0.112
Scenario
Exploitation of System Software Information In Headers
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The "Server" and "X-Powered-By" headers provide information about technology that
is used on the server side. Disabling them makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response headers are under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login"
0.111
Then
the "Server" response header should not contain numbers
0.000
And
the "X-Powered-By" response header should not contain numbers
0.000
0.059
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.005
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.058
Then
the response should not contain "nginx"
0.000
0.039
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.039
Then
the response should not contain "Apache"
0.000
0.036
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.035
Then
the response should not contain "ASP.NET"
0.000
0.032
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.032
Then
the response should not contain "Django"
0.000
0.078
Scenario Outline
Exploitation of Sensitive Information on Error Pages
The disclosure of software information may be used to provide knowledge about known vulnerabilities of
a particular version. The default error pages can contain information about the server software.
Overriding default error pages makes it more difficult to exploit the server software.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I go to "http://localhost.:8000/accounts/login/shouldbenotfound"
0.078
Then
the response should not contain "HTTP Server"
0.000
0.104
Scenario
Exploitation of System Architecture Information On Error Pages
Usually the server software prints stack traces on error by default. This is a debug feature that should be
disabled when running the software in production. The stack trace may provide information about architecture
and used libraries that can be used by an attacker to exploit known vulnerabilities.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
the response content is under inspection
0.000
When
I use a "POST" HTTP method
0.000
And
I add a "Authentication" header with value "!Unsupported"
0.000
And
I add a "Content-Type" header with value "application/unsupported"
0.000
And
I make a request to "http://localhost.:8000/accounts/login/?error=1283927"
0.103
Then
the response should not contain "Exception"
0.000
And
the response should not contain "Stacktrace"
0.000
And
the response should not contain "Traceback"
0.000
And
the response should not match ".*[a-zA-Z0-9.]+:[0-9]+\).*"
0.000
And
the response should not match "(?i).*line [0-9]+.*"
0.000
And
the response should not match "(?i).*debug.*"
0.000
0.000
Scenario
Confidential Data Eavesdropping
HTTP communication is unencrypted and thus prone to eavesdropping via Man-in-The-Middle Attacks.
HTTPS is recommended for safe exchange of confidential information such as passwords or tokens.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
When
I connect to "http://localhost.:8000/accounts/login"
0.000
Then
the connection should be secure
0.000
java.lang.AssertionError:
Expecting actual:
sun.net.www.protocol.http.HttpURLConnection:http://localhost.:8000/accounts/login
to be an instance of:
javax.net.ssl.HttpsURLConnection
but was instance of:
sun.net.www.protocol.http.HttpURLConnection
at io.github.multicatch.cucumber.audit.ProtocolInspectionStepDefs._init_$lambda$2(ProtocolInspectionStepDefs.kt:22)
at ✽.the connection should be secure(classpath:io/github/multicatch/cucumber/audit/Authentication_Request.feature:14)
0.462
Scenario
Exploitation of Database Management System Information
Unhandled database errors may lead to disclosure about database system version. This may be used to prepare
an attack that uses known system vulnerabilities and characteristics of used DBMS.
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.125
And
the response content is under inspection
0.000
When
I enter "' UNKNOWN SYNTAX; -- ." into a field selected by "input[name='username']"
0.051
And
I enter "' UNKNOWN SYNTAX; -- ." into a field selected by "input[name='password']"
0.024
And
I click on "form input[type='submit']"
0.260
Then
the response should not contain "SQL"
0.000
And
the response should not contain "Exception"
0.000
And
the response should not contain "Stacktrace"
0.000
And
the response should not contain "Traceback"
0.000
And
the response should not match ".*[a-zA-Z0-9.]+:[0-9]+\).*"
0.000
And
the response should not match "(?i).*line [0-9]+.*"
0.000
And
the response should not match "(?i).*debug.*"
0.000
0.415
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.117
And
the response content is under inspection
0.000
When
I enter "' OR sleep(5000) -- ." into a field selected by "input[name='username']"
0.057
And
I enter "' OR sleep(5000) -- ." into a field selected by "input[name='password']"
0.024
And
I click on "form input[type='submit']"
0.214
Then
the response time should not be longer than 5000 ms
0.000
0.452
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.097
And
the response content is under inspection
0.000
When
I enter "' || dbms_pipe.receive_message(('a'), 5) -- ." into a field selected by "input[name='username']"
0.049
And
I enter "' || dbms_pipe.receive_message(('a'), 5) -- ." into a field selected by "input[name='password']"
0.038
And
I click on "form input[type='submit']"
0.266
Then
the response time should not be longer than 5000 ms
0.000
0.394
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.123
And
the response content is under inspection
0.000
When
I enter "' OR pg_sleep(5) -- ." into a field selected by "input[name='username']"
0.028
And
I enter "' OR pg_sleep(5) -- ." into a field selected by "input[name='password']"
0.033
And
I click on "form input[type='submit']"
0.207
Then
the response time should not be longer than 5000 ms
0.000
0.421
Scenario Outline
Stealing Information From Database
If the SQL Queries are creates by simple concatenation, there is a risk that an attacker could inject
a malicious code into said queries. This SQL Injection can be used to obtain
Before
io.github.multicatch.cucumber.audit.NavigationStepDefs.<init>(NavigationStepDefs.kt:14)
0.000
Given
I am on "http://localhost.:8000/accounts/login"
0.130
And
the response content is under inspection
0.000
When
I enter "' OR WAITFOR DELAY '0:0:05' -- ." into a field selected by "input[name='username']"
0.049
And
I enter "' OR WAITFOR DELAY '0:0:05' -- ." into a field selected by "input[name='password']"
0.029
And
I click on "form input[type='submit']"
0.211
Then
the response time should not be longer than 5000 ms
0.000