Cyber Security / Ethical Hacking
  • Prologue
  • CTF/OSCP Prep
    • Fundamentals
      • Linux
        • Basics
        • Bash Scripting
      • Windows
        • Basics
        • PowerShell
          • Scripting
        • CMD
      • Kali Survivor Skills
    • Information Gathering
      • Passive Recon
      • Active Recon
    • Enumeration
      • Common Ports
      • Vulnerability Analysis
    • Exploitation
      • Shells
  • Binary Exploitation / Exploit Development
    • Useful tools and techniques for Binary Exploitation
    • Shellcoders Handbook
      • Chapter 2 - Stack Overflows
        • Linux Buffer Overflow With Command Injection
        • Linux Buffer Overflow Without Shellcode
      • Chapter 3 - Shellcode
  • TryHackMe
    • Linux Fundamentals
      • Linux Challenges
      • RP: tmux
      • Common Linux Privesc
    • Advent of Cyber
      • Inventory Management
      • Arctic Forum
      • Evil Elf
      • Training
      • Ho-Ho-Hosint
      • Data Elf-iltration
      • Skilling Up
      • SUID Shenanigans
      • Requests
      • Metasploit-a-ho-ho-ho
      • Elf Applications
      • Elfcryption
      • Accumulate
      • Unknown Storage
    • Web Application Security
      • Web Fundamentals
      • Juice Shop
      • WebAppSec 101
    • Linux Privesc Playground
    • Intro to x86-64
    • Ninja Skills
    • CC: Radare2
    • Reversing ELF
    • Intro to Python
    • ToolsRus
  • Programming
    • Python
      • Simple TCP Port Scanner/ Banner Grabber
      • Botnet
      • Keylogger
      • Nmap Scanner
    • Golang
      • Execute Commands
      • MAC changer
      • TCP Port Scanner
      • TCP Port Scanner (improved with goroutines)
      • GoNmap Scanner
  • Protostar
    • Stack 0
    • Stack 1
    • Stack 2
  • Web App Pentesting
    • Recon
    • Authentication (Portswigger Academy)
      • Vulnerabilities in password-based login
        • Username Enumeration via different responses
        • Username enumeration via subtly different responses
        • Username enumeration via response timing
        • Broken brute-force protection, IP block
        • Username enumeration via account lock
        • Broken brute-force protection, multiple credentials per request
      • Vulnerabilities in multi-factor authentication
        • 2FA simple bypass
        • 2FA Broken Logic
        • 2FA bypass using a brute-force attack
      • Vulnerabilities in other authentication mechanisms
    • Broken Acess Controls
      • Insecure direct object references (IDOR)
        • Insecure direct object references lab
  • HackTheBox
    • Active
      • Untitled
      • Blunder
Powered by GitBook
On this page
  • How do Vulnerabilities arise?
  • What is the impact?
  • Vulnerabilities in different authentication mechanisms

Was this helpful?

  1. Web App Pentesting

Authentication (Portswigger Academy)

Authentication is the process of verifying the identity of a given user or client.

Different types of authentication can be categorized into three authentication factors:

  1. Something you know, such as a password or the answer to a security question -> knowledge factor

  2. Something you have, such as a mobile phone or security token -> possession factor

  3. Something you are, such as biometric features or patterns of behaviour -> inherence factors.

How do Vulnerabilities arise?

Most vulnerabilities in authentication mechanisms arise in one of two ways:

  • The authentication mechanisms are weak because they fail to adequately protect against brute-force attacks.

  • Logic flaws or poor coding allow the authentication mechanism to be bypassed entirely by an attacker -> Broken Authentication

Since authentication is so critical to security, logic flaws in it will expose the website to elevated security issues.

What is the impact?

Authentication vulnerabilities can be severe, because:

  • Once the attacker has bypassed authentication or brute-forced his way into other user's account, he has access to all the data and functionality that the compromised account has.

  • If the attacker compromises high privileged accounts, such as system administrator, they can take full control over the application and may gain access to the internal infrastructure.

  • The attacker can access sensitive business information even with a low-privileged account

  • The attacker may access other pages that increase the attack surface.

Vulnerabilities in different authentication mechanisms

Authentication systems consist of several distinct mechanisms where vulnerabilities occur. Some vulnerabilities are broadly applicable across all of these contexts, whereas others are more specific to the functionality provided.

Areas with the most common vulnerabilities:

PreviousReconNextVulnerabilities in password-based login

Last updated 4 years ago

Was this helpful?

Vulnerabilities in password-based login
Vulnerabilities in multi-factor authentication
Vulnerabilities in other authentication mechanisms