OWASP Top 10 part 3: Injection

21 October 2024 3 minutes Author: Lady Liberty

Injections are vulnerabilities that allow attackers to inject malicious code or data into an application that causes unwanted or dangerous behavior.

1. SQL injection

  • Description: A vulnerability that allows attackers to inject SQL code into database queries.

  • Example: A web application that uses user input to form SQL queries without proper validation, allowing an attacker to execute arbitrary SQL queries.

2. Team injections

  • Description: A vulnerability that could allow an attacker to inject operating system commands.

  • Example: An application that executes system commands based on user input, allowing an attacker to execute unwanted commands.

3. XSS (Cross-Site Scripting)

  • Description: A vulnerability that could allow an attacker to inject malicious JavaScript code into web pages that are then executed in other users’ browsers.

  • Example: An application that displays user input without proper sanitization, allowing an attacker to inject malicious code.

 Blue team

Cross-Site Scripting (XSS)

XSS (Cross-Site Scripting) is a vulnerability that allows an attacker to inject malicious script into a web page that is executed in the victim’s browser. This can lead to the theft of session cookies, changes to the content of the page, or redirecting the user to a malicious site.

An attacker can inject JavaScript code that performs unwanted actions, such as stealing cookies or redirecting the user.

Blue team

To prevent XSS attacks, ensure input and output sanitization:

  1. Input sanitization: Use htmlspecialchars() to sanitize data received from the user.

  2. Output sanitization: Use functions that automatically escape the output, such as htmlspecialchars() in PHP or autoescaping in the Twig or Blade template engines.

  3. HTTP Only flag: Use the HTTP Only flag for cookies to prevent access to them via JavaScript.

Red team

Theft of cookies:

Forgery of page content:

2. SQL Injection

 Blue team

SQL Injection is a vulnerability where an attacker can inject malicious SQL code into database queries, allowing data to be accessed, modified, or deleted.

Red team

Dangerous SQL query:

Blue team

Preventing SQL Injection:

Use prepared statements:

Red team

An attacker can inject malicious code into $someString:

Vulnerable code
Secure code

3. HTTP Parameter Injection

Blue Team

HTTP Parameter Injection is a vulnerability that occurs when an attacker modifies HTTP request parameters to gain unauthorized access or change data.

Red Team:

Vulnerable code that allows changing parameters:

File Related Issues

 Blue Team

File vulnerabilities can occur due to improper processing or validation of files that are uploaded by users or due to vulnerabilities in web servers.

Red Team

Using require() and include() in PHP:

An attacker can include a malicious file, for example: http://attacker.site/malicious.php.

Weak file validation:

An attacker can use ../ to navigate to unwanted directories.

Other related articles
OWASP Top 10
Read more
OWASP Top 10 part 1: Broken Access Control
Broken Access Control is one of the most dangerous vulnerabilities in the OWASP Top 10 list, which allows attackers to bypass access control mechanisms, gain access to sensitive data, and perform unauthorized operations.
387
Found an error?
If you find an error, take a screenshot and send it to the bot.