Chapter 12. Multifaceted Tests

This chapter contributed by Amit Sethi

There are two ways of constructing a software design: one way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult.

C.A.R. Hoare

By now we have shown you many different techniques for testing web applications and their logic. The tests have ranged in difficulty, but we have tried to keep each one focused on a specific part of the web application. We may have targeted input handling, session management, or data encoding, but each test tried to isolate one behavior. In this chapter, we try to put more than one technique together to simulate sophisticated attacks. We still try to be specific and pinpoint faulty logic in the application, but we’re using several techniques at the same time. The recipes in this chapter borrow heavily from prior chapters and assume that you’ve understood and executed the prerequisite recipes before you try these.

12.1. Stealing Cookies Using XSS

Problem

Several recipes in this book discuss how to search for XSS issues. However, XSS may seem like a mysterious attack when given the standard detection mechanism of inserting an alert box into a web page. When you find XSS in an application, you may be called upon to demonstrate why it is really a problem. After all, simply showing that you can type <script>alert("XSS!")</script> into a search box and have ...

Get Web Security Testing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.