Nuta
Dostęp do tej strony wymaga autoryzacji. Możesz spróbować się zalogować lub zmienić katalog.
Dostęp do tej strony wymaga autoryzacji. Możesz spróbować zmienić katalogi.
These are the questions and the search criteria I use to identify authorization vulnerabilities in the code beyond web.config <authorization> node.
- How does the code protect access to page classes?
Attributes
Search for PrincipalPermission attributes. If there is no match, the code does not perform standard authorization checks.
findstr /S /I "PrincipalPermission" *.cs
Empirical checks
Search for empirical IsInRole calls. If there is no match, the code does not perform standard authorization checks.
findstr /S /I "IsInRole" *.cs
Rolemanager
Search for empirical IsUserInRole calls for Rolemanager API. If there is no match, the code does not perform standard authorization checks.
findstr /S /I "IsUserInRole" *.cs
- Does the code use Server.Transfer?
When the code uses Server.Transfer it may improve performance but potentially it may pose a threat of elevation of privileges, more info is here Performance Gain - Security Risk
findstr /S /I "Transfer" *.cs
Related posts
- Security Code Review – String Search Patterns For Finding Input Validation Vulnerabilities
- Security Code Review – String Search Patterns For Authentication Vulnerabilities
- SOA, Strong Authentication, Standard Authorization - Cool Solution
- Authentication Hub
Comments
- Anonymous
July 24, 2008
PingBack from http://blog.a-foton.ru/2008/07/security-code-review-%e2%80%93-string-search-patterns-for-authorization-vulnerabilities/