Broken Authentication | Rick Crouch | Private Investigator

National Contact Number - 081 741-8946

Home

Cybercrime

Overview

Profile Cloning

Cyber Bullying

Sextortion

Business Email Compromise

Romance Scams

Digital Forensics

Cyber Security

Cyber-Crime & South Africa

General

Overview

Missing Persons

Identity Theft

Criminal Defense

Criminal Investigation

Criminal Defence Investigators

Tenant Screening

Insurance

Child Abduction

Tips when hiring a PI

Only Hire a licensed PI

Attorney

Litigation Support

Criminal Defense

Criminal Litigation

Civil Investigations

Trial Preparation

Criminal Investigations & the PI

Business

Overview

Corporate Investigation

Employee Theft

Undercover Investigations

Counterfeit & Piracy

Business Intelligence

Pre-Employment Screening

Business Fraud in SA

About Rick Crouch

About Rick Crouch

Aricles by Rick Crouch

Rick in the News

About Us

Contact Us

Why Us?

Case Request Form

Newsletter

Forms

Notable Cases

Our Clients

Testimonials

Why only hire a registered PI

FAQ

News

Media Releases

Industry News

Navigation

Home

Cybercrime

Overview

Profile Cloning

Cyber Bullying

Sextortion

Business Email Compromise

Romance Scams

Digital Forensics

Cyber Security

Cyber-Crime & South Africa

General

Overview

Missing Persons

Identity Theft

Criminal Defense

Criminal Investigation

Criminal Defence Investigators

Tenant Screening

Insurance

Child Abduction

Tips when hiring a PI

Only Hire a licensed PI

Attorney

Litigation Support

Criminal Defense

Criminal Litigation

Civil Investigations

Trial Preparation

Criminal Investigations & the PI

Business

Overview

Corporate Investigation

Employee Theft

Undercover Investigations

Counterfeit & Piracy

Business Intelligence

Pre-Employment Screening

Business Fraud in SA

About Rick Crouch

About Rick Crouch

Aricles by Rick Crouch

Rick in the News

About Us

Contact Us

Why Us?

Case Request Form

Newsletter

Forms

Notable Cases

Our Clients

Testimonials

Why only hire a registered PI

FAQ

News

Media Releases

Industry News

Broken Authentication
Description

Broken Authentication is an application security risk that can allow malicious actors to compromise keys, passwords, and session tokens, potentially leading to further exploitation of users’ identities and in the worst case, complete control over the system.

In essence, the vulnerability boils down to an attacker being able to bypass the authentication mechanism of the vulnerable application due to poor configuration, logic errors, or bugs in the software.

This class of vulnerability can affect any kind of software that implements access control to pretty much any application, including databases, network infrastructure applications, and web applications.

Authentication vulnerabilities are not a new security topic, and often a malicious actor does not have to be highly technical to bypass poorly implemented identity and access controls… it makes an attacker's job even easier given these controls are often entirely nonexistent! As such, there should be no surprise to learn that it has been categorized as a critical risk affecting web applications on the OWASP Top 10 since 2013.

Impact

A successful attack can result in a malicious attacker gaining complete access to all data in the web application, assuming administrator rights, and compromising the confidentiality, integrity, and availability of the application.

This breach affecting German airline ticket dealer Aerticket was discovered in 2016 but had reportedly been in existence since 2011 (i.e., for five years). Millions of customers’ names, addresses, and credit card numbers were potentially exposed due to an implementation flaw wherein a string of digits, which should have been randomly generated, were not.

Scenarios

There are a variety of different Broken Authentication instances that attackers can leverage depending on the vulnerability within the implementation of the identity or access control. Some methods of exploitation and potential weaknesses include:

Functionalities requiring authentication lack mechanisms or implement insufficient protections.

Broken object-level protection mechanisms allow unauthenticated users to access private resources.

The use of dictionary-based attacks or credential reuse on applications that permit automated attacks.

The application permits the use of weak passwords, such as “password123” or “123456”.

The application doesn’t encrypt or weakly encrypts passwords.