Applications that use authentication need a method for storing credentials. Credentials might be stored for authenticating users to the application or for the application to authenticate to external services. One of the simplest ways to store the credentials is to hard-code them into the application. This approach is not secure, because anyone with access to the application code is able to recover these credentials. Once an attacker has recovered the credentials, they can use them to authenticate with the application or to access the external services.
If the attacker obtains the database access credentials, they might be able to connect to the database and execute arbitrary queries. The privileges granted to the attacker will be based on the access level of the credentials. Typically, the attacker is then able to retrieve, modify, and delete any data in the database, or modify the database structure. Having this level of control over the database usually allows the attacker to take full control of the application. If the attacker is able to leverage additional vulnerabilities, or if the servers are not configured securely, the attacker can also take full control of the application server and the database server.
To prevent this vulnerability, provide a secure admin interface that allows changing credentials and store credentials securely.
Provide a secure administrative interface that allows changing credentials:
Store credentials securely:
To check for adequate protection against this vulnerability, ensure that a secure administrative interface allows changing credentials and that credentials are stored securely.
A secure administrative interface allows changing credentials:
Credentials are stored securely:
Computer Based Training Links
Use the following Computer Based Training course(s) for more background information about this type of vulnerabilities.
Security Tools and Technologies
This course is designed to educate architects and developers on the technologies available to create more secure systems. Topics include common network security technologies, cryptography, antivirus technologies, access control technologies, tokens and smart cards, biometrics, and various authentication methods.
Valid login credentials and enrollment in the course itself are required to access Team Professor content. If you need login credentials, please contact firstname.lastname@example.org for help.