Modular Blackbox SQL Injection Vulnerability Web Scanning
Publicerad
Författare
Typ
Examensarbete för masterexamen
Program
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
The use of web applications has increased heavily the last couple of decades. In
line with this, an increasing amount of sensitive data is stored on web servers.
Furthermore, SQL injections are one of the most common web application security
risks. It can have devastating consequences, as it can cause confidential data to be
read, modified and deleted. It could even allow an attacker to gain administrative
privileges on the server database and compromise individual machines or entire
networks.
A popular approach to finding web vulnerabilities is using autonomous web vul nerability scanners. In order for a scanner to be successful, it needs to be good at
both crawling the web and detecting vulnerabilities when presented with possible
attack vectors. For the most part, these two components are integrated to some
degree. Our hypothesis is that web vulnerability scanners would benefit from using
a modular approach instead. By allowing for easy exchange of crawler and detection
module used in a scanner, the scanner could be optimised for specific tasks, whether
that be finding SQL injections or other vulnerabilities. It could also be adapted to
various types of web applications as different crawlers specialize on different areas.
To test the hypothesis, we have developed a modular design that can be used
to combine crawlers and detection modules. We have also implemented a scanner
using the modular design as a proof of concept. The results show that the modular
approach benefits from the advantages of both crawler and detection module used
and it outperforms state-of-the-art web vulnerability scanners in both code coverage
and vulnerabilities found. Moreover, the modular scanner was the only scanner that
was able to find three previously unknown vulnerabilities in the web application
WSPortal.
Beskrivning
Ämne/nyckelord
Computer science, engineering, master thesis, SQL injection, web scanning, web vulnerabilities, modular, modularity