html input hidden field poor usage can lead to major Web vulnerability

E-commarce, Online Premuium Service providers and many others uses payment medium to get the payment using CC,Net Banking etc. Payment Gateways are the Integration layer between the web application and the Banking service layer. These gateways are mostly the loosely coupled,third party source code provided by the authorized Payment Gateway Providers. Ex of Payment gateways are paypal,authorize,securepay.

Once i found a serious issue on all the applications of a matrimonial website. The payment medium was suffering from CSRF that was leading to access to their premium services for free. I contacted the organization regarding the same and reported the issue upfront. Although I wasn’t expecting any thing much in return but being a very good startup , they should have given something for the the issue that may have lead to a serious loss to them. Those greedy , smart executives pulled out all the Bug information from me and called me cya in the end. 😛

On the similar line , the demo issue is explained below.

Continue reading

Email spamming; Fixing email spamming

Token system can be used to avoid spamming. Using token , the server side code will be able to authorize the request before processing.

1. Create the token[long alphanumeric number] on page load on server side and send it to client where it will be a hidden input.
2. Create a session-variable and store the token value in it.
3. Client when requesting again will send the hidden input token with HTTP request.
4. On server side the session-variable token and the token from client side will be match.
5. If matched then process the request and create a new token again and also store it to session-variable.
6. if not matched the throw error message.

Try the application. Below is the Demo link and the source code.

Demo Download source

Spamming vulnerable application; Phone spamming; email spamming

Spamming is the common issue found in the web apps. Mostly the modules of the application like notification sent on “email/phone” or operations performed like “database insertion/file creation on server” are the places where spamming can me done when vulnerable.

If the application is not able to identify the forged request and the same request is entertained by the application several times then the attacker can use it to spam a registered user or any user depending upon the applications behavior.

Below is the demo link and source to the spamming vulnerable app.

Demo Download source

Web service Security{REST/SOAP}

  • Basic Authentication: Sending Base64-encoded combination of username:password to the Webservice  server. ex: base64(vaibs:polo) will be something like  “NJjks2njL8” . On server side the same info will be decoded to check for the authentication with database/LDAP/Any other Auth medium. More secure ways to authenticate is Digest(MD). Client send md5 hashe username:password combination to the WS server. WS server

Continue reading

New and enhanced feature in JDK family [covered jdk 1.5 to 1.8]

What’s new in JDK 1.5 over 1.4 !

1. Generics {Compile}
2. Annotations {suppress ,override, deprecated….}
3. Enumerations
4. Variable arguments{void test(String…)}
5. Changes in concurrency utilities.Now includes high-level concurrency APIs.{ java.util.concurrent}
6. Autoboxing and Unboxing
7. Static imports {less keystrokes/time and the same outcomes.}
8. forEach loop {Beautify the existing for loop usage while iterating over collections}

Continue reading

Form submission using LifeRay MVC

Came around a task to raise Jira tickets and view existing Jira tickets using Liferay Framework. Started with creating two POC.

First POC is Portlet with Task submission that goes directly into schema on MYSql using Liferay MVC.

Covered:
Liferay Portlet Form
Liferay MVC Data Layer with MYSql

Project structure screenshot at the bottom.
Lets Create a new Portlet named IssueLiferayMVC.
Follow link to create one. Creating a new Portlet

 

Lets create jsp form containing inputs related to a task/Bug. Make the entries by replacing view.jsp with raise_issue.jsp

Continue reading

Switching from HSQL to MySQL or any other DB in Liferay

Lets Switch from existing HSQL to MySQL.

Simplest way of switching database is to use a property file named portal-ext.properties.Way to override the existing features can be written into this file.

Go to Liferay tomcat directory->WEB-INF->classes. Their you find the file portal-ext.properties.
In case you don’t find it,create a new file named portal-ext.properties.
Add the below database configuration parameters to run LFRay on MySQL.

Continue reading