3️⃣3. Injection

https://owasp.org/Top10/A03_2021-Injection/

A03 Injection - OWASP Top 10:2021

Description

An application is vulnerable to attack when:

User-supplied data is not validated, filtered, or sanitized by the application.
Dynamic queries or non-parameterized calls without context-aware escaping are used directly in the interpreter.
Hostile data is used within object-relational mapping (ORM) search parameters to extract additional, sensitive records.
Hostile data is directly used or concatenated. The SQL or command contains the structure and malicious data in dynamic queries, commands, or stored procedures.

Some of the more common injections are SQL, NoSQL, OS command, Object Relational Mapping (ORM), LDAP, and Expression Language (EL) or Object Graph Navigation Library (OGNL) injection. The concept is identical among all interpreters. Source code review is the best method of detecting if applications are vulnerable to injections. Automated testing of all parameters, headers, URL, cookies, JSON, SOAP, and XML data inputs is strongly encouraged. Organizations can include static (SAST), dynamic (DAST), and interactive (IAST) application security testing tools into the CI/CD pipeline to identify introduced injection flaws before production deployment.

THM Lab

Task 10 - Command Injection

10.1 - What strange text file is in the website's root directory?

10.2 - How many non-root/non-service/non-daemon users are there?

10.3 - What user is this app running as?

10.4 - What is the user's shell set as?

10.5 - What version of Alpine Linux is running?

Flag Task 10.5

Previous2. Cryptographic Failures Next4. Insecure Design

Last updated 1 month ago