0.194
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.193
0.210
Scenario
Application Impersonation
The server certificate assures that the server is not an impersonated agent trying to deceive the user.
An attacker could use this vulnerability to steal sensitive data from the user or make them transfer money.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.002
When
I connect to "http://localhost.:8000/accounts/login"
0.000
Then
the connection should be secure
0.210
java.lang.AssertionError:
Expecting actual:
sun.net.www.protocol.http.HttpURLConnection:http://localhost.:8000/accounts/login
to be an instance of:
javax.net.ssl.HttpsURLConnection
but was instance of:
sun.net.www.protocol.http.HttpURLConnection
at io.github.multicatch.cucumber.audit.ProtocolInspectionStepDefs._init_$lambda$2(ProtocolInspectionStepDefs.kt:22)
at ✽.the connection should be secure(classpath:io/github/multicatch/cucumber/audit/Authentication_Page.feature:14)
0.006
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.006
0.984
Scenario
Session Hijacking Through XSS
During an XSS attack, the session cookie could be stolen if it's accessible through JavaScript.
The attacker then could gain access to the user session and use their account to authorize in other applications.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response headers are under inspection
0.406
And
cookies are cleared
0.010
When
I go to "http://localhost.:8000/accounts/login"
0.524
Then
the "Set-Cookie" response header should contain "HttpOnly"
0.044
java.lang.AssertionError:
Expecting any elements of:
[]
to match given predicate but none did.
at java.base/java.util.Optional.orElseThrow(Optional.java:403)
at io.github.multicatch.cucumber.audit.ResponseInspectionStepDefs._init_$lambda$6(ResponseInspectionStepDefs.kt:35)
at ✽.the "Set-Cookie" response header should contain "HttpOnly"(classpath:io/github/multicatch/cucumber/audit/Authentication_Page.feature:24)
0.009
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.009
0.112
Scenario
Exploitation of System Software Information In Headers
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The "Server" and "X-Powered-By" headers provide information about technology that
is used on the server side. Disabling them makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response headers are under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login"
0.111
Then
the "Server" response header should not contain numbers
0.000
And
the "X-Powered-By" response header should not contain numbers
0.000
0.008
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.008
0.059
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.005
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.058
Then
the response should not contain "nginx"
0.000
0.016
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.016
0.039
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.039
Then
the response should not contain "Apache"
0.000
0.016
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.016
0.036
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.035
Then
the response should not contain "ASP.NET"
0.000
0.020
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.020
0.032
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.032
Then
the response should not contain "Django"
0.000
0.019
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.019
0.078
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.078
Then
the response should not contain "HTTP Server"
0.000
0.010
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.010
0.104
Scenario
Exploitation of System Architecture Information On Error Pages
Usually the server software prints stack traces on error by default. This is a debug feature that should be
disabled when running the software in production. The stack trace may provide information about architecture
and used libraries that can be used by an attacker to exploit known vulnerabilities.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I use a "POST" HTTP method
0.000
And
I add a "Authentication" header with value "!Unsupported"
0.000
And
I add a "Content-Type" header with value "application/unsupported"
0.000
And
I make a request to "http://localhost.:8000/accounts/login/?error=1283927"
0.103
Then
the response should not contain "Exception"
0.000
And
the response should not contain "Stacktrace"
0.000
And
the response should not contain "Traceback"
0.000
And
the response should not match ".*[a-zA-Z0-9.]+:[0-9]+\).*"
0.000
And
the response should not match "(?i).*line [0-9]+.*"
0.000
And
the response should not match "(?i).*debug.*"
0.000
0.010
Background
Given
only whitelisted traffic is allowed
0.000
And
traffic matching "https?://localhost.:8000.*" is allowed
0.000
And
app running on "http://localhost.:8000/consumer/" has already started in less than 30 s
0.010
0.000
Scenario
User Deception with Modified Responses
If the communication is unencrypted, there is a risk that an attacker could use a Man-in-The-Middle attack
to modify responses. They may use a modified page to make user think they authorize a different application.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
When
I connect to "http://localhost.:8000/accounts/login"
0.000
Then
the connection should be secure
0.000
java.lang.AssertionError:
Expecting actual:
sun.net.www.protocol.http.HttpURLConnection:http://localhost.:8000/accounts/login
to be an instance of:
javax.net.ssl.HttpsURLConnection
but was instance of:
sun.net.www.protocol.http.HttpURLConnection
at io.github.multicatch.cucumber.audit.ProtocolInspectionStepDefs._init_$lambda$2(ProtocolInspectionStepDefs.kt:22)
at ✽.the connection should be secure(classpath:io/github/multicatch/cucumber/audit/Authentication_Page.feature:79)