0.131
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.130
0.232
Scenario
Application Impersonation
The server certificate assures that the server is not an impersonated agent trying to deceive the user.
An attacker could use this vulnerability to steal sensitive data from the user or make them transfer money.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.004
When
I connect to "http://localhost.:8000/accounts/login"
0.000
Then
the connection should be secure
0.232
java.lang.AssertionError:
Expecting actual:
sun.net.www.protocol.http.HttpURLConnection:http://localhost.:8000/accounts/login
to be an instance of:
javax.net.ssl.HttpsURLConnection
but was instance of:
sun.net.www.protocol.http.HttpURLConnection
at io.github.multicatch.cucumber.audit.ProtocolInspectionStepDefs._init_$lambda$2(ProtocolInspectionStepDefs.kt:22)
at ✽.the connection should be secure(classpath:io/github/multicatch/cucumber/audit/Authentication_Page.feature:14)
0.007
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.007
1.062
Scenario
Session Hijacking Through XSS
During an XSS attack, the session cookie could be stolen if it's accessible through JavaScript.
The attacker then could gain access to the user session and use their account to authorize in other applications.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response headers are under inspection
0.374
And
cookies are cleared
0.009
When
I go to "http://localhost.:8000/accounts/login"
0.658
Then
the "Set-Cookie" response header should contain "HttpOnly"
0.018
java.lang.AssertionError:
Expecting any elements of:
[]
to match given predicate but none did.
at java.base/java.util.Optional.orElseThrow(Optional.java:403)
at io.github.multicatch.cucumber.audit.ResponseInspectionStepDefs._init_$lambda$6(ResponseInspectionStepDefs.kt:35)
at ✽.the "Set-Cookie" response header should contain "HttpOnly"(classpath:io/github/multicatch/cucumber/audit/Authentication_Page.feature:24)
0.014
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.014
0.142
Scenario
Exploitation of System Software Information In Headers
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The "Server" and "X-Powered-By" headers provide information about technology that
is used on the server side. Disabling them makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response headers are under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login"
0.141
Then
the "Server" response header should not contain numbers
0.000
And
the "X-Powered-By" response header should not contain numbers
0.000
0.008
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.008
0.060
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.059
Then
the response should not contain "nginx"
0.000
0.015
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.015
0.043
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.042
Then
the response should not contain "Apache"
0.000
0.008
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.008
0.100
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.100
Then
the response should not contain "ASP.NET"
0.000
0.033
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.033
0.038
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.037
Then
the response should not contain "Django"
0.000
0.016
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.016
0.029
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.028
Then
the response should not contain "HTTP Server"
0.000
0.008
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.008
0.088
Scenario
Exploitation of System Architecture Information On Error Pages
Usually the server software prints stack traces on error by default. This is a debug feature that should be
disabled when running the software in production. The stack trace may provide information about architecture
and used libraries that can be used by an attacker to exploit known vulnerabilities.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I use a "POST" HTTP method
0.000
And
I add a "Authentication" header with value "!Unsupported"
0.000
And
I add a "Content-Type" header with value "application/unsupported"
0.000
And
I make a request to "http://localhost.:8000/accounts/login/?error=1283927"
0.087
Then
the response should not contain "Exception"
0.000
And
the response should not contain "Stacktrace"
0.000
And
the response should not contain "Traceback"
0.000
And
the response should not match ".*[a-zA-Z0-9.]+:[0-9]+\).*"
0.000
And
the response should not match "(?i).*line [0-9]+.*"
0.000
And
the response should not match "(?i).*debug.*"
0.000
0.008
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.008
0.001
Scenario
User Deception with Modified Responses
If the communication is unencrypted, there is a risk that an attacker could use a Man-in-The-Middle attack
to modify responses. They may use a modified page to make user think they authorize a different application.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
When
I connect to "http://localhost.:8000/accounts/login"
0.000
Then
the connection should be secure
0.000
java.lang.AssertionError:
Expecting actual:
sun.net.www.protocol.http.HttpURLConnection:http://localhost.:8000/accounts/login
to be an instance of:
javax.net.ssl.HttpsURLConnection
but was instance of:
sun.net.www.protocol.http.HttpURLConnection
at io.github.multicatch.cucumber.audit.ProtocolInspectionStepDefs._init_$lambda$2(ProtocolInspectionStepDefs.kt:22)
at ✽.the connection should be secure(classpath:io/github/multicatch/cucumber/audit/Authentication_Page.feature:79)