Web Application Penetration Testing
One of the major gateways for successful hacker attacks are critical safety-related applications running on company servers. Nowadays these applications are available via mobile devices such as iPad / iPhone or Android smart phones from nearly every place. Thereby the apps are highly vulnerable.
Beside image damage caused by so called defacements, there might be far more problematical consequences. Accessing the companies web server via the web application often constitutes the first step for a massive data theft. To secure intellectual property and protect the company's image, in-house applications and mobile applications need to pass professional penetration tests.
Hence we test in conformity to the high standard OWASP Top 10 to ensure optimum protection and security. Within the scope of your quality management we deliver results in detailed test reports and put forward options for action.
What is the difference to Network Penetration Tests?
The difference to traditional penetration tests lies within the nature of the application and its availability. An intranet (company network) is not necessarily attackable via internet. Web applications are supposed to run online 24/7 and can be penetrated by any device connected to the internet.
In many cases mobile applications provide the foundation for operational business, e.g. online shops or community pages which constitute the core services of a company. These services and offers must be protected against attacks, espionage and sabotage.
What are the weak spots of web applications?
According to the OWASP Top 10 we test for:
- Injection (SQL, LDAP, XPATH)
- Cross Site Scripting (XSS)
- Bad authentication and session management
- Direct access to insecure objects
- Cross Site Request Forgery (CSRF)
- Insufficient configuration
- Insecure Cryptographic Storage
- Insecure direct URL access
- Poorly security of transport layer
- Insecure Redirects and Forwards
What are the typical security flaws and weak spots?
On the basis of the above list and practical experience in the field of security management, we will often find similar error sources which can be prevented by clean programming and well thought-out software engineering. In that context, curesec GmbH offers trainings and workshops for security guards, developer and administrators.
Similar to network applications, errors occur because of insufficient technical implementation of applications as well as poor sensitization of user groups with regard to security restrictions.
Traditional Cross Site Scripting belongs to the common error sources allowing hackers to include bad code, for instance via the URL of an application. Starting from lacking session administration and cookie programming, trained attackers may get access to whole posts, products, users or system components using custom authenticated access (Cross Site Request Forgery). Security flaws caused by poor session fixation may lead to critical economical damage.
Further technical weak spots which can be unveilled by web application penetration tests are caused by weak password policies (e.g. too short passwords) or information disclosures handing out information to potential attackers about servers, versions and operating systems.
Certainly web application penetration tests also needs to analyze user behavior to point out avoidable actions. Users and administrators themselves can be responsible for hacking intrusion by applying weak password policies or application restrictions. We are talking about deficient passwords (with simple patterns or clear names) or the violation of logout evidences.
Extensive penetration tests thereby contain detailed test reports including random security surveys which point out and explain weak spots and furthermore provide solutions.
We would be glad to arrange a free first consultation. We will naturally respond to your wishes and discuss potential threats. For further questions feel free to contact This e-mail address is being protected from spambots. You need JavaScript enabled to view it. .
Published vulnerabilities (extract)
Detailed information on each published vulnerability is provided on our Blog.
- AlegroCart 1.2.8: SQL Injection
- AlegroCart 1.2.8: LFI/RFI
- LiteCart 1.3.2: Multiple XSS
- ClipperCMS 1.3.0: XSS
- ClipperCMS 1.3.0: SQL Injection
- ClipperCMS 1.3.0: Path Traversal
- ClipperCMS 1.3.0: CSRF
- ClipperCMS 1.3.0: Code Execution Exploit
- ClipperCMS 1.3.0: Code Execution
- dotclear 2.8.1: XSS
- dotclear 2.8.1: Code Execution
- Open Source Social Network 3.5: XSS
- Sitemagic CMS 4.1: XSS
- Thelia 2.2.1: XSS
- TomatoCart v1.1.8.6.1: XSS
- TomatoCart v1.1.8.6.1: Code Execution
- XCart 5.2.6: Code Execution Exploit
- XCart 5.2.6: Code Execution
- XCart 5.2.6: Path Traversal
- XCart 5.2.6: XSS
- TheHostingTool 1.2.6: Multiple XSS
- TheHostingTool 1.2.6: Multiple SQL Injection
- TheHostingTool 1.2.6: Code Execution
- Quick.Cart 6.6: Multiple XSS
- Quick.Cart 6.6: CSRF
- CubeCart 6.0.7: XSS
- CubeCart 6.0.7: Code Execution
- Supercali Event Calendar 1.0.8: XSS
- Supercali Event Calendar 1.0.8: CSRF
- SQLiteManager 1.2.4: Multiple XSS
- Serendipity 2.0.1: Blind SQL Injection
- Serendipity 2.0.1: Persistent XSS
- Serendipity 2.0.1: Code Execution
- NibbleBlog 4.0.3: Code Execution
- NibbleBlog 4.0.3: CSRF
- Phorum 5.2.19: Reflected XSS (IIS only) and Open Redirect
- Bolt 2.2.4: Code Execution
- ModX Revolution 2.3.5-pl: Reflected Cross Site Scripting Vulnerability
- CodoForum 3.3.1: Multiple SQL Injection Vulnerabilities
- CodoForum 3.3.1: Multiple Cross Site Scripting Vulnerabilities
- BigTree CMS 4.2.3: Multiple SQL Injection Vulnerabilities
- BigTree CMS 4.2.3: Multiple Cross Site Scripting Vulnerabilities
- Anchor CMS 0.9.2: XSS
- Zen Cart 1.5.4: Code Execution and Information Leak
- ZeusCart 4.0: XSS
- ZeusCart 4.0: SQL Injection
- ZeusCart 4.0: Code Execution
- ZeusCart 4.0: CSRF
- Pligg CMS 2.0.2: Code Execution & CSRF
- Pligg CMS 2.0.2: Directory Traversal
- Pligg CMS 2.0.2: Multiple SQL Injections
- SQL Buddy 1.3.3: CSRF
- SQL Buddy 1.3.3: XSS
- Chyrp CMS 2.5.2: XSS
- MiniBB 3.1.1: XSS
- MyWebSQL 3.6: CSRF
- OpenCart 2.0.3.1: CSRF