AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Insecure Basic Authentication

The attacker can access username and passwords in cleartext

Severity

Critical

Fix Cost

Medium

Trust Level

High

Basic authentication is a widely used and oldest authentication technique being inherently insecure. For example, the below HTTP request includes Basic Authentication credentials entered by the end user in Authorization header encoded in Base64.

                            
GET /index.html HTTP/1.1
Host: www.abc.com
Authorization: Basic a2VtYWw6aXN0YW5idWw=
            
            

An attacker intercepting (if SSL is not used) this message can easily decode the value and gather the username and password in cleartext.

The code snippet below uses backend to backend HTTP connection without SSL using Basic Authentication and therefore open to man-in-the-middle attacks.

            
var credentials = new NetworkCredential(username, password);
var credentialCache = new CredentialCache();
credentialCache.Add(uri, "Basic", credentials);

WebRequest request = WebRequest.Create(url);
request.Credentials = credentials;
                

Basic authentication is a widely used and oldest authentication technique being inherently insecure. For example, the below HTTP request includes Basic Authentication credentials entered by the end user in Authorization header encoded in Base64.

            
GET /index.html HTTP/1.1
Host: www.abc.com
Authorization: Basic a2VtYWw6aXN0YW5idWw=
                 
            

An attacker intercepting (if SSL is not used) this message can easily decode the value and gather the username and password in cleartext.

The code snippet below uses backend to backend HTTP connection without SSL using Basic Authentication and therefore open to man-in-the-middle attacks.

            
URL url = new URL(targetServer);
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
String creds = username + ":" + password;
String basicAuth = "Basic " + new String(new Base64().encode(creds.getBytes()));
conn.setRequestProperty ("Authorization", basicAuth);
                
            

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!