93s=.954n;eF.==Test4n5U@9UWSURe=738UOWASPWS,,*0

W4n;9s I;ent4t8 "9?n;3t49ntt=:ms;[email protected]?s74D38#**1(1.3s=F

tt=:D795s.ms;n.9mD?s4s;e34e2,12,#1#4n;9s3?ese?4t8Dest

=3t4es=3t(734msD3se;4;ent4t8s4n57es45n9n.3s=F

Im=7ement4n5 N9nett=:en.44=e;43.9544C8=t953=4Un9ne

https://www.owasp.org/index.php/Testing_for_WS_Replay_(OWASP-WS-007)http://msdn.microsoft.com/en-us/library/hh377151.aspxhttp://blogs.msdn.com/b/usisvde/archive/2012/03/13/windows-azure-security-best-practices-part-5-claims-based-identity-single-sign-on.aspxhttp://blogs.msdn.com/b/usisvde/archive/2012/03/13/windows-azure-security-best-practices-part-5-claims-based-identity-single-sign-on.aspxhttp://en.wikipedia.org/wiki/Cryptographic_noncehttps://www.owasp.org/index.php/Testing_for_WS_Replay_(OWASP-WS-007)http://msdn.microsoft.com/en-us/library/hh377151.aspxhttp://blogs.msdn.com/b/usisvde/archive/2012/03/13/windows-azure-security-best-practices-part-5-claims-based-identity-single-sign-on.aspxhttp://blogs.msdn.com/b/usisvde/archive/2012/03/13/windows-azure-security-best-practices-part-5-claims-based-identity-single-sign-on.aspxhttp://en.wikipedia.org/wiki/Cryptographic_nonce


31/116


tt=s:44.se4en9.9m4n;eF.==t4t7eVIm=7ement4n5U3UN9ne

https://wiki.servicenow.com/index.php?title=Implementing_a_Noncehttps://wiki.servicenow.com/index.php?title=Implementing_a_Nonce


32/116


2.1.' INS""ICIENT AT$ENTICATION

SEVERIT /EVE/)I)


VU/NERA$I/IT C/ASSIFICATIONIns?4ent A?tent43t49n

AFFECTE' SAMP/E UR/

'ESCRIPTIONIns?4ent A?tent43t49n 9?s en 3 eD s4te =em4ts 3n 3tt3e t9 3ess

sens4t4e 9ntent 9 @?nt49n374t8 4t9?t 34n5 t9 =9=e78 3?tent43te. WeDD3se;3;m4n4st3t49n t997s 3e 3 599; eF3m=7e 9@ eD s4tes =94;4n5 3ess t9 sens4t4e

@?nt49n374t8. !e=en;4n5 9n te s=e4 9n74ne es9?e tese eD 3==743t49ns

s9?7; n9t De ;4et78 3ess4D7e 4t9?t e?44n5 te ?se t9 =9=e78 e4@8 te4

4;ent4t8.

ANA/SIS

IMPACT T4s e3ness 3n 7e3; t9 te eF=9s?e 9@ es9?es 9 @?nt49n374t8 t9 ?n4nten;e;

?se =9ss4D78 =94;4n5 3tt3es 4t sens4t4e 4n@9m3t49n 9 een eFe?te 3D4t389;e.

A7s9 4t 4s ;4?7t t9 ee= 3 t3 9@ te 3t44t4es =e@9me; 4n 3==743t49n 4t ?se

m34n5 3n5es 4t9?t 3?tent43t4n5 4mse7@.

Att3e 3n 7954n 4t 3n8 ?se 3s 3==743t49n 3779s ;4et 7954n 4 9n78 nee;s

4t4m Pes9n37 n9.

RECOMMEN'ATIONIt 4s e9mmen;e; t9 4m=7ement st9n5 3?tent43t49n 3n; 3?t943t49n me3n4sm

De@9e 3ess4n5 3n8 sens4t4e 4n@9m3t49n 9 ,e8 Ser;i6es. se 3n 3?tent43t49n

@3me9 9 74D38 s? 3s MemDes4= 3n; R97e P94;e 4 s4=s 4t .Net 2.,OWASP ESAPI A?tent43t49n @e3t?e et.

REFERENCEIns?4ent A?tent43t49n

tt=:=9ets.eD3==se.95=35e1#2'6-#-Ins?4entX2,A?tent43t49n

WeD Se4e A?tent43t49n

http://projects.webappsec.org/w/page/13246939/Insufficient%20Authenticationhttp://projects.webappsec.org/w/page/13246939/Insufficient%20Authentication


33/116


tt=:ms;[email protected]?s74D386*,;*Vs.*10.3s=F

http://msdn.microsoft.com/en-us/library/w67h0dw7(v=vs.71).aspxhttp://msdn.microsoft.com/en-us/library/w67h0dw7(v=vs.71).aspx


34/116


35/116


FIURE 1#D CREATE OF REUISITIONS STEP 1

Ste= 2: C74 De79 RL @9 A==937 C74 9n Sent T9 PRO @9 B994n5 D?tt9n

tt=:2,#.1-6.2,6.1(2579D37U=9t37T3e7UB994n5F1413((=5#1'(F,3;;D(03==937sen;t9=9.3s=Ft3e7n9V*,,(

FIURE 1& D APPROVE OF REUISITIONS STEP #

FIURE 1(D TRAVE/ REUEST ION SENT TO PRO

http://203.196.206.152/global_portal/Travel_Booking/(x1ik1a55pkqg3145x0addbj5)/approval/sendtopro.aspx?travelno=700835http://203.196.206.152/global_portal/Travel_Booking/(x1ik1a55pkqg3145x0addbj5)/approval/sendtopro.aspx?travelno=700835http://203.196.206.152/global_portal/Travel_Booking/(x1ik1a55pkqg3145x0addbj5)/approval/sendtopro.aspx?travelno=700835http://203.196.206.152/global_portal/Travel_Booking/(x1ik1a55pkqg3145x0addbj5)/approval/sendtopro.aspx?travelno=700835


36/116


Ste= #: Ce te St3t?s 9@ Re?4s4t49n

FIURE 1+D VERIF T)E STATUS OF REUISITION

RECOMMEN'ATIONIt 4s e9mmen;e; t9 4m=7ement st9n5 3?t943t49n 4n te 3==743t49n.

• !44;e te s9@t3e 4nt9 3n9n8m9?s n9m37 =447e5e; 3n; 3;m4n4st3t4e

3e3s. Re;?e te 3tt3 s?@3e D8 3e@?778 m3==4n5 97es 4t ;3t3 3n;

@?nt49n374t8. se 97eD3se; 3ess 9nt97 RBAC0 t9 en@9e te 97es 3t te

3==9=43te D9?n;34es.

N9te t3t t4s 3==93 m38 n9t =9tet 3534nst 949nt37 3?t943t49n 4.e. 4t477 n9t =9tet 3 ?se @9m 3tt34n5 9tes 4t te s3me 97e.

• Ens?e t3t 89? =e@9m 3ess 9nt97 es e73te; t9 89? D?s4ness 7954.

Tese es m38 De ;4eent t3n te 3ess 9nt97 es t3t 89? 3==78 t9m9e 5ene4 es9?es s? 3s 7es 9nnet49ns =9esses mem98 3n;

;3t3D3se e9;s.• "9 eD 3==743t49ns m3e s?e t3t te 3ess 9nt97 me3n4sm 4s en@9e;

9et78 3t te see s4;e 9n ee8 =35e. ses s9?7; n9t De 3D7e t9 3ess

3n8 ?n3?t94e; @?nt49n374t8 9 4n@9m3t49n D8 s4m=78 e?est4n5 ;4et

3ess t9 t3t =35e.• One 38 t9 ;9 t4s 4s t9 ens?e t3t 377 =35es 9nt34n4n5 sens4t4e 4n@9m3t49n

3e n9t 3e; 3n; t3t 377 s? =35es est4t 3ess t9 e?ests t3t 3e

39m=3n4e; D8 3n 3t4e 3n; 3?tent43te; sess49n t9en 3ss943te; 4t 3

?se 9 3s te e?4e; =em4ss49ns t9 3ess t3t =35e.• se te 3ess 9nt97 3=3D474t4es 9@ 89? 9=e3t4n5 s8stem 3n; see

en49nment 3n; ;ene 89? 3ess 9nt97 74sts 39;4n578. se 3 ;e@3?7t

;en8 =9748 en ;en4n5 tese ACLs.•

REFERENCEIns?4ent A?t943t49ntt=:=9ets.eD3==se.95Ins?4entA?t943t49n


37/116


2.1.6 !ANGEROS MET$O!S ENABLE!

SEVERIT /EVE/)I)


VU/NERA$I/IT C/ASSIFICATIONSee M4s9n5?3t49n

AFFECTE' SAMP/E UR/See M4s9n5?3t49n

'ESCRIPTIONSee M4s9n5?3t49n 3tt3s eF=794t 9n5?3t49n e3nesses @9?n; 4n eD

sees 3n; 3==743t49n sees. M3n8 sees 9me 4t ?nneess38 ;e@3?7t 3n;s3m=7e 7es 4n7?;4n5 3==743t49ns 9n5?3t49n 7es s4=ts 3n; eD =35es. Te8

m38 37s9 3e ?nneess38 se4es en3D7e; s? 3s 9ntent m3n35ement 3n;

em9te 3;m4n4st3t49n @?nt49n374t8. !eD?554n5 @?nt49ns m38 De en3D7e; 9

3;m4n4st3t4e @?nt49ns m38 De 3ess4D7e t9 3n9n8m9?s ?ses.

Sees m38 4n7?;e e77n9n ;e@3?7t 39?nts 3n; =3ss9;s. "347?e t9 @?778 79

;9n 9 3;en te see m38 7e3e 4m=9=e78 set 7e 3n; ;4et98 =em4ss49ns.

M4s9n5?e; SSL et43tes 3n; en8=t49n sett4n5s te ?se 9@ ;e@3?7t et43tes

3n; 4m=9=e 3?tent43t49n 4m=7ement3t49n 4t eFten37 s8stems m38 9m=9m4se

te 9n;ent4374t8 9@ 4n@9m3t49n.

+eD9se 3n; 4n@9m3t4e e9 mess35es m38 es?7t 4n ;3t3 7e335e 3n; te

4n@9m3t49n ee37e; 9?7; De ?se; t9 @9m?73te te neFt 7ee7 9@ 3tt3. In9et

9n5?3t49ns 4n te see s9@t3e m38 =em4t ;4et98 4n;eF4n5 3n; =3t

t3es37 3tt3s.

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t De79 ment49ne; !3n5e9?s $TTP met9;s eeen3D7e; 9n te see.

• PT

• !e7ete• T3e

• COPY

• MO+E

• M%COL

• PROP"IN!

• SEARC$


38/116


• LOC%

• NLOC%

IMPACTAs WeD!A+ 3s 9n5?e; 4t 4te =em4ss49n en3D7e 9n te em9te see

3tt3e 3n 3D7e t9 ?=793; se77 9n te see. T4s 3n 7e3; t9 9m=9m4se 9@ ent4e

s8stem 3s 3tt3e 3n ?n OS 7ee7 9mm3n; 9n te t35et see. A7s9 WeD!A+ 37s9

3s M9;4@8 3n; !e7ete met9; en3D7e ;?e t9 4 3tt3e 3n m9;4@8 3n; ;e7ete

3n8 7e @9m te em9te 3==743t49n see.

A7s9 Att3es m38 3D?se $TTP TRACE met9; t9 534n 3ess t9 4n@9m3t49n 4n $TTPe3;es s? 3s 994es 3n; 3?tent43t49n ;3t3.

RECOMMEN'ATIONIt 4s e9mmen;e; t3t est4t 3ess @9 377 ;3n5e9?s met9; 3n; 4@ 4t 4s n9t De4n5

?se; ;4s3D7e 4t.

"9 ;4s3D74n5 ;3n5e9?s met9; ?se IIS L9;9n

tt=:[email protected]?s74D38;;'(,#*2.3s=F

REFERENCE$9 t9 ;4s3D7e WeD!A+ @9 IIS 6tt=:.=9=m3t43n.9mt4=snt4s2,,-,(2,9t9;4s3D7eeD;34n44s6

W4te$3t C9sss4te T34n5 P3=ett=:.54se?4t8.9m4te3tm49W$W4teP3=eU/STUeD99.=;@

M?7t4=7e WeD Sees !3n5e9?s $TTP Met9; TRACEtt=:9s;D.95s99s;D&**

http://technet.microsoft.com/en-us/library/dd450372.aspxhttp://www.popmartian.com/tipsntricks/2009/05/20/howto-disable-webdav-in-iis-6/http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdfhttp://osvdb.org/show/osvdb/877http://technet.microsoft.com/en-us/library/dd450372.aspxhttp://www.popmartian.com/tipsntricks/2009/05/20/howto-disable-webdav-in-iis-6/http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdfhttp://osvdb.org/show/osvdb/877


39/116


2.1.* REP!IATION ATTAC%

SEVERIT )I)


VU/NERA$I/IT C/ASSIFICATIONRe=?;43t49n 3tt3

AFFECTE' SAMP/E UR/

'ESCRIPTIONA e=?;43t49n 3tt3 3==ens en 3n 3==743t49n 9 s8stem ;9es n9t 3;9=t 9nt97s

t9 =9=e78 t3 3n; 795 ?sesH 3t49ns t?s =em4tt4n5 m37449?s m3n4=?73t49n 9

@954n5 te 4;ent43t49n 9@ ne 3t49ns. T4s 3tt3 3n De ?se; t9 3n5e te

3?t94n5 4n@9m3t49n 9@ 3t49ns eFe?te; D8 3 m37449?s ?se 4n 9;e t9 795 9n5

;3t3 t9 795 7es. Its ?s35e 3n De eFten;e; t9 5ene37 ;3t3 m3n4=?73t49n 4n te n3me

9@ 9tes 4n 3 s4m473 m3nne 3s s=99n5 m347 mess35es. I@ t4s 3tt3 t3es =73e

te ;3t3 st9e; 9n 795 7es 3n De 9ns4;ee; 4n374; 9 m4s7e3;4n5.

ANA/SISA e=?;43t49n 3tt3 3==ens en 3n 3==743t49n 9 s8stem ;9es n9t 3;3=t 9nt97s

t9 =9=e78 t3 3n; 795 ?sesH 3t49ns t?s =em4tt4n5 m37449?s m3n4=?73t49n 9

@954n5 te 4;ent43t49n 9@ ne 3t49ns. T4s 3tt3 3n De ?se; t9 3n5e te3?t94n5 4n@9m3t49n 9@ 3t49ns eFe?te; D8 3 m37449?s ?se 4n 9;e t9 795 9n5

;3t3 t9 795 7es.

T9 34ee t4s e 3e t9 =e@9m te ste=s ment49ne; De79

• Ste= 1: L955e; 4n 4t +APTSER# ?se.

• Ste= 2: C3=t?e te A;; J9e e?est.

FIURE 1"D A'' %O-E REUEST


40/116


Ste= #: C3n5e te $4;;enseUI! +37?e t9 11 4 e=esent M S34t3R34 se.

FIURE 1*D C)ANE ) I''EN USER I' VA/UE

• Ste= ': S?Dm4t te e?est.

FIURE 1.D SUCCESSFU// A''E' %O-E

• Ste= (: S?ess@?778 e3te; e?est ;et347s D8 M S34t3 R34 ?se.

FIURE 10D %O-E )AS $EEN CREATE' $ SARITA RA%IV REPU'IATION ATTAC- SUCCESSFU/

IMPACT T4s 4ss?e t35ets te 39?nt3D474t8 9@ te t3ns3t49ns =e@9me; D8 te ?ses 9@ te3==743t49n. A ?se ABC 3n =e@9m 3 t3ns3t49n 3n; m3e s9me9ne e7sees=9ns4D7e @9 =e@9m4n5 t3t t3ns3t49n.In t4s 3se 3n 3tt3e 3n 3;; 3 ;4st?D4n5 mess35e t9 ?se A 3n; m3e ?se Bes=9ns4D7e @9 sen;4n5 te mess35e.


41/116


T4s 3tt3 3n De ?se; t9 3n5e te e9; e3t9 n3me 4n te 3==743t49n teeD8tee 4s n9 39?nt3D474t8 @9 te ;3t3 e73te; 9=e3t49ns.It 3s 37s9 =9ss4D7e @9 3n 3tt3e t9 3;; 9e ;3t3 @9 4 tee 3s n9

?st9me 4nte3t49n e?4e;. "9 s?ess@?7 3tt3 3n 3tt3e nee; t9 s4m=78 3@t

s? e?est 3n; ?st nee; t9 3n5e $4;;enseUI! 37?e 4n t3t e?est.T4s

$4;;enseUI! e=esent te =es9n37 n9 4 477 =94nt t9 ?se.A7s9 t4s 477 De3

te A9?nt3D474t8 9@ te WeD 3==743t49n.

RECOMMEN'ATION Te 3==743t49n s9?7; n9t De 79554n5 3n8 ?se s?==74e; 4n=?t. I@ 3t 377 te D?s4ness

e?4ement ;4t3tes t9 795 3 ?se s?==74e; 4n=?t ten 4t 4s 4578 e9mmen;e; t3t

89? 374;3te te ?se 4n=?t. A7s9 @9 9=e3t49ns t3t e?4e; t9 De 7955e; @9m te

3?;4t t347 =94nt 9@ 4e s9?7; De =4e; @9m te 7955e; 9n sess49n ?se.

REFERENCE

Re=?;43t49n Att3tt=s:.93s=.954n;eF.==Re=?;43t49nUAtt3

https://www.owasp.org/index.php/Repudiation_Attackhttps://www.owasp.org/index.php/Repudiation_Attack


42/116


2.1.& WEA% PASSWOR! RECO+ERY MEC$ANISM

SEVERIT )I)


VU/NERA$I/IT C/ASSIFICATIONB9en A?tent43t49n 3n; Sess49n M3n35ement

AFFECTE' SAMP/E UR/

'ESCRIPTION

Ins?4ent P3ss9; Re9e8 4s en 3 eD s4te =em4ts 3n 3tt3e t9 477e537789Dt34n 3n5e 9 e9e 3n9te ?seHs =3ss9;. C9nent49n37 eD s4te3?tent43t49n met9;s e?4e ?ses t9 se7et 3n; ememDe 3 =3ss9; 9=3ss=3se. Te ?se s9?7; De te 9n78 =es9n t3t n9s te =3ss9; 3n; 4t m?stDe ememDee; =e4se78.

ANA/SISBe79 3e te 4ss?es @9?n; 9n =3ss9; e9e8 me3n4sm:

1. Att3e 3n 3n5e 4t4m =3ss9; D8 ?st n94n5 4s ;3te 9@ B4t 43n De et4ee; @9m De79 ment49n RL.In@9m3t49n Le335e 9@ !3te 9@ B4t D8 3n54n5 =Un9 =33mete.tt=:2,#.1-6.2,6.1(2G79D37UP9t37m8t3t3m9t9s$9me"9msmUEm=UA77U!et347s.3s=F=Un9V6((*-&KD;38V1tt=:2,#.1-6.2,6.1(2G79D37UP9t37MBS5,@;Dn(m?t53?5s;820L954nC9mm9n"9ms@mUs45nU?=.3s=F3t49nVe54ste Ye3 3n De 5?esse; D8 3n 3tt3e 3s tee 4s n9 se L99?t P9748 Deen4m=7emente;.se L99?t P9748 me3ns t3t 3@te #( 3ttem=ts te ?se s9?7; De 79e;9?t @9m 3ess4n5 te 3==743t49n 3n; m?st 9nt3t te 3;m4n4st3t9 @9esett4n5 te =3ss9;.

http://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/m_Emp_All_Details.aspx?p_no=655798&bday=1http://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/m_Emp_All_Details.aspx?p_no=655798&bday=1http://203.196.206.152/Global_Portal/MBS/(gj0fdbn5chmutgauzgscdyr2)/Login/Common/Forms/frm_sign_up.aspx?action=registerhttp://203.196.206.152/Global_Portal/MBS/(gj0fdbn5chmutgauzgscdyr2)/Login/Common/Forms/frm_sign_up.aspx?action=registerhttp://203.196.206.152/Global_Portal/MBS/(gj0fdbn5chmutgauzgscdyr2)/Login/Common/Forms/frm_sign_up.aspx?action=registerhttp://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/m_Emp_All_Details.aspx?p_no=655798&bday=1http://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/m_Emp_All_Details.aspx?p_no=655798&bday=1http://203.196.206.152/Global_Portal/MBS/(gj0fdbn5chmutgauzgscdyr2)/Login/Common/Forms/frm_sign_up.aspx?action=registerhttp://203.196.206.152/Global_Portal/MBS/(gj0fdbn5chmutgauzgscdyr2)/Login/Common/Forms/frm_sign_up.aspx?action=registerhttp://203.196.206.152/Global_Portal/MBS/(gj0fdbn5chmutgauzgscdyr2)/Login/Common/Forms/frm_sign_up.aspx?action=register


43/116


We 3e 3D7e t9 5et ;3te 9@ D4t 9@ em=798ee D8 3n54n5 =Un9 37?e t9

6((*-&.De79 seens9t e=esent te s3me:

FIURE #2D ETTIN 'ATE OF $IRT)

Resett4n5 =3ss9; 9@ 6((*-& D8 544n5 ;3te 9@ D4t eFt3te; 4n 3D9e seens9t

3n; D?te @94n5 8e3 De79 seens9t e=esent te s3me:

FIURE #1D FOROT PASS,OR' FOR "++*0.

FIURE ##D $RUTE FORCIN EAR PARAMETER


44/116


45/116


tt=:2,#.1-6.2,6.1(2G79D37UP9t37MBSt37(8'(8nmmn((9;33FD0L954nC9mm9n"9ms@mU5etU=3ss9;.3s=F

• Ente 37?e P11 4n L954n I! =ess S?Dm4t D?tt9n.

• N9 +4e P35e S9?e 89? 477 n; De79 4n@9m3t49n

E?tra6te9 In=ormationDinput name=$1n'ns"er$ i1=$1n'ns"er$ type=$i11en$ alue=$9CCIHC$ NTinput name=$1n9ass"or1$ i1=$1n9ass"or1$ type=$i11en$ alue=$est#CKH$ NT

Security Question Answer: P118316

Password: Test@123

FIURE #+D STEP 1 ,EA- PASS,OR' MEC)ANISM

FIURE #"D STEP # ,EA- PASS,OR' MEC)ANISM

A7s9 4t 3s 37s9 @9?n; t3t =3ss9; e9e8 me3n4sm 4m=7emente; D8

3==743t49n 3s @9?n; t9 De e3 3s se?4t8 ?est49n 3nse @9 m9st 9@ te se 4s

@9?n; t9 s3me.

http://203.196.206.152/Global_Portal/MBS/(wtal5y45yrnmmn55odaavxbv)/Login/Common/Forms/frm_get_password.aspxhttp://203.196.206.152/Global_Portal/MBS/(wtal5y45yrnmmn55odaavxbv)/Login/Common/Forms/frm_get_password.aspxhttp://203.196.206.152/Global_Portal/MBS/(wtal5y45yrnmmn55odaavxbv)/Login/Common/Forms/frm_get_password.aspxhttp://203.196.206.152/Global_Portal/MBS/(wtal5y45yrnmmn55odaavxbv)/Login/Common/Forms/frm_get_password.aspxhttp://203.196.206.152/Global_Portal/MBS/(wtal5y45yrnmmn55odaavxbv)/Login/Common/Forms/frm_get_password.aspxhttp://203.196.206.152/Global_Portal/MBS/(wtal5y45yrnmmn55odaavxbv)/Login/Common/Forms/frm_get_password.aspx


46/116



47/116


IMPACTAn 3tt3e 9?7; 534n ?n3?t94e; 3ess t9 te s8stem D8 et4e4n5 7e54t4m3te

?seHs 3?tent43t49n e;ent437s. An 3tt3e 9?7; ;en8 se4e t9 7e54t4m3te s8stem

?ses D8 73?n4n5 3 D?te @9e 3tt3 9n te =3ss9; e9e8 me3n4sm ?s4n5

=es9n37 n9 9@ 7e54t4m3te ?ses.

RECOMMEN'ATION• T9 =eent 3n 3tt3e @9m @94n5 He9e8H 9@ te =3ss9; te 3==743t49n

s9?7; 4m=7ement 3n 3;;4t49n37 ste= @9 e9e8 9@ =3ss9;. An89ne 3ttem=t4n5t9 esete9e te =3ss9; s9?7; 3nse 3 Hse?4t8 ?est49nH 9se 3nse 4s9n78 n9n t9 te 9454n37 ?se.

• !9 n9t ?se st3n;3; e3 se?4t8 ?est49ns 3n; ?se see37 se?4t8 ?est49ns.

• !4s3D7e te =3ss9; e9e8 @?nt49n374t8 3@te 3 et34n sm3770 n?mDe 9@ 4n9et 5?esses.

• R3te t3n em3474n5 te 9454n37 =3ss9; 4n =734nteFt t9 te ?seHs em34739?nt 3 9net4me t9en RL 3n De 5ene3te; 4 te ?se 3n 4s4t 3n; HsetH4se =3ss9;. T4s 477 e7= =eent s9?7;es?n5 3tt3s.

REFERENCEIns?4ent P3ss9; Re9e8tt=:=9ets.eD3==se.95Ins?4entP3ss9;Re9e8

OWASP "959t P3ss9; Ce3t Seettt=s:.93s=.954n;eF.=="959tUP3ss9;UCe3tUSeet

http://projects.webappsec.org/Insufficient-Password-Recoveryhttps://www.owasp.org/index.php/Forgot_Password_Cheat_Sheethttp://projects.webappsec.org/Insufficient-Password-Recoveryhttps://www.owasp.org/index.php/Forgot_Password_Cheat_Sheet


48/116


2.1.- CROSS SITE SCRIPTING /SS0

SEVERIT /EVE/)I)


VU/NERA$I/IT C/ASSIFICATIONC9ssS4te S4=t4n5

AFFECTE' SAMP/E UR/

'ESCRIPTION/SS C9ssS4te S4=t4n50 3779s 3n 3tt3e t9 eFe?te 3 ;8n3m4 s4=t J33s4=t

+DS4=t0 4n te 9nteFt 9@ te 3==743t49n. T4s 3779s see37 ;4eent 3tt39==9t?n4t4es m9st78 434n5 te ?ent sess49n 9@ te ?se 9 3n54n5 te 799 9@

te =35e D8 3n54n5 te $TML 9n te 8 t9 ste37 te ?seHs e;ent437s. T4s

3==ens De3?se te 4n=?t entee; D8 3 ?se 3s Deen 4nte=ete; 3s

$TMLJ33s4=t+DS4=t D8 te D9se.

/SS t35ets te ?ses 9@ te 3==743t49n 4nste3; 9@ te see. A7t9?5 t4s 4s 3

74m4t3t49n s4ne 4t 3779s 3tt3es t9 43 9te ?sesH sess49n 3n 3tt3e m45t

3tt3 3n 3;m4n4st3t9 t9 534n @?77 9nt97 9e te 3==743t49n.

ANA/SIS

It 3s @9?n; t3t te 3==743t49n ;9es n9t 374;3te 37?es 9@ 377 =33metes s?Dm4tte;D8 te ?se.In te 3D9e RLs 3n 3tt3e 4s 3D7e t9 sen; m37449?s 4n=?t @9 te =33metesment49ne; 4 4s ten en;ee; D3 9n te eD=35e 4t9?t 3n8 374;3t49n.

Att3 +et9 se; "9 /SS:• >37et;9?ment.994e0

• >NII

Te seens9ts De79 s9 t3t te tFtC3te598 =33mete 4s e;4te; t9 3e 3 s4=t

t35 4 =4nts 9?t te 994e 37?e 4n te 37et D9F. T4s 9?7; 37s9 De ?se; t9 795

te 994e 37?e t9 3n eFten37 s4te 4 4s 9nt977e; D8 3tt3e.


49/116


FIURE #*D CROSS SITE SCRIPTIN ON TXTCATEOR

FIURE #.D EXECUTION OF CROSS S ITE SCRIPTIN

Be79 seens9t s9 t3t =33mete 3tU4; 4s 3ete; 4t IE S=e4 /SS.N9te: T3t t4s /SS 3tt3 9s 9n78 t9?5 3n IE D9se0


50/116


FIURE #0D IE SPECIFIC XSS

IMPACTAn 3tt3e 3n ?se /SS t9 sen; 3 m37449?s s4=t t9 3n ?ns?s=et4n5 ?se. Te en;

?ses D9se 3s n9 38 t9 n9 t3t te s4=t s9?7; n9t De t?ste; 3n; 477

eFe?te te s4=t. Be3?se 4t t4ns te s4=t 3me @9m 3 t?ste; s9?e tem37449?s s4=t 3n 3ess 3n8 994es sess49n t9ens 9 9te sens4t4e

4n@9m3t49n et34ne; D8 89? D9se 3n; ?se; 4t t3t s4te. Tese s4=ts 3n een

e4te te 9ntent 9@ te $TML =35e.

RECOMMEN'ATION"97794n5 3e te e9mmen;3t49n @9 9ss s4te s4=t4n5 3tt3.

1. W4te 74st =33mete 37?es 4.e. 3e=t 9n78 te n9n 599;.

if(Request.QueryString[0]!=null){

string pro1uctname = Request.QueryString[0];

ar rege = ne" Rege(#$%[aU']{CK02+$);

if (!rege.,s-atc(pro1uctname))

{

l/lmessage.et = $'n inali1 1ata as /een su/mitte1.$;

2

2

2. En9;e $TML 9?t=?t

string searcGey"or1 = Request.QueryString[0];

if(Request.QueryString[0]!=null)

{


51/116


l/lmessage.et = $Searc results for Gey"or1 $ O

?ttpDtility.?tml7nco1e(searcGey"or1);

2

#. En9;e RL 9?t=?t

if( Request.QueryString[0]!=null)

{


l/lmsg.et = $Searc results for Gey"or1 $ O 7nco1er.Drl7nco1e(searcGey"or1);

2

'. En3D7e ASP.NET e?est 374;3t49n =9=et8

PageD

V# 9age 8anguage=$3W$ @ali1ateRequest=$false$VT

Web.config:

system."e/T

pages @ali1ateRequest=$true$ NT

Nsystem."e/T

(. Ant4/SS L4D38

if( Request.QueryString[0]!=null)

{


l/lmsg.et = $Searc results for Gey"or1 $ O 7nco1er.?tml7nco1e(searcGey"or1);

2


52/116


REFERENCE$tt=t474t8.$tm7En9;e Met9;

tt=:ms;[email protected]?s74D38s8stem.eD.tt=?t474t8.tm7en9;e.3s=F

Ant4 /SS EF3m=7estt=:ms;[email protected]?s74D3833-*#&1#.3s=F

M49s9@t Ant4C9ss S4te S4=t4n5 L4D38

tt=:[email protected]?s;9n793;;e@3?7t.3s=F

http://msdn.microsoft.com/en-us/library/system.web.httputility.htmlencode.aspxhttp://msdn.microsoft.com/en-us/library/aa973813.aspxhttp://www.microsoft.com/en-us/download/default.aspxhttp://msdn.microsoft.com/en-us/library/system.web.httputility.htmlencode.aspxhttp://msdn.microsoft.com/en-us/library/aa973813.aspxhttp://www.microsoft.com/en-us/download/default.aspx


53/116


2.1.1, L!AP INJECTION

SEVERIT /EVE/)I)


VU/NERA$I/IT C/ASSIFICATIONL!AP Inet49n

AFFECTE' SAMP/E UR/

'ESCRIPTIONL!AP Inet49n 4s 3n 3tt3 ten4?e ?se; t9 eF=794t eD s4tes t3t 9nst?t L!AP

st3tements @9m ?ses?==74e; 4n=?t.L45te45t !4et98 Aess P9t997 L!AP0 4s 3n 9=enst3n;3; =9t997 @9 D9t

?e84n5 3n; m3n4=?73t4n5 /.(,, ;4et98 se4es. Te L!AP =9t997 ?ns 9e

Intenet t3ns=9t =9t997s s? 3s TCP. WeD 3==743t49ns m38 ?se ?ses?==74e;

4n=?t t9 e3te ?st9m L!AP st3tements @9 ;8n3m4 eD =35e e?ests.

Wen 3 eD 3==743t49n @347s t9 =9=e78 s3n4t4e ?ses?==74e; 4n=?t 4t 4s =9ss4D7e @9

3n 3tt3e t9 37te te 9nst?t49n 9@ 3n L!AP st3tement.

ANA/SIS

IMPACTWen 3n 3tt3e 4s 3D7e t9 m9;4@8 3n L!AP st3tement te =9ess 477 ?n 4t tes3me =em4ss49ns 3s te 9m=9nent t3t eFe?te; te 9mm3n;. e.5. !3t3D3se

see WeD 3==743t49n see WeD see et.0. T4s 3n 3?se se49?s se?4t8

=9D7ems ee te =em4ss49ns 53nt te 45ts t9 ?e8 m9;4@8 9 em9e 3n8t4n5

4ns4;e te L!AP tee. Te s3me 3;3ne; eF=794t3t49n ten4?es 33473D7e 4n SQL

Inet49n 3n 37s9 De s4m47378 3==74e; 4n L!AP Inet49n.

RECOMMEN'ATION Te es3=e se?ene @9 =9=e78 ?s4n5 ?se s?==74e; 4n=?t 4nt9 L!AP ;4es

;e=en;4n5 9n 4@ te ?se 4n=?t 4s ?se; t9 e3te te !N !4st4n5?4se; N3me0 9 ?se;

3s =3t 9@ te se3 7te. Te 74st4n5 De79 s9s te 33te t3t nee;s t9 De

es3=e 3n; te 3==9=43te es3=e met9; @9 e3 3se.

Use9 in 'N : Re7ires J es6ape• K

• Z

• [

• V


54/116


• <

• >

•

• \

•

•

• H

•

Use9 in Fi4ter: Re7ires KJASCIIL es6ape• ]^2&_

• 0 ]^2-_

• ^ ]^(_

• ]^23_

• ]^2@_

• NL ]^,_

REFERENCEWASC

tt=:=9ets.eD3==se.95=35e1#2'6-'*L!APX2,Inet49n

http://projects.webappsec.org/w/page/13246947/LDAP%20Injectionhttp://projects.webappsec.org/w/page/13246947/LDAP%20Injection


55/116


2.1.11 PA!!ING ORACLE A TTAC%

SEVERIT /EVE/)I)


VU/NERA$I/IT C/ASSIFICATIONSee M4s9n5?3t49n

AFFECTE' UR/

'ESCRIPTIONSee M4s9n5?3t49n 3tt3s eF=794t 9n5?3t49n e3nesses @9?n; 4n eD

sees 3n; 3==743t49n sees. M3n8 sees 9me 4t ?nneess38 ;e@3?7t 3n;s3m=7e 7es 4n7?;4n5 3==743t49ns 9n5?3t49n 7es s4=ts 3n; eD =35es. Te8m38 37s9 3e ?nneess38 se4es en3D7e; s? 3s 9ntent m3n35ement 3n;em9te 3;m4n4st3t49n @?nt49n374t8. !eD?554n5 @?nt49ns m38 De en3D7e; 93;m4n4st3t4e @?nt49ns m38 De 3ess4D7e t9 3n9n8m9?s ?ses.

Sees m38 4n7?;e e77n9n ;e@3?7t 39?nts 3n; =3ss9;s. "347?e t9 @?778 79;9n 9 3;en te see m38 7e3e 4m=9=e78 set 7e 3n; ;4et98 =em4ss49ns.M4s9n5?e; SSL et43tes 3n; en8=t49n sett4n5s te ?se 9@ ;e@3?7t et43tes3n; 4m=9=e 3?tent43t49n 4m=7ement3t49n 4t eFten37 s8stems m38 9m=9m4sete 9n;ent4374t8 9@ 4n@9m3t49n.

+eD9se 3n; 4n@9m3t4e e9 mess35es m38 es?7t 4n ;3t3 7e335e 3n; te4n@9m3t49n ee37e; 9?7; De ?se; t9 @9m?73te te neFt 7ee7 9@ 3tt3. In9et9n5?3t49ns 4n te see s9@t3e m38 =em4t ;4et98 4n;eF4n5 3n; =3tt3es37 3tt3s.

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t eD 3==743t49n 3s ?7ne3D7e t9 O37e =3;;4n53tt3.

O37e 4s 3 me3n4sm 4ns4;e 3 4=e 3=3D7e 9@ =94;4n5 +374; 9 In374; 3nse@9 3 54en 4=eteFt. Tee@9e P3;;4n5 O37e 4s 3 me3n4sm 3=3D7e t93nse ete te =3;;4n5 9@ te =94;e; 4=eteFt 4s 374; 9 n9t.

In 8=t953=8 te =3;;4n5 937e 3tt3 4s 3n 3tt3 9n te CBC m9;e 9@ 9=e3t49n ee te 937e 7e3s ;3t3 3D9?t ete te =3;;4n5 9@ 3n en8=te;mess35e 4s 9et 9 n9t. T4s 3n 3779 3tt3es t9 ;e8=t 3n; s9met4mesen8=t0 mess35es t9?5 te 937e ?s4n5 te 937eHs e8 4t9?t n94n5 teen8=t49n e8.We 3e 3D7e t9 n; En8=te; 37?e: G22D5A1%5U#(B@7Q4A=5AAAAAAAAAAAAAAAAAAAAA1


56/116


FIURE &2D ORAC/E PA''IN ERROR

FIURE &1D $RUTE FORCE ENCRPTE' VA/UE FOR ORAC/E PA''IN ATTAC-

IMPACTs4n5 te ?7ne3D474t8 te 3tt3e m38 ;e8=t 377 te sens4t4e ;3t3 sent D8ASP.NET 3==743t49n t9 3 74ent 4.e. 994es +4eSt3te RL st4n5s 4;;en e7;s et.

Ten te 3tt3e m38 n; 89? en8=t49n =3ss=3se 3n5e te en8=te; ;3t33n; sen; te m9;4e; 9ntent D3 t9 te see. "9 eF3m=7e te 3tt3e m384m=es9n3te 4mse7@ 3s 3 s8stem 3;m4n4st3t9.

RECOMMEN'ATIONM49s9@t 3s e7e3se; 3 =3t t9 F te ?7ne3D474t8. It 4s st9n578 e9mmen;e; t93==78 te De79 =3t: tt=:[email protected]?sse?4t8D?77et4nMS1,,*,

http://technet.microsoft.com/en-us/security/bulletin/MS10-070http://technet.microsoft.com/en-us/security/bulletin/MS10-070


57/116


It 4s e9mmen;e; t3t 3 P3t M3n35ement =9ess s9?7; De ;ee79=e; t9 ens?e

e5?73 3==743t49n 9@ se?4t8 =3tes.

REFERENCEOWASP Inse?e C9n5?3t49n M3n35ementtt=:.93s=.954n;eF.==Inse?eUC9n5?3t49nUM3n35ement

P3;;4n5 937e 3tt3tt=:en.44=e;43.9544P3;;4n5U937eU3tt3

http://www.owasp.org/index.php/Insecure_Configuration_Managementhttp://en.wikipedia.org/wiki/Padding_oracle_attackhttp://www.owasp.org/index.php/Insecure_Configuration_Managementhttp://en.wikipedia.org/wiki/Padding_oracle_attack


58/116


59/116


FIURE &&D /OE' AFTER COO-IE

0 L95 9?t 9@ te 3==743t49n: C994e:ASP.NETUSess49nI;V 4s7?1('tFn((ne9;t@#

FIURE &(D /OOUT AFTER COO-IE;0 Re7954n 4t9?t 79s4n5 te D9se :C994e: ASP.NETUSess49nI;V 4s7?1('tFn((ne9;t@#

FIURE &+D RE /OE' IN APP/ICATION

S4ne te C994e 37?es 3e s3me 4n 377 te 3D9e 3ses ten 4t 3n 7e3; t9 Sess49n"4F3t49n Att3.

IMPACTA@te 3 s?ess@?7 3tt3 te 3tt3e 534ns 9m=7ete 3ess t9 ?ses sess49n 3n;=e@9m 9=e3t49ns 9n te ?seHs De37@ 9se sess49n 3s 43e;.


60/116


61/116


2.1.1# SESSION $IJAC%ING

SEVERIT ME'IUM


VU/NERA$I/IT C/ASSIFICATIONA==743t49n M4s9n5?3t49n

AFFECTE' SAMP/E UR/

'ESCRIPTION

Te Sess49n $434n5 3tt3 9ns4sts 9@ te eF=794t3t49n 9@ te eD sess49n 9nt97me3n4sm 4 4s n9m3778 m3n35e; @9 3 sess49n t9en.Be3?se tt= 9mm?n43t49n ?ses m3n8 ;4eent TCP 9nnet49ns te eD seenee;s 3 met9; t9 e95n4e ee8 ?ses 9nnet49ns. Te m9st ?se@?7 met9;;e=en;s 9n 3 t9en t3t te WeD See sen;s t9 te 74ent D9se 3@te 3 s?ess@?774ent 3?tent43t49n. A sess49n t9en 4s n9m3778 9m=9se; 9@ 3 st4n5 9@ 343D7e4t 3n; 4t 9?7; De ?se; 4n ;4eent 38s 74e 4n te RL 4n te e3;e 9@ te tt=e?4s4t49n 3s 3 994e 4n 9te =3ts 9@ te e3;e 9@ te tt= e?est 9 8et 4n teD9;8 9@ te tt= e?4s4t49n.

ANA/SISIt 3s @9?n; t3t te 3==743t49n 4s ?7ne3D7e t9 Sess49n $434n5 3tt3. Te

@97794n5 ste=s ee =e@9me; t9 eF=794t te ?7ne3D474t8:

Ste= 1: O=en "4e@9F 3n; 795 4n 3s +APTSER#

Ste= 2: G3D te 994e @9m "4e@9F

FIURE &"D SESSION )I%AC-IN STEP 1: VICTIM /OE' IN APP/ICATION

Ste= #: O=en "4e@9F B9se !4eent S8stem0 3n; 4s4t te 7954n =35e 3n; 3;; te

994e.


62/116


FIURE &*D A''IN V ICTIM COO-IE ON ATTAC-ER S STEM


63/116


Ste= ': N9 s4m=78 3ess te RL 4n "4e@9F 3n; 534n 3ess t9 +APTSER#

39?nt

FIURE &.D SESSION ) I%AC- SUCCESSFU/

IMPACTA@te s?ess@?778 434n5 3 sess49n te 3tt3e 534ns 9m=7ete 3ess t9 ?seHs;3t3 3n; 4s =em4tte; t9 =e@9m 9=e3t49ns 4m=es9n3t4n5 te ?se 9se sess49n3s 43e;.

RECOMMEN'ATION T9 =eent m4s?se 9@ 3 374; sess49n st4t sess49n m3n35ement =9744es m?st De =?t4n =73e. Te @97794n5 =3t4es 3n @9779e; @9 Dette sess49n m3n35ement:

1. se $TTPS 3n; m3 C994es 3s Se?e2. Ee8 ne sess49n s9?7; 3e 3 ;4eent sess49n t9en 4.e. M8C994e

=33mete 37?e s9?7; 3n5e 9n e3 7954n eent0#. Te sess49n s9?7; 3e 3 t4me9?t =9748 s9 t3t te sess49n 795s9?t

3?t9m3t43778 3@te 3 =e;ene; t4me 9@ 4n3t44t8. Te s9te te t4me teDette.'. !9 n9t 3779 9n?ent sess49ns.

REFERENCEG?3;4n5 A534nst Sess49n $434n5 In ASP.NETtt=s:.93s=.954n;eF.==Test4n5U@9UEF=9se;USess49nU+343D7esUOWASPSM,,'0

OWASP T9= 1, 2,1,A#B9en A?tent43t49n 3n; Sess49n M3n35ementtt=:.;e3m4n9;e.net@9?mst9=461(,#5?3;4n53534nstsess49n434n5

4n3s=net

"9474n5 Sess49n $434n5 Attem=tstt=:ms;[email protected]?sm3534ne#,,(,,.3s=F

Peent C9n?ent Sess49nstt=:5ees4tD795s.net"e34e2,1,,(1*=eent4n53?se@9m34n5m?7t4=7e9n?entsess49ns.3s=F

https://www.owasp.org/index.php/Testing_for_Exposed_Session_Variables_(OWASP-SM-004)https://www.owasp.org/index.php/Testing_for_Exposed_Session_Variables_(OWASP-SM-004)http://www.dreamincode.net/forums/topic/61503-guarding-against-session-hijacking-in-aspnet/http://www.dreamincode.net/forums/topic/61503-guarding-against-session-hijacking-in-aspnet/http://msdn.microsoft.com/en-us/magazine/cc300500.aspxhttp://geekswithblogs.net/Frez/archive/2010/05/17/preventing-a-user-from-having-multiple-concurrent-sessions.aspxhttp://geekswithblogs.net/Frez/archive/2010/05/17/preventing-a-user-from-having-multiple-concurrent-sessions.aspxhttps://www.owasp.org/index.php/Testing_for_Exposed_Session_Variables_(OWASP-SM-004)https://www.owasp.org/index.php/Testing_for_Exposed_Session_Variables_(OWASP-SM-004)http://www.dreamincode.net/forums/topic/61503-guarding-against-session-hijacking-in-aspnet/http://www.dreamincode.net/forums/topic/61503-guarding-against-session-hijacking-in-aspnet/http://msdn.microsoft.com/en-us/magazine/cc300500.aspxhttp://geekswithblogs.net/Frez/archive/2010/05/17/preventing-a-user-from-having-multiple-concurrent-sessions.aspxhttp://geekswithblogs.net/Frez/archive/2010/05/17/preventing-a-user-from-having-multiple-concurrent-sessions.aspx


64/116



65/116


66/116


67/116


FIURE (1D A//O,E' O$%ECT $ USER ' I/IP

FIURE (#D ACCESSIN PASS ,)IC) 'I/IP ,AS NOT AUT)ORIGE' FOR

IMPACTS? 3s 3n 9m=9m4se 377 te ;3t3 t3t 3n De e@eene; D8 te =33mete.

n7ess te n3me s=3e 4s s=3se 4ts e3s8 @9 3n 3tt3e t9 3ess 377 33473D7e ;3t3

9@ t3t t8=e.

s4n5 t4s 4nse?e ;4et 9Det e@eene ?7ne3D474t8 3n 3tt3e 3n 4e 9te

?se ;3t3 4 3s n9t 3?t94e; D8 ?st 3n54n5 =33mete t9 neFt =e;4t3D7e

37?e.


68/116


RECOMMEN'ATIONBe79 4s te e9mmen;3t49n @9 Inse?e !4et ODet:

• Ce 4@ te se 4s 4n sess49n 3n; 3s =447e5es t9 3ess te =3t4?73es9?e. se R97e B3se; Aess C9nt97s ?s4n5

•

M4n4m4e ?se 3D474t8 t9 =e;4t 9Det I!sN3mes• !9nt eF=9se te 3t?37 I!n3me 9@ 9Dets

"9779 te 74n De79 @9 4m=7ement4n5 te 3D9e e9mmen;3t49ns

tt=:.t98?nt.9m2,1,,-93s=t9=1,@9net;ee79=es=3t'.tm7

REFERENCEInse?e !4et ODet Re@eene

tt=s:.93s=.954n;eF.==T9=U1,U2,,*Inse?eU!4etUODetURe@eene

http://www.troyhunt.com/2010/09/owasp-top-10-for-net-developers-part-4.htmlhttps://www.owasp.org/index.php/Top_10_2007-Insecure_Direct_Object_Referencehttp://www.troyhunt.com/2010/09/owasp-top-10-for-net-developers-part-4.htmlhttps://www.owasp.org/index.php/Top_10_2007-Insecure_Direct_Object_Reference


69/116


2.1.1( CROSS SITE REQEST "ORGERY CSR"0

SEVERIT ME'IUM


VU/NERA$I/IT C/ASSIFICATIONC9ssS4te Re?est "95e8

AFFECTE' SAMP/E UR/

'ESCRIPTION

A 9sss4te e?est @95e8 4s 3n 3tt3 t3t 4n97es @94n5 3 4t4m t9 sen; 3n $TTPe?est t9 3 t35et ;est4n3t49n 4t9?t te4 n97e;5e 9 4ntent 4n 9;e t9 =e@9m

3n 3t49n 3s te 4t4m. Te ?n;e784n5 3?se 4s 3==743t49n @?nt49n374t8 ?s4n5

=e;4t3D7e RL@9m 3t49ns 4n 3 e=e3t3D7e 38. Te n3t?e 9@ te 3tt3 4s t3t

CSR" eF=794ts te t?st t3t 3 eD s4te 3s @9 3 ?se

ANA/SIS Tee 3e et34n 9=e3t49ns 4n te 3==743t49n 4 3e 9ns4;ee; sens4t4e. Tese9=e3t49ns m3e 4s4D7e 3n5es t9 te 3==743t49n 3n; te4 4nte3t49n 4t 9te9m=9nents.It 3s @9?n; t3t De79 ment49ne; 9=e3t49ns 3n De =e@9me; D8 s?Dm4tt4n5 3

s4n57e e?est t9 te see D8 3 7955e; 4n ?se.

Be79 Seens9t e=esent te CSR" 9n O437 Em347 P33mete.


70/116


FIURE (&D $EFORE CSRF EXECUTION

Be79 4s te 3@te; $TML 9;e 4 477 77 4t4m 9437 em347 3;;ess 3n;

37ten3t4e em347 3;;ess D8 3n 3tt3e em347 3;;ess 4 4ss?n4783;316(`5m347.9m.

FIURE ((D CRAFTE' )TM/ PAE FOR CSRF POC

W47e 4t4m 4s 37e3;8 7955e; 4n e 477 4s4t 3tt3e 3@te; tm7 =35e 3n; 74 9n

s?Dm4t @9m.

FIURE (+D ,)I/E /OIN V ICTIM VISIT ATTAC-ER )TM/ PAE

mailto:[email protected]:[email protected]


71/116


FIURE ("D AFTER C/IC- SU$MIT IT ,I// RE'IRECT TO )OME PAE

A@te 744n5 s?Dm4t @9m 4@ 89? n9t4e 4t4m 9437 em347 3;;ess 3n; 37ten3t4e

em347 3;;ess 3s Deen 3n5e; t9 3tt3e em347 s?n47.83;316(`5m34.9m

FIURE (*D ATTAC-ER EMAI/ I' )AS $EEN A''E' TO VICTIM PROFI/E

C3@te; S3m=7e CSR" RL @9 P?D74se; !9?ment:tt=:2,#.1-6.2,6.1(2G79D37UP9t37m8t3t3m9t9s4n@9U=9748St?t?eUm5mt3;m4n=?D;9.3s=F3t=?DV"K3t3V"K3tU4;V12K;9U4;V2K=?DV"Ks9tVt4t7eKst8=eVYesK=35eV,

Be79 seens9t s9 t3t 4@ 7955e; 4n 4t4m 74 9n 3D9e RL 4t 477 ;4et78=?D74se; te ;9?ment 4t 3t 4; 12 3n; ;9 4; 2.

http://203.196.206.152/Global_Portal/mytatamotors/info_policy/Structure_mgmt/admin/pubdoc.aspx?catpub=F&catarc=F&cat_id=12&doc_id=2&pub=F&sort=title&stype=Yes&page=0http://203.196.206.152/Global_Portal/mytatamotors/info_policy/Structure_mgmt/admin/pubdoc.aspx?catpub=F&catarc=F&cat_id=12&doc_id=2&pub=F&sort=title&stype=Yes&page=0http://203.196.206.152/Global_Portal/mytatamotors/info_policy/Structure_mgmt/admin/pubdoc.aspx?catpub=F&catarc=F&cat_id=12&doc_id=2&pub=F&sort=title&stype=Yes&page=0http://203.196.206.152/Global_Portal/mytatamotors/info_policy/Structure_mgmt/admin/pubdoc.aspx?catpub=F&catarc=F&cat_id=12&doc_id=2&pub=F&sort=title&stype=Yes&page=0http://203.196.206.152/Global_Portal/mytatamotors/info_policy/Structure_mgmt/admin/pubdoc.aspx?catpub=F&catarc=F&cat_id=12&doc_id=2&pub=F&sort=title&stype=Yes&page=0http://203.196.206.152/Global_Portal/mytatamotors/info_policy/Structure_mgmt/admin/pubdoc.aspx?catpub=F&catarc=F&cat_id=12&doc_id=2&pub=F&sort=title&stype=Yes&page=0


72/116


FIURE (.D CSRF ON PU$/IS) 'OCUMENT

IMPACTAs te n3me 4n;43tes t4s 4s 3 e?est @95e8 3tt3 4n 4 te 3tt3e

4m=es9n3tes 3n9te 7e54t4m3te ?se 4n t35et4n5 te 4t4m eDs4te. !e=en;4n5 9n

te @?nt49n374t8 =94;e; D8 te eD 3==743t49n t3t 4s De4n5 t35ete; te 4m=3t3n 38 @9m 3nn983nes t9 3;m4n4st3t4e 9nt97 @9 te 3tt3e.

RECOMMEN'ATION Te @97794n5 me3n4sms 3n De ?se; t9 =eent CSR" 3tt3s:

1. Im=7ement te ?se 9@ 3n;9m CSR" t9ens @9 377en5e es=9nse. Te sees9?7; 5ene3te 3 3n;9m t9en @9 377 =35es 9nt34n4n5 sens4t4e 9=e3t49ns.Wen te ?se s?Dm4ts te e?est te CSR" t9en s9?7; 37s9 De sent 379n5. Te see s9?7; e4@8 te 9454n37 t9en 37?e 3n; 9n78 ten =9ess te?se e?est.

2. Te 3==743t49n 3n 4m=7ement 3 st9n5 CAPTC$A ?st De@9e 3n8 sens4t4ee?est 3s t9 De s?Dm4tte;.

#. !e=en;4n5 9n te 4t4374t8 9@ te 9=e3t49n te 3==743t49n 9?7; 3s te ?set9 eente te4 39?nt =3ss9;.'. It 4s 37s9 neess38 t9 ens?e t3t te 3==743t49n ;9es n9t s?e @9m 3n8

C9ssS4te S4=t4n5 +?7ne3D474t4es. /SS m38 De ?se; t9 D8=3ss te CSR"=9tet49ns 4m=7emente; D8 te 3==743t49n.

A7s9 4t 4s e9mmen;e; ?se +4eSt3tese%e8 =9=et8 4t4n te +4est3te. P7e3see@e De79 RL @9 te s3me.tt=s:.93s=.954n;eF.==C9ssS4teURe?estU"95e8UCSR"0UPeent49nUCe3tUSeeta+4est3teU.2&ASP.NET.2-

REFERENCEC9ssS4te Re?est "95e8

tt=:=9ets.eD3==se.95C9ssS4teRe?est"95e8MS!Ntt=:ms;[email protected]?s74D38ms-*2-6-.3s=F

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Viewstate_.28ASP.NET.29https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Viewstate_.28ASP.NET.29http://projects.webappsec.org/Cross-Site-Request-Forgeryhttp://msdn.microsoft.com/en-us/library/ms972969.aspxhttps://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Viewstate_.28ASP.NET.29https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Viewstate_.28ASP.NET.29http://projects.webappsec.org/Cross-Site-Request-Forgeryhttp://msdn.microsoft.com/en-us/library/ms972969.aspx


73/116


2.1.16 CLIC%JAC%ING +LNERABILITY

SEVERIT /EVE/ME'IUM


VU/NERA$I/IT C/ASSIFICATIONCLCI%JAC%ING Att3

AFFECTE' SAMP/E UR/

'ESCRIPTIONCLIC%JAC%ING 37s9 n9n 3s 3 I e;ess 3tt3 4s en 3n 3tt3e ?ses m?7t4=7e

t3ns=3ent 9 9=3?e 738es t9 t4 3 ?se 4nt9 744n5 9n 3 D?tt9n 9 74n 9n3n9te =35e en te8 ee 4nten;4n5 t9 74 9n te t9= 7ee7 =35e. T?s te3tt3e 4s 434n5 74s me3nt @9 te4 =35e 3n; 9?t4n5 tem t9 9te 3n9te=35e m9st 74e78 9ne; D8 3n9te 3==743t49n ;9m34n 9 D9t.s4n5 3 s4m473 ten4?e e8st9es 3n 37s9 De 43e;. W4t 3 3e@?778 3@te;9mD4n3t49n 9@ st87e seets 4@3mes 3n; teFt D9Fes 3 ?se 3n De 7e; t9 De74eete8 3e t8=4n5 4n te =3ss9; t9 te4 em347 9 D3n 39?nt D?t 3e 4nste3; t8=4n54nt9 3n 4n4s4D7e @3me 9nt977e; D8 te 3tt3e.

ANA/SISIt 3s @9?n; t3t 3==743t49n 3s ?7ne3D7e t9 CLIC%JAC%ING 3tt3.Be79 3e te ste= =e@9me; t9 34ee t4sBe79 seens9t s9s Eent N3me 3s;3s 4s ee; 3s =?D74se;.

FIURE (0D C/IC-%AC-IN STEP 1

Att3e e3te tm7 7e 4n 4 3tt3e 793; ?7ne3D7e RL 4n 4s 4@3me 4t

4n4s4D7e 4@3me.


74/116


Be79 seens9t e=esent te s3me.

FIURE +2D C/IC- %AC-IN IFRAME STE P #

W47e 4t4m 4s 37e3;8 7955e; 4n +4t4m +4s4t Att3e ;9m34n 3n; C74s 9n C74 Me

B?tt9n.

FIURE +1D C/IC-%AC-IN STEP &

A@te C744n5 C74 Me D?tt9n 4@ 89? n9t4e eent n3me 4t 3s;3s 3s Deen

?n=?D74se;.

FIURE +#D C/IC- %AC-IN SUCCESSFU/


75/116


IMPACT T4s m38 =9tent43778 t4 3 5en?4ne ?se 4nt9 744n5 9n s9met4n5 ;4eent t9 3tte ?se =ee4es te8 3e 744n5 9n t?s =9tent43778 @97794n5 9 4n4t4n5 s9meeF4st4n5 9nnet49ns 9 n9neF4st4n5 4n te4 =97e.

RECOMMEN'ATION Tee 3e t9 m34n 38s t9 =eent C7434n5:

1. Sen;4n5 te =9=e D9se es=9nse e3;es t3t 4nst?t te D9se t9 n9t3779 @3m4n5 @9m 9te ;9m34ns

2. Em=7984n5 ;e@ens4e 9;e 4n te I t9 ens?e t3t te ?ent @3me 4s tem9st t9= 7ee7 4n;9.

"9 m9e 4n@9m3t49n 9n C4i6a6ing 9e=ensett=s:.93s=.954n;eF.==C7434n5U!e@enseUCe3tUSeet

REFERENCE

A==743t49n M4s9n5?3t49ntt=:=9ets.eD3==se.95A==743t49nM4s9n5?3t49nC7434n5 ;e@ensett=s:.93s=.954n;eF.==C7434n5U!e@enseUCe3tUSeet

https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheethttp://projects.webappsec.org/Application-Misconfigurationhttps://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheethttps://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheethttp://projects.webappsec.org/Application-Misconfigurationhttps://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet


76/116


2.1.1* !IRECTORY IN!E/ING

SEVERIT /EVE/ME'IUM


VU/NERA$I/IT C/ASSIFICATIONInse?e In;eF4n5

AFFECTE' SAMP/E UR/

'ESCRIPTIONInse?e In;eF4n5 4s 3 te3t t9 te ;3t3 9n;ent4374t8 9@ te eDs4te. In;eF4n5 eD

s4te 9ntents 43 3 =9ess t3t 3s 3ess t9 7es 4 3e n9t s?==9se; t9 De=?D7478 3ess4D7e 3s te =9tent437 9@ 7e34n5 4n@9m3t49n 3D9?t te eF4stene 9@ s? 7es 3n; 3D9?t te4 9ntent. In te =9ess 9@ 4n;eF4n5 s? 4n@9m3t49n 4s977ete; 3n; st9e; D8 te 4n;eF4n5 =9ess 4 3n 73te De et4ee; 37De4t n9tt4437780 D8 3 ;etem4ne; 3tt3e t8=43778 t9?5 3 se4es 9@ ?e4es t9 te se3en54ne. Te 3tt3e ;9es n9t t3t te se?4t8 m9;e7 9@ te se3 en54ne. Ass? t4s 3tt3 4s s?Dt7e 3n; e8 3; t9 ;etet 3n; t9 @947 4ts n9t e3s8 t9;4st4n5?4s te 3tt3es ?e4es @9m 3 7e54t4m3te ?ses ?e4es.

ANA/SISIt 3s @9?n; t3t te ;4et98 74st4n5 3s en3D7e; 9n te Aete; S3m=7e RLs 9@ te3==743t49n.Be79 seens9t s9 te ;4et98 74st4n5 3s en3D7e 9n 3D9e ment49ne; RL.

FIURE +&D 'IRECTOR IN'EXIN


77/116


78/116


2.1.1& PASSWOR! TRANSMITTE! O+ER $TTP

SEVERIT ME'IUM


VU/NERA$I/IT C/ASSIFICATIONIns?4ent T3ns=9t L38e P9tet49n

AFFECTE' SAMP/E UR/

'ESCRIPTIONIns?4ent t3ns=9t 738e =9tet49n 3779s 9mm?n43t49n t9 De eF=9se; t9

?nt?ste; t4;=3t4es =94;4n5 3n 3tt3 et9 t9 9m=9m4se 3 eD 3==743t49n

3n;9 ste37 sens4t4e 4n@9m3t49n. WeDs4tes t8=43778 ?se Se?e S9ets L38e

T3ns=9t L38e Se?4t8 SSLTLS0 t9 =94;e en8=t49n 3t te t3ns=9t 738e.

$9ee ?n7ess te eDs4te 4s 9n5?e; t9 ?se SSLTLS 3n; 9n5?e; t9 ?se

SSLTLS =9=e78 te eDs4te m38 De ?7ne3D7e t9 t3 4ntee=t49n 3n;

m9;43t49n.

ANA/SISIt 3s @9?n; t3t te sens4t4e ;3t3 ?se e;ent437s0 3e sent 43 te =734nteFt

=9t997 $TTP t9 te 3D9e RLs.


79/116


FIURE +(D PASS,OR' TRANSMITTE' OVER )TTP

IMPACTSens4t4e ;3t3 74e ?se e;ent437s 3n; e;4t 3; n?mDes s?Dm4tte; 9e 3n

?nen8=te; 9nnet49n 3e ?7ne3D7e t9 4ntee=t49n D8 3n 3tt3e 9 4s s?4t3D78

=9s4t49ne; 9n te net9. T4s 4n7?;es 3n8 m37449?s =3t8 793te; 9n te ?seHs

9n net9 4t4n te4 ISP 4t4n te ISP ?se; D8 te 3==743t49n 3n; 4t4n te

3==743t49nHs 9st4n5 4n@3st?t?e. Een 4@ s4te; net9s 3e em=798e; 3t s9me

9@ tese 793t49ns ten4?es eF4st t9 4?ment t4s ;e@ense 3n; m9n4t9 te t3

=3ss4n5 t9?5 s4tes.

RECOMMEN'ATIONS4ne ?se e;ent437s 3e ?s?3778 9ns4;ee; sens4t4e 4n@9m3t49n 4t 4s

e9mmen;e; t9 De sent t9 te see 9e 3n en8=te; 9nnet49n.

"97794n5 te 74n De79 t9 4m=7ement SSL 9n IIS

tt=:[email protected]&*(

REFERENCEIns?4ent T3ns=9t L38e P9tet49n

tt=:=9ets.eD3==se.95Ins?4entT3ns=9tL38eP9tet49n

OWASP T9= 1, 2,1,A-Ins?4ent T3ns=9t L38e P9tet49n

tt=:.93s=.954n;eF.==T9=U1,U2,1,A-

Ins?4entUT3ns=9tUL38eUP9tet49n

http://support.microsoft.com/kb/299875http://projects.webappsec.org/Insufficient-Transport-Layer-Protectionhttp://www.owasp.org/index.php/Top_10_2010-A9-Insufficient_Transport_Layer_Protectionhttp://www.owasp.org/index.php/Top_10_2010-A9-Insufficient_Transport_Layer_Protectionhttp://support.microsoft.com/kb/299875http://projects.webappsec.org/Insufficient-Transport-Layer-Protectionhttp://www.owasp.org/index.php/Top_10_2010-A9-Insufficient_Transport_Layer_Protectionhttp://www.owasp.org/index.php/Top_10_2010-A9-Insufficient_Transport_Layer_Protection


80/116


2.1.1- IMPROPER ERROR $AN!LING

SEVERIT ME'IUM

EASE OF EXP/OITATION'IFFICU/T

VU/NERA$I/IT C/ASSIFICATIONIn@9m3t49n Le335e

AFFECTE' SAMP/E UR/

'ESCRIPTION

In@9m3t49n Le335e 4s 3n 3==743t49n e3ness ee 3n 3==743t49n ee37ssens4t4e ;3t3 s? 3s ten437 ;et347s 9@ te eD 3==743t49n en49nment 9 ?se

s=e4 ;3t3. Sens4t4e ;3t3 m38 De ?se; D8 3n 3tt3e t9 eF=794t te t35et eD

3==743t49n 4ts 9st4n5 net9 9 4ts ?ses.

ANA/SISIt 3s 9Dsee; t3t te 3==743t49n ;4s=738s e9 mess35es @9m te

3==743t49n;3t3D3se ;4et78 t9 te en;?se.

It ;4s79ses te De79 4n@9m3t49n t9 te en; se

• Inten37 IP A;;ess

•

St3 T3e• !3t3D3se In@9m3t49n

• Inten37 P3t !4s79s?e

FIURE ++D IMPROPER ERROR )AN'/IN


81/116


IMPACTE9 ;4s79s?es 9@ 3==743t49ns e7= 3n 3tt3e 4n 5ett4n5 s=e4 4n@9m3t49n 9n te

3==743t49ns De4n5 ?se; 4n te net9. T4s 9?7; en3D7e te 3tt3e t9 9nent3te

m9e 9n te ?7ne3D474t4es 9@ t3t 3==743t49n. $ene es49n ;4s79s?es s4m=74@8 te

t3s 9@ 3n 3tt3e.

RECOMMEN'ATIONASP.NET =94;es 3 s4m=7e 8et =9e@?7 38 t9 ;e37 4t e9s t3t 9? 4n 89? eD

3==743t49ns. !ene ?st9m e9 =35es s? t3t te8 54e 9? m4n4m?m 3m9?nt 9@

4n@9m3t49n 9?t 4n 3se 9@ 3n e9 9n;4t49n.

1. !ene ?st9m e9 =35es 4n eD.9n5

custom7rrors mo1e=$Remotenly$ 1efaultRe1irect=$Nerror.asp$T

error status3o1e=$A0H$ re1irect=$XN


82/116


83/116


2.1.2, CAPTC$A NOT IMPLEMENTE!

SEVERIT /EVE/ME'IUM


VU/NERA$I/IT C/ASSIFICATIONIns?4ent Ant43?t9m3t49n

AFFECTE' SAMP/E UR/

'ESCRIPTIONIns?4ent Ant43?t9m3t49n 9?s en 3 eD 3==743t49n =em4ts 3n 3tt3e t9

3?t9m3te 3 =9ess t3t 3s 9454n3778 ;es45ne; t9 De =e@9me; 9n78 4n 3 m3n?37@3s49n 4.e. D8 3 ?m3n eD ?se.

ANA/SISIt 3s 9Dsee; t3t CAPTC$A 4s n9t 4m=7emente; 9n te 7954n =35e 9@ te3==743t49n.s4n5 t4s ?7ne3D474t8 3n 3tt3e 3n 3?t9m3te te 7954n =9ess 3n; =e@9m 3D?te @9e 3tt3.Be79 seens9t s9s D?te @9e 9n T3e7B994n5 A==743t49n @9 se+APTSER#

FIURE +" D CAPTC)A NOT IMP/EMENTE'

IMPACT!?e t9 4ns?4ent 3nt43?t9m3t49n 3n 3tt3e 3n ?se 3?t9m3te; t997s t9 =e@9mm37449?s 3t44t4es 9n te 3==743t49n 4 m38 7e3; 4nt9 ?n3?t94e; 3ess.

RECOMMEN'ATION


84/116


It 4s e9mmen;e; t9 3e CAPTC$A 4m=7emente; t9 ens?e n9 3?t9m3te; s4=ts 9D9ts 3n ?n 9n te 377 te 4n=?t @9ms 9n te Aete; S3m=7e RL.A7s9 4t 4s e9mmen;e; t9 ?se se L99?t P9748 4n 4 ?se m?st De 799?t 4n3se 9@ #( @347e; 3ttem=t.

REFERENCEIns?4ent Ant43?t9m3t49ntt=:=9ets.eD3==se.95Ins?4ent\Ant43?t9m3t49n

http://projects.webappsec.org/Insufficient+Anti-automationhttp://projects.webappsec.org/Insufficient+Anti-automation


85/116


2.1.21 SENSITI+E IN"ORMATION !ISCLOSRE

SEVERIT /EVE/ME'IUM



AFFECTE' SAMP/E UR/

'ESCRIPTIONIn@9m3t49n Le335e 4s 3n 3==743t49n e3ness ee 3n 3==743t49n ee37s

sens4t4e ;3t3 s? 3s ten437 ;et347s 9@ te eD 3==743t49n en49nment 9 ?ses=e4 ;3t3. Sens4t4e ;3t3 m38 De ?se; D8 3n 3tt3e t9 eF=794t te t35et eD3==743t49n 4ts 9st4n5 net9 9 4ts ?ses.

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t 3==743t49n @347e; t9 =9tet te sens4t4e4n@9m3t49n 74e 795 Em347 I; Inten37 IP K Inten37 =3t 4 4s ;4et78 3ess4D7e9e te 4ntenet.tt=:2,#.1-6.2,6.1([email protected]=FEFt3te; In@9m3t49n:tt=:1*2.2'.6.1-1s3e;L954nUAR.s=tt=:2,#.1-6.2,6.1(2G79D37UP9t37m8t3t3m9t9s$9me"[email protected]=FsU?seV9+6\R+e-RL-C2%,Y/FVVK3==U9;eVA11,EFt3te; In@9m3t49n:tt=:1*2.1&.*&.1,n9mesess49ns5ene3tett=:2,#.1-6.2,6.1(2G79D37UP9t374n@9U=9748St?t?eUm5mt?se=35e.3s=F Te @97794n5 em347 3;;esses ee ;4s79se; 4n te es=9nse:asmita.gate#tatamotors .com1ilip.trie1i#tatamotors .com1nG#tatamotors.comniGat.si11iqui #tatamotors.comnmg#tatamotors.compra1eep#tatamotors.comsacin.sarma#tatamotors .comsanMay.1ureMa#tatamotors .comsantanu.sapale #tatamotors.com

http://203.196.206.152/Global_Portal/mytatamotors/AssetDetails/frm_BMC.aspxhttp://172.24.6.191/shared/Login_AR.jsphttp://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/frm_CheckUser.aspx?s_user=oVh6+RVe9RL9C2Kk0cYXxw==&app_code=A110http://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/frm_CheckUser.aspx?s_user=oVh6+RVe9RL9C2Kk0cYXxw==&app_code=A110http://172.18.78.10/knome/sessions/generatehttp://203.196.206.152/Global_Portal/info_policy/Structure_mgmt/user/page.aspxhttp://203.196.206.152/Global_Portal/mytatamotors/AssetDetails/frm_BMC.aspxhttp://172.24.6.191/shared/Login_AR.jsphttp://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/frm_CheckUser.aspx?s_user=oVh6+RVe9RL9C2Kk0cYXxw==&app_code=A110http://203.196.206.152/Global_Portal/mytatamotors/Home/Forms/frm_CheckUser.aspx?s_user=oVh6+RVe9RL9C2Kk0cYXxw==&app_code=A110http://172.18.78.10/knome/sessions/generatehttp://203.196.206.152/Global_Portal/info_policy/Structure_mgmt/user/page.aspx


86/116


87/116


2.1.22 PASSWOR! +ISIBLE W$ILE RESETTING PASSWOR!

SEVERIT /EVE//O,



AFFECTE' UR/

'ESCRIPTIONIn@9m3t49n Le335e 4s 3n 3==743t49n e3ness ee 3n 3==743t49n ee37s

sens4t4e ;3t3 s? 3s ten437 ;et347s 9@ te eD 3==743t49n en49nment 9 ?ses=e4 ;3t3. Sens4t4e ;3t3 m38 De ?se; D8 3n 3tt3e t9 eF=794t te t35et eD3==743t49n 4ts 9st4n5 net9 9 4ts ?ses.

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t eset ?se @?nt49n374t8 3s =3ss9; e7; 4n4s4D7e m9;e.

FIURE +.D PASS,OR' IN V ISI$/E MO'E

IMPACTAtt3e 3n ?se s9?7;e s?n5 ten4?es t9 5et te 35ent =3ss9; 4 4s4s4D7e ;4et78 47e eset ?se =3ss9; D8 te 3;m4n4st3t9.

RECOMMEN'ATIONIt 4s e9mmen;e; t3t te =3ss9; e7; s9?7; n9t De 4s4D7e ;4et78

Be79 4s te e9mmen;3t49n @9 n9t ;4s=7384n5 =3ss9;• input type=Ypass"or1Y alue=YY NT


88/116


REFERENCEIn@9m3t49n Le335ett=:=9ets.eD3==se.95In@9m3t49nLe335e

http://projects.webappsec.org/Information-Leakagehttp://projects.webappsec.org/Information-Leakage


89/116


2.1.2# SESSION TO%EN IN RL

SEVERIT /EVE//O,


AFFECTE' SAMP/E UR/

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t eD 3==743t49n 9nt34ns 3 sess49n t9en 4n GETRL.

FIURE +0D SESSION TO-EN IN UR/

IMPACTSens4t4e 4n@9m3t49n 4t4n RLs m38 De 7955e; 4n 349?s 793t49ns 4n7?;4n5 te?seHs D9se te eD see 3n; 3n8 @93; 9 eese =9F8 sees Deteente t9 en;=94nts. RLs m38 37s9 De ;4s=738e; 9nseen D99m3e; 9 em347e;39?n; D8 ?ses. Te8 m38 De ;4s79se; t9 t4; =3t4es 43 te Re@ee e3;e en3n8 9s4te 74ns 3e @9779e;. P734n5 sess49n t9ens 4nt9 te RL 4ne3ses te 4st3t te8 477 De 3=t?e; D8 3n 3tt3e.

RECOMMEN'ATIONIt 4s e9mmen;e; t9 ?se 994eD3se; sess49n 3te t3t 4m=7ement4n5 C994e7esssess49n. Te 3==743t49n s9?7; ?se 3n 37ten3t4e me3n4sm @9 t3nsm4tt4n5 sess49n t9enss? 3s $TTP 994es 9 4;;en e7;s 4n @9ms t3t 3e s?Dm4tte; ?s4n5 te POSTmet9;.

Cooie4ess ASP!NET Te 3t47e De79 e4es te =9s 3n; 9ns 9@ 994e7ess sess49ns 3n; ;4s?sses 8 89?

s9?7; 394; st94n5 37?3D7e 4n@9m3t49n 4n te sess49n st3te.tt=:ms;[email protected]?s74D3833'*-#1'.3s=F

REFERENCESess49n "4F3t49n

tt=s:.93s=.954n;eF.==Sess49nUF3t49n

http://msdn.microsoft.com/en-us/library/aa479314.aspxhttps://www.owasp.org/index.php/Session_fixationhttp://msdn.microsoft.com/en-us/library/aa479314.aspxhttps://www.owasp.org/index.php/Session_fixation


90/116


2.1.2' "RAME INJECTION

SEVERIT /EVE//O,


VU/NERA$I/IT C/ASSIFICATION"3me Inet49n

AFFECTE' SAMP/E UR/

'ESCRIPTION"3me 4net49n 9?s en 3 @3me 9n 3 ?7ne3D7e eD =35e ;4s=738s 3n9te eD

=35e 43 3 ?se9nt9773D7e 4n=?t.

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t 3==743t49n 3s ?7ne3D7e t9 @3me 4net49n?7ne3D474t8.Be79 4s te seens9t @9 te s3me:

FIURE "2D FRAME IN%ECTION


91/116


IMPACTAn 3tt3e m45t ?se t4s ?7ne3D474t8 t9 e;4et ?ses t9 9te m37449?s eDs4test3t 3e ?se; @9 =4s4n5 3n; s4m473 3tt3s.

RECOMMEN'ATIONBe79 4s te e9mmen;3t49n @9 "3me Inet49n:

• Wee =9ss4D7e ;9 n9t ?se ?sesH 4n=?t @9 RLs.

• I@ 89? ;en4te78 nee; ;8n3m4 RLs m3e 3 74st 9@ 374; 3e=te; RLs 3n; ;9n9t 3e=t 9te RLs.

• Ens?e t3t 89? 9n78 3e=t RLs 4 3e 793te; 9n 3e=te; ;9m34ns.

REFERENCE"3me Inet49n

tt=s:.m34t?n3se?4t8.9m@3me4net49n

https://www.mavitunasecurity.com/frame-injection/https://www.mavitunasecurity.com/frame-injection/


92/116


2.1.2( OPEN RE!IRECTION

SEVERIT /EVE//O,


VU/NERA$I/IT C/ASSIFICATIONO=en Re;4et49n

AFFECTE' SAMP/E UR/

'ESCRIPTIONO=en e;4et49n 9?s en 3 ?7ne3D7e eD =35e 4s De4n5 e;4ete; t9 3n9te

eD =35e 43 3 ?se9nt9773D7e 4n=?t.

ANA/SIS!?4n5 3n378s4s 4t 3s @9?n; t3t 3==743t49n 3s ?7ne3D7e t9 O=en Re;4et49nIss?e.

IMPACTAn 3tt3e 3n ?se t4s ?7ne3D474t8 t9 e;4et ?ses t9 9te m37449?s eDs4tes4 3n De ?se; @9 =4s4n5 3n; s4m473 3tt3s.

RECOMMEN'ATION

Be79 4s te e9mmen;3t49n @9 te s3me:• Wee =9ss4D7e ;9 n9t ?se ?sesH 4n=?t @9 RLs.

• I@ 89? ;en4te78 nee; ;8n3m4 RLs m3e 3 74st 9@ 374; 3e=te; RLs 3n; ;9n9t 3e=t 9te RLs.

• Ens?e t3t 89? 9n78 3e=t RLs 4 3e 793te; 9n 3e=te; ;9m34ns.

REFERENCEO=en Re;4et49n

tt=:.93s=.954n;eF.==O=enUe;4et

http://www.owasp.org/index.php/Open_redirecthttp://www.owasp.org/index.php/Open_redirect


93/116


2.1.26 ABSE O" "NCTIONALITY

SEVERIT /O,


VU/NERA$I/IT C/ASSIFICATIONAD?se 9@ "?nt49n374t8

AFFECTE' SAMP/E UR/

'ESCRIPTIONAD?se 9@ "?nt49n374t8 4s 3n 3tt3 ten4?e t3t ?ses 3 eD s4teHs 9n @e3t?es 3n;

@?nt49n374t8 t9 3tt3 4tse7@ 9 9tes. AD?se 9@ "?nt49n374t8 3n De ;es4De; 3s te

3D?se 9@ 3n 3==743t49nHs 4nten;e; @?nt49n374t8 t9 =e@9m 3n ?n;es43D7e 9?t9me.

Tese 3tt3s 3e 34e; es?7ts s? 3s 9ns?m4n5 es9?es 4?ment4n5

3ess 9nt97s 9 7e34n5 4n@9m3t49n. Te =9tent437 3n; 7ee7 9@ 3D?se 477 38 @9m

eD s4te t9 eD s4te 3n; 3==743t49n t9 3==743t49n. AD?se 9@ @?nt49n374t8 3tt3s 3e

9@ten 3 9mD4n3t49n 9@ 9te 3tt3 t8=es 3n;9 ?t474e 9te 3tt3 et9s.

ANA/SISWeD A==743t49ns t3t sen; m347 m?st De 3e@?7 t9 n9t 3779 te ?se 9m=7ete

9nt97 9e mess35e e3;es 3n; 9ntent. I@ 3n 3tt3e 3n 9nt97 te "9m T9S?Det 3n; B9;8 9@ 3 mess35e 3n; tee 3e n9 3nt43?t9m3t49n 9nt97s 4n =73e

em347 @?nt49ns 3n De t?ne; 4nt9 s=3me738 e47es.


94/116


95/116


2.1.2* INSECRE IMPLEMENTATION O" WS!L

SEVERIT /O,


VU/NERA$I/IT C/ASSIFICATIONA==743t49n M4s9n5?3t49n

AFFECTE' SAMP/E UR/

'ESCRIPTION

A==743t49n M4s9n5?3t49n 3tt3s eF=794t 9n5?3t49n e3nesses @9?n; 4n eD3==743t49ns. M3n8 3==743t49ns 9me 4t ?nneess38 3n; ?ns3@e @e3t?es s? 3s

;eD?5 3n; QA @e3t?es en3D7e; D8 ;e@3?7t. Tese @e3t?es m38 =94;e 3 me3ns @9

3 3e t9 D8=3ss 3?tent43t49n met9;s 3n; 534n 3ess t9 sens4t4e 4n@9m3t49n

=e3=s 4t e7e3te; =447e5es.

ANA/SISIt 3s 9Dsee; t3t te eDse4es 4 3e 9ns?me; D8 te 3==743t49n 3e

3ess4D7e t9 3n ?n3?tent43te; ?se.

Tese eDse4es 3e 377e; D8 te

Sample WAPT Report V1.4

Documents

Transcript of Sample WAPT Report V1.4