Authentication Hacking: Is Your Site Vulnerable?
Posted on Thursday, Nov 26, 2009 in "Security Issues"
Authentication plays an important part in securing a website and its applications. It works by authenticating and verifying a user’s identity and then either denying or providing them with specific privileges to a system based on the username and password they enter against the established credentials. Though it adds an extra layer of protection, authentication is quite vulnerable to exploitation. In most cases, this type of attack does not originate from a security hole in the web server or operating system software. It actually targets weak passwords and vulnerable areas of the network itself.
By successfully hacking the authentication session, an attacker can log into the system as a known and valid user, which provides them with whatever privileges the victimized user has been assigned by the administrator. This means that the intruder could only have access to certain information, or global access across the entire system, the latter of which could possibly give them control of the application or website itself. At this point, the attacker can stir up a lot of trouble.
Tools of the Trade
Most attackers attempt to gain access via the application’s login screen that requests a username and password to enter the system. This calls for them to match the correct login credentials that application recognizes as valid and hopefully has the highest level of privileges in the system. While this is not the most sophisticated attack, password cracking can prove to be one of the most effective methods a hacker uses to cripple an authentication scheme. This common technique can be executed manually or automatically with special software, which makes guessing the password much easier.
If the attacker has no success at password guessing, their next step usually involves automated tools such as Brutus and WebCracker, which unfortunately, are widely available on the web. These custom applications are designed to defeat authentication and penetrate the target system using a list of predefined usernames and passwords. However, they are best known for employing dictionary attacks and brute force. Hence the name, a dictionary attack utilizes a pre-formulated list of common words in a dictionary to compromise web applications, trying thousands of combinations to determine the correct username and password. Brute force is a technique used to break a cryptographic scheme by consistently trying a large number and sometimes all, possible keys to decrypt an encrypted password. Both have proven to be very effective at guessing weak passwords and bypassing authentication.
Prevention and Protection
Stopping an authentication attack can be very difficult. Especially when factoring in all the sophisticated hacking techniques and tools on the black market. Fortunately, there is a way to test the strength and overall effectiveness of your authentication methods. One of the most reliable is authentication testing, a feature commonly found in web vulnerability scanners. These applications are generally easy to use and configure for automatically testing all the applications within your site that require authentication. Furthermore, most also scan for other common exploits such as SQL injection, cross site scripting and cross site forgery.
