0.142
Scenario
Exploitation of System Software Information In Headers
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The "Server" and "X-Powered-By" headers provide information about technology that
is used on the server side. Disabling them makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response headers are under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login"
0.141
Then
the "Server" response header should not contain numbers
0.000
And
the "X-Powered-By" response header should not contain numbers
0.000
0.060
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.059
Then
the response should not contain "nginx"
0.000
0.043
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.042
Then
the response should not contain "Apache"
0.000
0.100
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.100
Then
the response should not contain "ASP.NET"
0.000
0.038
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.037
Then
the response should not contain "Django"
0.000
0.029
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.028
Then
the response should not contain "HTTP Server"
0.000
0.088
Scenario
Exploitation of System Architecture Information On Error Pages
Usually the server software prints stack traces on error by default. This is a debug feature that should be
disabled when running the software in production. The stack trace may provide information about architecture
and used libraries that can be used by an attacker to exploit known vulnerabilities.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I use a "POST" HTTP method
0.000
And
I add a "Authentication" header with value "!Unsupported"
0.000
And
I add a "Content-Type" header with value "application/unsupported"
0.000
And
I make a request to "http://localhost.:8000/accounts/login/?error=1283927"
0.087
Then
the response should not contain "Exception"
0.000
And
the response should not contain "Stacktrace"
0.000
And
the response should not contain "Traceback"
0.000
And
the response should not match ".*[a-zA-Z0-9.]+:[0-9]+\).*"
0.000
And
the response should not match "(?i).*line [0-9]+.*"
0.000
And
the response should not match "(?i).*debug.*"
0.000
0.000
Scenario
Confidential Data Eavesdropping
HTTP communication is unencrypted and thus prone to eavesdropping via Man-in-The-Middle Attacks.
HTTPS is recommended for safe exchange of confidential information such as passwords or tokens.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
When
I connect to "http://localhost.:8000/accounts/login"
0.000
Then
the connection should be secure
0.000
java.lang.AssertionError:
Expecting actual:
sun.net.www.protocol.http.HttpURLConnection:http://localhost.:8000/accounts/login
to be an instance of:
javax.net.ssl.HttpsURLConnection
but was instance of:
sun.net.www.protocol.http.HttpURLConnection
at io.github.multicatch.cucumber.audit.ProtocolInspectionStepDefs._init_$lambda$2(ProtocolInspectionStepDefs.kt:22)
at ✽.the connection should be secure(classpath:io/github/multicatch/cucumber/audit/Authentication_Request.feature:14)
0.576
Scenario
Exploitation of Database Management System Information
Unhandled database errors may lead to disclosure about database system version. This may be used to prepare
an attack that uses known system vulnerabilities and characteristics of used DBMS.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.183
And
the response content is under inspection
0.000
When
I enter "' UNKNOWN SYNTAX; -- ." into a field selected by "input[name='username']"
0.042
And
I enter "' UNKNOWN SYNTAX; -- ." into a field selected by "input[name='password']"
0.026
And
I click on "form input[type='submit']"
0.323
Then
the response should not contain "SQL"
0.000
And
the response should not contain "Exception"
0.000
And
the response should not contain "Stacktrace"
0.000
And
the response should not contain "Traceback"
0.000
And
the response should not match ".*[a-zA-Z0-9.]+:[0-9]+\).*"
0.000
And
the response should not match "(?i).*line [0-9]+.*"
0.000
And
the response should not match "(?i).*debug.*"
0.000
0.389
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.110
And
the response content is under inspection
0.000
When
I enter "' OR sleep(5000) -- ." into a field selected by "input[name='username']"
0.027
And
I enter "' OR sleep(5000) -- ." into a field selected by "input[name='password']"
0.015
And
I click on "form input[type='submit']"
0.234
Then
the response time should not be longer than 5000 ms
0.000
0.445
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.097
And
the response content is under inspection
0.000
When
I enter "' || dbms_pipe.receive_message(('a'), 5) -- ." into a field selected by "input[name='username']"
0.037
And
I enter "' || dbms_pipe.receive_message(('a'), 5) -- ." into a field selected by "input[name='password']"
0.042
And
I click on "form input[type='submit']"
0.267
Then
the response time should not be longer than 5000 ms
0.000
0.432
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.131
And
the response content is under inspection
0.000
When
I enter "' OR pg_sleep(5) -- ." into a field selected by "input[name='username']"
0.024
And
I enter "' OR pg_sleep(5) -- ." into a field selected by "input[name='password']"
0.028
And
I click on "form input[type='submit']"
0.246
Then
the response time should not be longer than 5000 ms
0.000
0.389
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.111
And
the response content is under inspection
0.000
When
I enter "' OR WAITFOR DELAY '0:0:05' -- ." into a field selected by "input[name='username']"
0.022
And
I enter "' OR WAITFOR DELAY '0:0:05' -- ." into a field selected by "input[name='password']"
0.032
And
I click on "form input[type='submit']"
0.222
Then
the response time should not be longer than 5000 ms
0.000