Image for post
Image for post

· What is Two-Factor Authentication?

As name indicates two factor, it means we needs authentication of two layers in order to access any application/resource. Like first entering the password and then entering the a code or something sent to the mobile by the application we usually call it 2 Factor Authentication (2FA)

As breach towards credentials are more common, so company wants extra protection. For this company generally ask:

i. Asking Couple of security question which you entered at the time of registrations

ii. Sending OTP on your registered mobile no

iii. Authenticating you by using google authenticator

iv. Asking to click on a link…


Image for post
Image for post

Content Security Policy (CSP):

CSP plays a very important role in protecting the content displaying it. It simply decide from where content should have to fetch in our application. It adds extra layer of protection that helps in identification and mitigation of content injection vulnerability.

If an unauthorized person wants to inject their content to take the benefits from application, such as can exploit application with XSS, which is sending cookie to a different domain or clickjacking vulnerability, then it will show a error and do not let the application make the request to those arbitrary domain.

CSP by default blocks string evaluation function…


Image for post
Image for post

Now days wireless security have same importance as physical security because most of the devices by which we communicate are connected to wireless networks. So let us explore what is wireless, how devices connected to them and how we can secure them. In not only office, home but everywhere we can see the role of wireless and its importance in life of human.

What is Wireless network ?

In Wireless, network data travels over air with the help of electromagnetic radio waves and it also a type of “unguided media” as the signal gets propagated in the air without any guidance. We can see the…


Image for post
Image for post

NFC and RFID both works on wireless technology and both needed tags and reader as a component to work. NFC is newer than RFID but to work on NFC we needed high frequency of RFID. Let us explore both in depth.

· Radio Frequency ID /RFID:

As name indicates “Radio Frequency ID”, this technology uses radio waves to identify Objects. It has 2 main components :

I. Tags: That have encoded information. Tags can be active or passive. These tags have antenna or small chip and they comes in different sizes or shapes.

i. Active tags needs batteries.

ii. Passive tags powered by readers and…


Image for post
Image for post

What is AWS?

AWS Stands for Amazon Web Services that provides service over cloud such as managing Data centers so user do not need to deploy physical servers. Aws provide all those facility that are needed by user to run an application. It provides all the services such as monitoring, logging and much more over the cloud and that too on pay per use basis.

As per AWS responsibility model (Where mentioned what services are managed by user and what are managed by AWS) so, authorization must be handles by user only.

What is Access Keys?

To protect the account or to reduce the surface of attack…


Image for post
Image for post

Docker

Docker icon image tells us a ship with package loaded. why this type of icon? Similarly, Docker is used packing s/w or applications, ship them to end user, not only ship them but also provide platform to run those application in virtual environment. Docker achieve all these with the help of container and we can build containers with the help of images.

Docker works on client-server architecture.

Advantage

· Docker container run on top of host operating system that increases its performance.

· Docker are more secure as compare to VM.

Container

Main aim of container are to provide isolation also…


Image for post
Image for post

What is WebSocket ?

For communication between client and server, we usually use HTTP protocol where server respond to the client request but if we talk about weather, gaming application that keeps changing in a very short span of time we need something different. Therefore, we use web-sockets to make this communication faster. If a data gets changes on the server side there is not interaction such as page refresh or something is not required from the user side they can updated automatically.

In web-socket, there is a 2-way communication like HTTP Protocol but server can initiate connection without the request generated by client…


Image for post
Image for post

Cookie:

To identify user and maintain the session are issued by the website and these are stored in your file storage by your browser. Cookies are created when user browse any website just to keep track of your movements within that website, remembering your login. Cookie allow server to store and retrieve data from the client the data can be such as a unique id assigned to client by the website etc.

Type: There are two types of cookie:

· Session cookie: It is used to check authenticity of user and are only assigned when your logs into the website.

·…


Image for post
Image for post

Before moving to further we must familiar with CSRF. Please check my previous blogs on CSRF.

https://gupta-bless.medium.com/exploiting-csrf-as-a-privilege-escalation-vulnerability-58bf0673cb88

https://medium.com/p/csrf-while-creating-group-albums-with-public-rights-ddb7d87e52c8

To protect against CSRF attack most of the application uses CSRF token protection with a token of very high entropy, besides CSRF token some applications uses referrer header validation to protect against CSRF attacks.

Referrer Header:

While accessing any application “referrer header” helps server to recognize from where request is coming or who is originator of the request. …


Image for post
Image for post

OAuth/Open Authentication:

Before moving further for exploitation, we must familiar ourselves with OAuth. For this, please do check previous blog of mine i.e.

Working/Exploiting:

There is an application that allows users to log in via social media. It uses OAuth to do the authentication of the user from a social media website.

As I click on “Login with social media,” it redirects me to a login page. After providing the credentials, it redirects to the website and authentication was successful, intercept the login request using burp suite.

Intercepted request looks like of the OAuth look like:

Gupta Bless

Security enthusiast working to secure web for others https://twitter.com/BoredSecEngg

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store