AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Empty Password in Connection Strings

The attacker can access confidential resources without using any password

Severity

Medium

Fix Cost

Medium

Trust Level

High

Configuration files are the one of the most popular storage areas to place resource credentials, such as database passwords, ldap connectivity passwords, etc.

Below snippet shows such a configuration piece including using empty password to connect to remote database server.

                            
<connectionStrings>
<add name="mydbcon" connectionString="Data Source= tcp:10.10.2.1,1434; Initial Catalog = mydb; User ID=myuser;Password=;" />
…
            
            

This will enable brute force or dictionary attacks more practical and easy to employ by attackers.

Application servers’ data source management administrator interfaces’ are one of the most popular places where database connection strings including credentials are stored. However, it is also popular to use code to initialize connections by providing database connection strings and credentials.

Below snippet shows such a configuration piece including using empty password to connect to remote database server.

            
try
{
Class.forName("com.mysql.jdbc.Driver").newInstance();
String url = "jdbc:mysql://10.12.1.34/augment");
conn = DriverManager.getConnection(url, username,"");
doUnitWork();
}
catch(SQLException se)
{
//
}
finally
{
// manage conn
}
                 
            

This will enable brute force or dictionary attacks more practical and easy to employ by attackers.

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!