Code vulnerabilities on applications

elastic-sloth · October 21, 2019, 3:52pm

Hi everyone,
I wanted to know, what should be the first thing to test on code? which key words should I look for? or what are the most common vulnerabilities on a source code

Thanks!

roaring-lamport · October 21, 2019, 8:08pm

Seems duplicate. Since replies are already in the other thread, this one can be deleted.

peaceful-jennings · October 21, 2019, 8:17pm

I don’t think so roaring
this one is for code and the other one is more focused on app, isn’t it?

martial-wolf · October 24, 2019, 11:44pm

The most common vulnerabilities found in code are the following:

FIN.0001. SQL Injection

Search for select or insert concatenated in strings

FIN S.0011. Use of components with known vulnerabilities

Use asserts to check the code for vulnerable dependencies or something like source clear

FIN.S.0020. Absence of encryption of confidential information

Look for strings like key,user,pass,aws, secret in the code, also you can check the git history using truffleHog for credentials

FIN S.0026. User enumeration

Find the login and register functions on the code and check if the error messages says that the users are invalid somehow

FIN.S.0024. Unrestricted access between network segments

If you find for example database credentials, check whether you can connect to it from internet without special permissions. Also if is IaC you can check if someone can connect to administrative ports like 22 from 0.0.0.0

FIN S.0034. Insecure random number generation

Search for insecure random functions like math.random

FIN S.0035. Weak Credential Policy

Find the register or the change password function to check the password policy, you can use this rule

FIN S.0039. Use of web services without authorization

Try to use web services listed on the code without authentication, specially the ones that get data from a database

FIN S.0048. Lack of detection of rooted systems

If it is an application, look for root or jailbreak in the code and if they validate those states

FIN S.0052. Unsafe Encryption Algorithm

Search in the code the usage of insecure algorithms like 3des or blowfish

FIN S.0053. Absence of protection against brute force attacks

Look for the login page and check if there is a captcha

FIN.H.0060. Insecure exceptions

Check the code of generic exceptions but you need to be sure that they are not managing exceptions upwards in the code

FIN.H.0061. Errors without traceability

Check the code for captcha functions without a call to a log but you need to be sure that they are not saving the event upwards in the code

FIN S.0063. Improper input validation

Search in the code words like valid and check those functions

FIN.H.0073. Conditional without default option

Search in the code for switch without a default case

FIN.0074. Functional code commented

Simply check for commented portions of code

FIN.S.0078. Insecure token generation

Search for keywords like token or jwt and check how it’s generated

FIN.H.0079. Non-upgradeable dependencies

Check if there are libraries installed directly in the source code

There are more vulnerabilities that can be found on code, but these are the easiest to find and the first that need to be checked in every project

Topic		Replies	Views
Tips for searching vulnerabilities hacking question	4	716	July 3, 2019
Common vulnerabilities on web applications hacking question	3	852	October 24, 2019
Are there any vulnerabilities? hacking question	3	395	October 22, 2019
Test DB sensitive information on source code hacking question	1	321	August 23, 2019
Insecure channel found in source code hacking question	2	301	August 6, 2019

Code vulnerabilities on applications

Related Topics