The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

If you are attacking an application that employs a multi-layered privilege model

Download 5,76 Mb. Pdf ko'rish bet 420/875 Sana 01.01.2022 Hajmi 5,76 Mb. #293004

If you are attacking an application that employs a multi-layered privilege model of this kind, it is likely that many of the most obvious mistakes that are commonly made in applying access controls will be defended against. You may find that circumventing the controls implemented within the application does not get you very far, because of protection in place at other layers. With this in mind, there are still several potential lines of attack available to you. Most importantly, understanding the limitations of each type of control, in terms of the protection that it does not offer, will help to you identify the vulnerabilities that are most likely to affect it: ■ Programmatic checks within the application layer may be susceptible to injection-based attacks. Download 5,76 Mb. Do'stlaringiz bilan baham: