This will close the vulnerability, because the attacker can’t break out of the statement anymore.
Broken AuthenticationWhen you offer user authentication on your website, the server identifies the user with an unique Session ID or JWT.
If the attacker steals the Session ID (Session Hijacking) of your victim, he can send requests to your server with that unique Session ID.
Your server would think, the request is coming by your victim.
PreventionSession IDs should timeout: User sessions or authentication tokens should be properly invalidated during logout.
Do not send credentials over unencrypted connections: Passwords, session IDs, and other credentials should not be sent over unencrypted connections.
Maybe add some more identification rules to the server.
For example restrict the Session ID to be only used by the IP, which generated the Session ID.
XSS (Cross-Side-Scripting)XSS allows mailicous code to be added to a webpage, for example by a user comment.
When a user adds a comment to a webpage, the site will save this comment to the database.
When other users want to see the comment, the webpage writes out the code in an HTML document.
The problem with that is, that a mailicous user could enter content that includes HTML entities like the <script> Tag.
PreventionXSS is very simple to prevent.
The easiest way is to escape user input.
Escaping data means taking the data an application has received and ensuring it’s secure before rendering it for the end user.
Or you could validate the user input:The theory goes like this: Expect any untrusted data to be malicious.
What’s untrusted data?.Anything that originates from outside the system and you don’t have absolute control over so that includes form data, query strings, cookies, other request headers, data from other systems (i.
from web services) and basically anything that you can’t be 100% confident doesn’t contain evil things.
” — Troy Hunt4.
Using Web components with known vulnerabilitiesNowadays as a developer you don’t develop just with writing code.
There are so many packages and dependencys you can/have to include into your project, doing so much work for you — thanks to open source!However: The more packages/dependencies you include in your project, the more doors your potentially open!PreventionKeep your packages up to date!.Often when a development project is finished and running in production developers get new projects and the old projects runs, runs and runs.
But by the time, dependency vulnerabilities get fixed.
But if you don’t update them in your project, those vulnerabilities stay open for the attacker.
There are great tools for automating finding & fixing vulnerabilities in your dependencies.
You should definitly check out Snyk.
io!Open Source Security Platform | SnykSnyk helps you use open source and stay secure.
Continuously find and fix vulnerabilities for npm, Maven, NuGet…snyk.
Sensitive Data ExposueFirst: Always encrypt sensitive data.
You don’t want to store credit card numbers, health data or passwords in plain text!.If data is stored or transfered as plain text, if older/weaker encryption (please dont use md5 anymore) is used, or if data is decrypted carelessly, attackers can gain acces and exploit the data.
If you dont use SSL encryption on your page, the attacker can sniff every packages transfered over WLAN without even connection to it!.Like Session IDs, Form data like username/password etc.
PreventionEncrypt sensitive data and define accessibilityUse SSL/TSL !Final WordsOver the time, web security has become increasingly important.
Nowadays we transfer our most sensitive data like health or financial data through the internet.
If you want to keep your systems safe against attacks, regulary check your applications for vulnerabilitys.
You should definitly have a look at OWASP, offering the most important vulnerabilities.
OWASPThere are thousands of active wiki users around the globe who review the changes to the site to help ensure quality.
orgComing soon: For this article I developed a crappy web application (regarding web security) vulnerable for attacks like XSS or SQL Injection.
I am going to make a public github repository including the source code and explanations for how to attack the site and how to fix those vulnerabilities.
Stay safe!Don’t forget to clap ????.if you like this article.