Any useful application needs to be managed and administered, and this facility often forms a key part of the application’s security mechanisms, providing a way for administrators to manage user accounts and roles, access monitoring and audit functions, perform diagnostic tasks, and configure aspects of the application’s functionality.
In many applications, administrative functions are implemented within the application itself, accessible through the same web interface as its core non security functionality, as shown in Figure -1. Where this is the case, the administrative mechanism represents a critical part of the application’s attack surface. Its primary attraction for an attacker is as a vehicle for privilege escalation, for example:
■ Weaknesses in the authentication mechanism may enable an attacker to gain administrative access, effectively compromising the entire application.
■ Many applications do not implement effective access control of some of their administrative functions. An attacker may find a means of creating a new user account with powerful privileges.
■ Administrative functionality often involves displaying data that originated from ordinary users. Any cross-site scripting flaws within the administrative interface can lead to compromise of a user session that is guaranteed to have powerful privileges.
■ Administrative functionality is often subjected to less rigorous security testing, because its users are deemed to be trusted, or because penetration testers are given access to only low-privileged accounts. Further, it often has a need to perform inherently dangerous operations, involving access to files on disk or operating system commands. If an attacker can compromise the administrative function, they can often leverage it to take control of the entire server.
Figure -2: An administrative interface within a web application.
next article is ..Web Application Technologies……..