Table of Contents

DESCRIPTION                                                                                                      1

GOALS                                                                                                                  1

DOCUMENTATION USES                                                                                    1

TABLE OF CONTENTS                                                                                        2

OVERVIEW                                                                                                            4

BACKGROUND                                                                                                     5

CONTRIBUTORS                                                                                                  6

CHECKLIST                                                                                                          7

CLASSES OF ATTACK                                                                                      10

1 Authentication

10

1.1 Brute Force

10

1.2 Insufficient Authentication

11

1.3 Weak Password Recovery Validation

12

2 Authorization

14

2.1 Credential/Session Prediction

14

2.2 Insufficient Authorization

16

2.3 Insufficient Session Expiration

17

2.4 Session Fixation

18

3 Client side Attacks

21

3.1 Content Spoofing

21

3.2 Cross site Scripting

24

4 Command Execution

27

4.1 Buffer Overflow

27

4.2 Format String Attack

28

4.3 LDAP Injection

30

4.4 OS Commanding

33

4.5 SQL Injection

36

2

Copyright 2004, Web Application Security Consortium. All rights reserved.