Lukas Vileikis

We have all seen search forms, haven’t we? Take a look at mine: The above search form is pretty basic – when a search query is provided, the page will respond with “You’ve searched for …” and display the results. This search form does not have anything unusual compared to the other search forms out there – except that it does not sanitize the input.. What happened here is we have entered a different search term. Here’s what was provided: <script>alert(“2017…

Read More Read More

Web applications can be susceptible to all sorts of vulnerabilities: a web application can be vulnerable to at least one of the 2017 OWASP Top 10 vulnerabilities, it can have remote or local file inclusion flaws or be vulnerable to other types of weaknesses. A web application can even be compromised by utilizing social engineering – there are all sorts of ways. With that being said, web applications can also be configured in ways that make them vulnerable. Such a vulnerability is…

Read More Read More

Let’s take a scenario like so: I have a web application that allows people to buy software I created – after a person has bought the software, an account must be made. After the individual creates an account, the software can be downloaded. After the purchase, the customer is also granted access to some resources available exclusively to customers. Should any issues arise, support tickets can be lodged. Now imagine you’re an attacker who wants to gain access to the resources available…

Read More Read More

Ever processed XML files in your web application? If you did, you probably parsed their contents. And if you parsed their contents, your web application might have been vulnerable to an attack known as XML External Entities (XXE). What is XXE? An XXE attack is a security vulnerability often found in XML parsers. An XML External Entities attack often exploits the XML parsing functionality in a web application making it parse data of interest to an attacker. How does it…

Read More Read More

There is a lot of exposed data floating on the web. People hear about such events all the time – it seems like data breaches are becoming more and more common. With data breaches being so prevalent, one would expect people should protect their data better. However, with many developers underestimating the importance of protecting private data, this isn’t always the case – when developers fail to adequately protect data, sensitive data exposure might occur. Sensitive data exposure is currently…

Read More Read More

While browsing the web, you click on a link. The link leads you to a page like this: Looks like a usual login page, right? Let’s try logging in. You go off to Discord and your friend asks for the URL of the login page, you provide him with this: http://localhost/2017-owasp-top-10/2/member.php?sessionid=3g7qpol6t8an9f81rk9m8imrj2 Your friend clicks on the URL and.. Wait – he’s logged in? He did not authenticate, how is this possible? To understand why this happened, we need to jump…

Read More Read More