Broken Authentication is in one of the OWASP Top 10 Vulnerabilities. The essence of Broken Authentication is where you (Web Application) allow your users to get into your website by creating a new account and handling it for specific reasons. In Broken Authentication, whenever a user login into its account, a session id is being created, and that session id is allowed to that particular account only. Now if the web application is crafted securely in terms of Authentication, then it is well and good but in case if it is not then the attacker may use several under given techniques.
- Credentials stuffing: In Credential Stuffing an attacker has a standard list of default passwords and usernames. By this list, they can brute-force the accounts and can log in into legitimate accounts. It is hardly recommended for users to change their default usernames and passwords to get secure from such attacks. An attacker can generate a list of Custom passwords also depending upon his prior information to the target by various tools in Linux such as CRUNCH.
- Unhashed Passwords: Changement of clear-text password into scrambled words through which an attacker can be tricked is called hashing of passwords. What an attacker does is, an attacker can intercept the user request as both of them are on the same network. Using the intercepted request they can clearly see the Clear Text Submission Of passwords that users submit on the website. Using this technique user can lose his Account Authorization & Confidentiality.
- Misconfigured Session Timeouts: The scenario where a user had log out of the account and an attacker has the cookie of that user. Using the cookie, an attacker can still have access to that account. Using this type of loophole Cookie Tampering, Session hijacking and other attacks can be chained into one single loophole, which is also known as chaining of bug. Such type bugs are referred to as Misconfigured Session Timeout.
Attackers used the above methods in case they found Broken Authentication as Vulnerability to get into thousands and lakhs of user accounts depending upon the number of users on the website.
Broken Authentication Vulnerability Exploited: There are numerous ways to test Broken Authentication Vulnerability in this article we are going to take a brief look into a straightforward method.
Method: Exploiting the Cookie
Here in the image, we can see that there are so many requests that all are having OK status, and when we clicked on Request no 441, we saw that the user id brute force was 10411. Its username us AndyPaul, and its default password was “PASSWORD.” Hence in this way, we can extract an ample number of User Accounts if the Broken Authentication Vulnerability exists in the Web Application.
Impacts of Broken Authentication Vulnerability:
- Exposed numerous User Accounts
- Data Breaches
- Administrative Access
- Sensitive Data Exposure
- Identity Theft
Remediation Of Broken Authentication Vulnerability Broken Authentication Vulnerability is a severe issue if it is prevailing in a Web Application because such loopholes can cause the company a million dollar attack in terms of Data Breaches. The following mention points are some of the remediation that a web application can impose on itself to get safe from such attacks.
- Multifactor Authentication Must be implemented to bypass such attacks.
- Password Complexity must be high for the user accounts.
- Rotation of Session Id’s after Successful login.
- Validation Of Session Id’s.
- How to use SQLMAP to test a website for SQL Injection vulnerability
- Meltdown Security Vulnerability
- Spectre Security Vulnerability
- Insecure Direct Object Reference (IDOR) Vulnerability
- Sensitive Data Exposure Vulnerability
- Saving What Saves Our Passwords – Two-Factor Authentication
- Challenge Response Authentication Mechanism (CRAM)
- Nodejs | authentication using Passportjs and passport-local-mongoose
- Implement Token Authentication using Django REST Framework
- Types of Two-factor Authentication
- Two Factor Authentication Implementation Methods and Bypasses
- Graphical Password Authentication
- JWT Authentication with Django REST Framework
- Authentication in Computer Network
- Firebase (sign in with Google) Authentication in Node.js using Firebase UI and Cookie Sessions
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.